I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.
6bda9aff7daa468cbf6ddf141c670140de4d1db145329645a90c22c1e5c7bc01Ubuntu Security Notice 6723-1 - Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered that Bind incorrectly handled validating DNSSEC messages. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. It was discovered that Bind incorrectly handled preparing an NSEC3 closest encloser proof. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service.
6e047bb3283e58c0f8d840f22e9c0053696975f6a4992368ea7aec56ce6a4cc7Red Hat Security Advisory 2024-1706-03 - An update for Red Hat Build of Apache Camel 4.0 for Quarkus 3.2 is now available. Red Hat Product Security has rated this update as having a security impact of Important. The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products. Issues addressed include denial of service and memory leak vulnerabilities.
16469c2badc4f0cd858661226922435b35e0d3cf48d81c5d93b9800f2f8855f4Red Hat Security Advisory 2024-1700-03 - An update is now available for Red Hat OpenShift GitOps v1.10.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section. Issues addressed include bypass and denial of service vulnerabilities.
d560bde6cc2d169dc796cdc566c2fd91080752bdc5278385de85157a4ab0cf26Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.
96491008a9e1ad7e69bc2be9e30cea2014e7ec82fcaa4c2a1a86a984844d920eBotan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. This is the current 3.x.x release.
71843afcc0a2c585f8f33fa304f0b58ae4b9c5d8306f894667b3746044277557Red Hat Security Advisory 2024-1697-03 - An update is now available for Red Hat OpenShift GitOps v1.11.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section. Issues addressed include bypass and denial of service vulnerabilities.
5166d3ef9f8b3b9a5c2bb9c8856f3171de214e9ca1fa5503277a975f821bde79Flightio.com suffers from a remote SQL injection vulnerability. The researchers reporting this claimed the site has not responded to their reports so we are posting this to add visibility to the issue.
287e946136487edac1a8bcbedb409990ac26461ab1f6840438934159773b37daWordPress Travelscape theme version 1.0.3 suffers from an arbitrary file upload vulnerability.
8c7f57a620a7f2e630146822105069ce7c8d705a9661a1a56006b6c19ee5ae88Daily Expense Manager version 1.0 suffers from a remote SQL injection vulnerability.
3036d5c35514225ac7efd5fae884b642a5c6e16478440cce60456af20f3c8957Open Source Medicine Ordering System version 1.0 suffers from a remote SQL Injection vulnerability.
ddcd59d819ea5c59b6d5493517cad43c4bfefe50707cf9b222d8705aea3e670bZenML allows for remote privilege escalation because the /api/v1/users/{user_name_or_id}/activate REST API endpoint allows access on the basis of a valid username along with a new password in the request body. This is the proof of concept exploit. All ZenML versions below 0.46.7 are vulnerable, with the exception being patched versions 0.44.4, 0.43.1, and 0.42.2.
3c2c8e3882d5e4c0257dbb5b27f3d5dfe82d1a0ce0a5f485af9c54a883d48594Invision Community versions 4.7.16 and below suffer from a remote code execution vulnerability in toolbar.php.
79e57c6d95c397c23ce4c4203e72406e2900a93befed691fbc0ae540ed7a9cf4Invision Community versions 4.4.0 through 4.7.15 suffer from a remote SQL injection vulnerability in store.php.
f3e99d07ab1ab0d469a1a39ceb456ac6dc86fdcbd9071ad8690ce38ecca5a7ffOpen eShop version 2.7.0 suffers from a cross site scripting vulnerability.
ffc1ccc2b126ca15fb375709398eeafd3eb66b2b5e4657e3a0744439ad777b8cHTMLy version 2.9.6 suffers from a persistent cross site scripting vulnerability.
7c364eb28a81f6893bdac09aa21445e515fda3d2ede1335da9224b08d6224934UP-RESULT version 0.1 2024 suffers from a remote SQL injection vulnerability.
4add65ea93ae55c77a16552103ce0483201e157f530ea8a0e1e38f32c5d69671Trojan.Win32.Razy.abc malware suffers from an insecure permissions vulnerability.
f42f962b787317ec42e0f8896a6024f38f8e96776bcebf7c0600a7ee39d21c1fAnyDesk version 7.0.15 suffers from an unquoted service path vulnerability.
1235bdf38715b85c279dda71fade5447c43a019867ab310c382db75e713ca4e1Red Hat Security Advisory 2024-1692-03 - An update for less is now available for Red Hat Enterprise Linux 9.
7c213050aef164476477c5fa3ad870203fc8c6d5d544e17298a54fe5093edbcfRed Hat Security Advisory 2024-1691-03 - An update for varnish is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.
b730e9975f8aa0dcc58b220fdd9cb714578932b95a2a94d93fed1c1fca538e89Red Hat Security Advisory 2024-1690-03 - An update for varnish is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.
1b7455404c89f46a3de2f63da600692f1745a89d728b55a1abd02f8d463990b1Red Hat Security Advisory 2024-1689-03 - An update for rh-varnish6-varnish is now available for Red Hat Software Collections. Issues addressed include a denial of service vulnerability.
744bb57884c49db1585fc95caae11a3e82f78a82bfd90ea77f3032f7f3536667Red Hat Security Advisory 2024-1688-03 - An update for the nodejs:20 module is now available for Red Hat Enterprise Linux 9. Issues addressed include bypass, denial of service, privilege escalation, and traversal vulnerabilities.
8a47da6a410f995e9176b64c70ea20b1b3e25888a506a6431ffb8f734d19e048Red Hat Security Advisory 2024-1687-03 - An update for the nodejs:20 module is now available for Red Hat Enterprise Linux 8. Issues addressed include bypass, denial of service, privilege escalation, and traversal vulnerabilities.
ab60643fe0b19c35b45886b3810dc24cebc8401da8f057a3905ed8abd2f5d4cf
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed