PHPJabbers Car Rental Script version 3.0 suffers from a remote SQL injection vulnerability.
da611ec0ad9f60f8789a0b37c087ba77ab18171db28eb201e5d8c4312ef65403Ubuntu Security Notice 5829-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
aad823e9a2aa345a90ba89b0bbadac4b45a7aad04940b487e28febdc9f15b3ffUbuntu Security Notice 5828-1 - It was discovered that Kerberos incorrectly handled certain S4U2Self requests. An attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. Greg Hudson discovered that Kerberos PAC implementation incorrectly handled certain parsing operations. A remote attacker could use this issue to cause a denial of service, or possibly execute arbitrary code.
172f865df6482a98eeb5142645b6b3d004e0fcbb18be188deb32de7ee6994283Ubuntu Security Notice 5827-1 - Rob Schulhof discovered that Bind incorrectly handled a large number of UPDATE messages. A remote attacker could possibly use this issue to cause Bind to consume resources, resulting in a denial of service. Borja Marcos discovered that Bind incorrectly handled certain RRSIG queries. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10.
4a6c45a34899a51b8553be1c11bf1f2681e171dfab7a353c92f318d006c4067aInout Jobs Portal version 2.2.2 suffers from a remote SQL injection vulnerability.
9f8b4b7af85a0ac5ff2162e8db5b902d70686fae9043406cbad209c183367ccfInout Music version 5.1.1 suffers from a remote SQL injection vulnerability.
77e27e4a02fc7a2e3b12e40b81fb4fcccd78c51d27a51a95afd57db9e134c114Red Hat Security Advisory 2023-0403-01 - The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources.
4a09e1e90ae83f8ba4bfbd86778b90c2e70d1787cfd581cc06e56aa908ce894dRed Hat Security Advisory 2023-0442-01 - The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources.
6b5f0dc904ad772e939989165cca70731df3124472d0c063bf7645ece3baf6f8This Metasploit module exploits an unauthenticated command injection vulnerability in Cacti versions through 1.2.22 in order to achieve unauthenticated remote code execution as the www-data user.
e63c1aedc4dd728df608137b19687c9e69ec0ae051a555280b58f4cc45f05eb6Inout Homestay version 2.0 suffers from a remote SQL injection vulnerability.
ddd17c54c1ad77326efd7f4df4ae548147ee2c630ceb187f992d756190a45d19Ubuntu Security Notice 5822-1 - It was discovered that Samba incorrectly handled the bad password count logic. A remote attacker could possibly use this issue to bypass bad passwords lockouts. This issue was only addressed in Ubuntu 22.10. Evgeny Legerov discovered that Samba incorrectly handled buffers in certain GSSAPI routines of Heimdal. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service.
7e28dc77ffbc9a0bdb6d12d1db8027cea88238b892667a9f4f8b17fd154d8b4fRed Hat Security Advisory 2023-0397-01 - The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources.
5672c5f40991a6e1e1d884a4eef30b5b18e8f5a938cd4b5d049462a1d6a5c130Red Hat Security Advisory 2023-0318-01 - PostgreSQL is an advanced object-relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs to access a PostgreSQL database. Issues addressed include a remote SQL injection vulnerability.
22201fd8d9418dc89e4bec16f336c3b0d0b87e9c1e1960d290e6060c48728e31Ubuntu Security Notice 5819-1 - It was discovered that HAProxy incorrectly handled certain messages. A remote attacker could possibly use this issue to cause HAProxy to stop responding, resulting in a denial of service.
e2bf436b60c508d262ad69a2706052e2eadcc7a75787b15644d15128b332346dInout RealEstate version 2.1.3 suffers from a remote SQL injection vulnerability.
ffa3447c61c56fe4c310a17f891e52d6098984d03dfc9fd65cd0e880839be912Food Ordering System version 2 suffers from a remote shell upload vulnerability.
761ebf82d1e3d77cbb9e3df3aaa127409e8b8765f9bcd58a38d94c86c83af0cfTor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs). This is the source code release.
2079172cce034556f110048e26083ce9bea751f3154b0ad2809751815b11ea9dUbuntu Security Notice 5815-1 - It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. David Leadbeater discovered that the netfilter IRC protocol tracking implementation in the Linux Kernel incorrectly handled certain message payloads in some situations. A remote attacker could possibly use this to cause a denial of service or bypass firewall filtering.
7f3d477e507b66b0daafcca7953d74f1ea4a8753942924b204034c093c0c71b0OpenText Extended ECM versions 20.4 through 22.3 suffer from a pre-authentication remote code execution vulnerability in the Java frontend.
ad8f453cd751c022df784c9e9c33db871bf0c440c9a9a2e6748362e1819da22fOpenText Extended ECM versions 20.4 through 22.3 suffer from a pre-authentication remote code execution vulnerability in cs.exe.
50f0340c5a76c1d966d4d63c4061ffc3b0d41a93f59f92d9147c6a16891a76a1Ubuntu Security Notice 5813-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
c8585d9310f20472858a349154e922f465a23afb78b9d227cd2a5767b334c7eeInout Multi-Vendor Shopping Cart version 3.2.3 suffers from a remote SQL injection vulnerability.
646ff0c209b89e0caeb15b3143ed22822e7ab1beeabcc81a6a94b5c6b115102aUbuntu Security Notice 5812-1 - It was discovered that urllib3 incorrectly handled certain characters in URLs. A remote attacker could possibly use this issue to cause urllib3 to consume resources, leading to a denial of service.
96678a2b7c716e36fc6c1e5b770de64662a5334ab9bf447b923f25cf5ed77932Ubuntu Security Notice 5807-1 - Martin Ettl discovered that libXpm incorrectly handled certain XPM files. If a user or automated system were tricked into opening a specially crafted XPM file, a remote attacker could possibly use this issue to cause libXpm to stop responding, resulting in a denial of service. Marco Ivaldi discovered that libXpm incorrectly handled certain XPM files. If a user or automated system were tricked into opening a specially crafted XPM file, a remote attacker could possibly use this issue to cause libXpm to stop responding, resulting in a denial of service.
e1de9f68822448486e9a30c411c9bff69ec6ebfad7e02d2b2d311e75c7cca79fActive eCommerce CMS version 6.5.0 suffers from a remote SQL injection vulnerability.
d1421c49b328701bfbbbdc84dce8000aead05dec7f3fed0c3fc36ffba59c90bf
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed