Ubuntu Security Notice 6046-1 - It was discovered that OpenSSL-ibmca incorrectly handled certain RSA decryption. An attacker could possibly use this issue to expose sensitive information.
f55ef344d71e201b21b4698faa8ff63c7482b03308bea4929cbee56a381a5abe
ebankIT versions prior to 7 suffer from a denial of service vulnerability.
667e017380dd636cee2eeb00041c4e65ca7a482014707822dbdd9e8236100248
ebankIT versions prior to 7 suffer from a cross site scripting vulnerability.
7931b012672b6d0e59c41ad92350890e7e94c1bf444f21f043305ff4aff364fc
Ubuntu Security Notice 6047-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed.
f5b7c5b414f755f1f1f5aae7b7546519a2ca4d620e65027346a58475baec50ad
Aigital Wireless-N Repeater version Mini_Router.0.131229 suffers from a remote command execution vulnerability.
97edc222e7315d869c1e02817b6e6c4b4c30b0606e2e14225d9e8d4f74decd73
CreativeItem Academy Learning Management System version 5.14 suffers from a cross site scripting vulnerability.
8dafc026f42d8948de2c7702a63a398acd3ac8d639a74c8228f8c2ee335a2849
Piwigo version 13.5.0 suffers from a remote SQL injection vulnerability.
b4b2bf2bd02e5e6e2f24ce835e44e52d016f467252a6d79a30e013c6f3028a74
Ubuntu Security Notice 6042-1 - James Glovich discovered that sensitive data could be exposed in logs. An attacker could use this information to find hashed passwords and possibly escalate their privilege.
617d1ac1b19fae7f9e0c8079303d7e381d45f976c17e03a8bd1a7961741ef951
Aigital Wireless-N Repeater version Mini_Router.0.131229 suffers from a persistent cross site scripting vulnerability.
94281fa05de5a472379714c6ea982eb1b2cb7c33282f68eb7f5c8014b7e5b07d
Ubuntu Security Notice 6045-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. Gwnaun Jung discovered that the SFB packet scheduling implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
7f4964a8bbfe00a994ffc5a23ff5b019eb9dba86de5a26b1c7231f029cb97ab6
Red Hat Security Advisory 2023-2041-01 - Migration Toolkit for Applications 6.1.0 Images. Issues addressed include denial of service, privilege escalation, server-side request forgery, and traversal vulnerabilities.
cdceaf94ffb5f08d7907643b99fcb01c885eb8b1a5f5162002e04ee9e67c6574
Ubuntu Security Notice 6044-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. It was discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
5b839e06eac533ee8f931c1c5769d4b8cd6ee8129c976f2954f2bcb6042ef741
MilleGPG5 version 5.9.2 suffers from a local privilege escalation vulnerability due to incorrect access controls.
170b10b19175444a0ac5f5835ca8fe2bafd6554d1e4df279781d00be46f34722
Ubuntu Security Notice 6017-2 - USN-6017-1 fixed vulnerabilities in Ghostscript. This update provides the corresponding updates for Ubuntu 23.04. Hadrien Perrineau discovered that Ghostscript incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code.
5fdcd4372554a29fabe2932c2cce62f872a1a9eed160f0089423240348d4714a
Red Hat Security Advisory 2023-1948-01 - OpenStack Compute is open source software designed to provision and manage large networks of virtual machines,creating a redundant and scalable cloud computing platform. It gives you the software, control panels, and APIs required to orchestrate a cloud, including running instances, managing networks, and controlling access through users and projects.OpenStack Compute strives to be both hardware and hypervisor agnostic, currently supporting a variety of standard hardware configurations and seven major hypervisors.
d94357e5291e25d9b7e2059617f575657ad2c5b0eced88aec72ff581030b93d4
This whitepaper illustrates different machine learning techniques for anomaly detection relating to bank transactions.
7c0d7aa12a9030c384da45dec3261c2fd038115e1291526f413603a7bf272956
Ubuntu Security Notice 6043-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for thisCVE, kernel support for the TCINDEX classifier has been removed. It was discovered that the OverlayFS implementation in the Linux kernel did not properly handle copy up operation in some conditions. A local attacker could possibly use this to gain elevated privileges.
ec0a1a5229c94426fcf24b22b769c5c1af54a44019b5d5ea9430e2216b19db8f
MIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. Includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible configuration file. It can also bounce messages with unacceptable attachments. MIMEDefang works with the Sendmail 8.11 and newer "Milter" API, which makes it more flexible and efficient than procmail-based approaches.
6cf72c5f0b4875d9b3fa9dfc1e7d6a36e88448c6d3de3ba2d2d2880ba29e0d7d
ChurchCRM versions 4.5.3 and below suffer from a remote SQL injection vulnerability.
b7e8e8d02c14367cc11b87ca55d24411a5f5c671111953263d92dee6b75436f6
Ubuntu Security Notice 6010-3 - USN-6010-1 fixed vulnerabilities and USN-6010-2 fixed minor regressions in Firefox. The update introduced several minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Irvan Kurniawan discovered that Firefox did not properly manage fullscreen notifications using a combination of window.open, fullscreen requests, window.name assignments, and setInterval calls. An attacker could potentially exploit this issue to perform spoofing attacks. Lukas Bernhard discovered that Firefox did not properly manage memory when doing Garbage Collector compaction. An attacker could potentially exploits this issue to cause a denial of service. Zx from qriousec discovered that Firefox did not properly validate the address to free a pointer provided to the memory manager. An attacker could potentially exploits this issue to cause a denial of service. Alexis aka zoracon discovered that Firefox did not properly validate the URI received by the WebExtension during a load request. An attacker could potentially exploits this to obtain sensitive information. Trung Pham discovered that Firefox did not properly validate the filename directive in the Content-Disposition header. An attacker could possibly exploit this to perform reflected file download attacks potentially tricking users to install malware. Ameen Basha M K discovered that Firefox did not properly validate downloads of files ending in .desktop. An attacker could potentially exploits this issue to execute arbitrary code.
28a0d5910e512b4af6cca1c5d9dce55d15bf50d2e6d7a0ad119fdafd23d0ddad
Red Hat Security Advisory 2023-2023-01 - Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform.
c6904d9c5fef64669837a2ad40e8be5c2049a68a8cf769b21ca87ac743de8433
Ubuntu Security Notice 6039-1 - It was discovered that OpenSSL was not properly managing file locks when processing policy constraints. If a user or automated system were tricked into processing a certificate chain with specially crafted policy constraints, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10. David Benjamin discovered that OpenSSL was not properly performing the verification of X.509 certificate chains that include policy constraints, which could lead to excessive resource consumption. If a user or automated system were tricked into processing a specially crafted X.509 certificate chain that includes policy constraints, a remote attacker could possibly use this issue to cause a denial of service.
eadba9a6b350964348dfb8cdb88af943d8fef03500b5392c3de74160dd5725ad
qdPM version 9.1 suffers from a cross site scripting vulnerability. Original discovery of cross site scripting in this version is attributed to Mehmet Emiroglu in 2019.
762c3a099f8808825acab911075c4599d14e0932cf84e755a9b0be0b475e2ba4
Red Hat Security Advisory 2023-1953-01 - Red Hat OpenShift Logging Subsystem 5.6.5 update. Issues addressed include cross site scripting and denial of service vulnerabilities.
1ff111b4a85069401a7dff1ebf454e3f070b0c09625b392292621a537d201e03
Red Hat Security Advisory 2023-1866-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.58. Issues addressed include a cross site scripting vulnerability.
60147a8fdf6c53e7eda20f3e0a6a5e994efa58cd13406e903a89573ee69fa740