On Windows, the buffer for redirected logon context does not protect against spoofing resulting in arbitrary code execution in the LSA leading to local elevation of privilege.
e5fb08a6edcf0b1b0510543eebe8a2074c96f610873eefbc81fd441dc6b36c39
Ubuntu Security Notice 5475-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, spoof the browser UI, conduct cross-site scripting attacks, bypass content security policy restrictions, or execute arbitrary code.
bca38467c0fb77530533f649645a7dd5ce5d57ec086d37e4da86b8a23323098f
Red Hat Security Advisory 2022-4671-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include a spoofing vulnerability.
1a7182c8803733e24a2f52a38dc6173bf272d5ad45772e1226fe7c4a018efefe
Red Hat Security Advisory 2022-4690-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include a spoofing vulnerability.
3bfe6b3b087ca42a19201811078371538ab2936796ff2422443605c3aef038d7
Red Hat Security Advisory 2022-4692-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include a spoofing vulnerability.
ecf97b114c811de8b773415e31f85d2dbbd762da9a08556fc7bc868b0c83a9a5
Red Hat Security Advisory 2022-4691-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include a spoofing vulnerability.
6fe762e2616c6dacdada61a5ff131f5097db13088eef51a3811f2266f29dfb07
Ubuntu Security Notice 5411-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, bypass permission prompts, obtain sensitive information, bypass security restrictions, or execute arbitrary code.
000f629967ca92f7e1c38fe716cc7f512431d6be87f751d10c253c7ae9867eb9
Ubuntu Security Notice 5402-1 - Elison Niven discovered that OpenSSL incorrectly handled the c_rehash script. A local attacker could possibly use this issue to execute arbitrary commands when c_rehash is run. Raul Metsma discovered that OpenSSL incorrectly verified certain response signing certificates. A remote attacker could possibly use this issue to spoof certain response signing certificates. This issue only affected Ubuntu 22.04 LTS.
9f908328ff337686f5d5cffc66667d81dbd3b4ce35629e2bd3050e7444f1fd8b
Ubuntu Security Notice 5393-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, conduct spoofing attacks, or execute arbitrary code. It was discovered that Thunderbird ignored OpenPGP revocation when importing a revoked key in some circumstances. An attacker could potentially exploit this by tricking the user into trusting the authenticity of a message or tricking them into use a revoked key to send an encrypted message.
dfe0d7843af6c686d2aef7aa4091bcfac518f6bb06c09227a82b7e7c49217bbf
Ubuntu Security Notice 5370-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, execute script unexpectedly, obtain sensitive information, conduct spoofing attacks, or execute arbitrary code. A security issue was discovered with the sourceMapURL feature of devtools. An attacker could potentially exploit this to include local files that should have been inaccessible.
8aee0edbf8cdf371f11c1fa4ab225892863de31ed0f41cef4175d2f0218fdc30
Ubuntu Security Notice 5321-3 - USN-5321-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, bypass security restrictions, obtain sensitive information, or execute arbitrary code. A TOCTOU bug was discovered when verifying addon signatures during install. A local attacker could potentially exploit this to trick a user into installing an addon with an invalid signature.
3d7bc90a79a0814602089234f5c04c4d39f5707208f69d54d7ec8df656aa52b2
RTLO injection URI spoofing generator for WhatsApp, iMessage, Instagram, and Facebook Messenger.
8add20e505d85dfcd1125eb892d0726f12751ed7cff691329973ac7c8d3c4a25
Ubuntu Security Notice 5345-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass security restrictions, obtain sensitive information, cause undefined behaviour, spoof the browser UI, or execute arbitrary code. It was discovered that extensions of a particular type could auto-update themselves and bypass the prompt that requests permissions. If a user were tricked into installing a specially crafted extension, an attacker could potentially exploit this to bypass security restrictions.
158e67eea2f1566d437c34e7e51105fbd18e6d48a7076eb1db7f2932c00300c5
Apple Security Advisory 2022-03-14-2 - watchOS 8.5 addresses buffer overflow, bypass, code execution, denial of service, null pointer, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities.
57f50271cc9223aeca9436ea0025dcd1dceafa1ec5f21df823af449a2865e66c
Ubuntu Security Notice 5321-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, bypass security restrictions, obtain sensitive information, or execute arbitrary code. A TOCTOU bug was discovered when verifying addon signatures during install. A local attacker could potentially exploit this to trick a user into installing an addon with an invalid signature.
e7217b5c453bc51005a77269f4aea90fa1b4d4491b2d065628dcf2a653d6f70e
UFONet abuses OSI Layer 7-HTTP to create/manage 'zombies' and to conduct different attacks using GET/POST, multi-threading, proxies, origin spoofing methods, cache evasion techniques, etc.
4d832c6c90e63867d2ed67773e1e473adf4b36bc86918c68af2360c1e8afac7d
Red Hat Security Advisory 2022-0708-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include code execution, denial of service, and spoofing vulnerabilities.
f83547ba4736bf0787d355efe1d9f8bfeb8c4feba15c83208f06fc61783cd7d3
Red Hat Security Advisory 2022-0582-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP request smuggling, HTTP response splitting, code execution, denial of service, information leakage, and spoofing vulnerabilities.
28f434c8a7e0c5a9a457c78e1d0a72539ecb56d9a3673853dd0aa3595f619eda
Red Hat Security Advisory 2022-0581-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP request smuggling, HTTP response splitting, code execution, denial of service, information leakage, and spoofing vulnerabilities.
8bd21cf01e10e7a947db8efca057a501595b8383a816b9f497a90e17a13ebc45
Red Hat Security Advisory 2022-0544-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include code execution, denial of service, and spoofing vulnerabilities.
ceb41e93f7a4f1064aec7c5b8bc73d5be2c606f6aff3d1f38923815c8a60f0aa
Red Hat Security Advisory 2022-0543-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include code execution, denial of service, and spoofing vulnerabilities.
dfdba266365e044f1046b80b1a63a79d7490623a6a4906cec8a75fe7353d9087
Ubuntu Security Notice 5248-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, trick a user into accepting unwanted permissions, conduct header splitting attacks, conduct spoofing attacks, bypass security restrictions, confuse the user, or execute arbitrary code.
ee94116ff4e4b3081cc98a796565452f32b9979d45115195dba7be2d4510ee9a
Ubuntu Security Notice 5246-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, conduct spoofing attacks, bypass security restrictions, or execute arbitrary code.
bb2e4c8ab0377f822fe6dea499ddee9a3c91b266aa305adc3d5390e4e6812690
Ubuntu Security Notice 5229-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, bypass security restrictions, obtain sensitive information across domains, or execute arbitrary code.
38b8f876573318f91fabc911cbd027f8b7a4297bbedd540823dbb6f581a364fc
Red Hat Security Advisory 2022-0124-04 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.5.0 ESR. Issues addressed include buffer overflow, bypass, spoofing, and use-after-free vulnerabilities.
4fc2ee9b8efa90a3da52ee95cc7f2493d45c7daa885d6f1bd9936371b4a5b0ee