Gentoo Linux Security Advisory 202310-12 - Multiple vulnerabilities have been discovered in curl, the worst of which could result in arbitrary code execution. Versions greater than or equal to 8.3.0-r2 are affected.
3d74f33aacaddb6a8bc503eb43a420da64cb7375f9303e7a1b65cded7a8b82f6Debian Linux Security Advisory 5523-1 - Two security issues were found in Curl, an easy-to-use client-side URL transfer library and command line tool.
6f8cac21edc730d0834c13186c9df39c586cd8ff7546f9e0e8f727ca7b9552ecIt was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. It was discovered that the virtual terminal driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). Various other issues were also addressed.
cee33fcedd3c531f91ff1d0a8fe1060cf9d74dad35ef33c6828c5de7d753e527Smart School version 6.4.1 suffers from multiple remote SQL injection vulnerabilities.
a9397f17306ec2562e45e007f322e152945a05693e65411f18f3da43aacfcc4dDebian Linux Security Advisory 5522-1 - Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine.
f983a0a85802b2763746bf3bfa97b1786563f79ce2c2bd56f8c915338b5146aeUbuntu Security Notice 6429-1 - Jay Satiro discovered that curl incorrectly handled hostnames when using a SOCKS5 proxy. In environments where curl is configured to use a SOCKS5 proxy, a remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04. It was discovered that curl incorrectly handled cookies when an application duplicated certain handles. A local attacker could possibly create a cookie file and inject arbitrary cookies into subsequent connections.
cdf87ef50399c95276fdc38c6e1cbde856743680fa9b47c87c04c69d255f590aUbuntu Security Notice 6428-1 - It was discovered that LibTIFF could be made to read out of bounds when processing certain malformed image files with the tiffcrop utility. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause tiffcrop to crash, resulting in a denial of service.
891afd8586b3c24ab048bfa40e9bd2dacb700190acc1c690c6bd2e2efec06002Red Hat Security Advisory 2023-5628-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include null pointer and use-after-free vulnerabilities.
82d524556abaf2f1ba57ffbaaa2d241c24b37aee6faf5902bdf44f60c7ff8a41Red Hat Security Advisory 2023-5627-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass, null pointer, out of bounds write, and use-after-free vulnerabilities.
b568673509b2b6b79c67cfa598aa5c00f4675ddcfa9ac6166e7259ad7d5c65e5Red Hat Security Advisory 2023-5622-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include memory leak, privilege escalation, and use-after-free vulnerabilities.
05852e9fad3e59bf14ca804a4c9c7c6c0ab6f7cdd3da81919fbd57053d63811cRed Hat Security Advisory 2023-5621-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include privilege escalation and use-after-free vulnerabilities.
ee73323ebd05a3a50762c2544ef2d9959cefe1ffb441cd03802b74ebbfc0825bRed Hat Security Advisory 2023-5616-01 - Python-reportlab is a library used for generation of PDF documents. Issues addressed include a code execution vulnerability.
2dd35d1d563fa4f4686f2465d398d4434e278f814a90ce88a33008b776002409Red Hat Security Advisory 2023-5615-01 - The libssh2 packages provide a library that implements the SSH2 protocol.
e51167b8bfbf9549c2f46e0216810761e6611591e77aab942fc40c53ee15d958Red Hat Security Advisory 2023-5610-01 - The GNU tar program can save multiple files in an archive and restore files from an archive. Issues addressed include a buffer overflow vulnerability.
400af5f11a8dc5a7553609af6e469d1edbd0c6c073bc9889781c8bf54848f37cRed Hat Security Advisory 2023-5607-01 - The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Issues addressed include an information leakage vulnerability.
8e530b58948acaf0dad5cb0c17febca2b1d396d6db249534167ec90bbe0796bcRed Hat Security Advisory 2023-5604-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service, out of bounds write, and use-after-free vulnerabilities.
d38198d09c153dc304334598733dfb3495b0b3654434da84b6140dc93cc8e7b3Red Hat Security Advisory 2023-5603-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include denial of service, out of bounds write, and use-after-free vulnerabilities.
33c979a04ac08d5d0608a47384b787e2183d65ba3e35cc55c98f61f6f7988093Red Hat Security Advisory 2023-5598-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.
30e52fd25fc0bcdde3bc82ed8da810bb1fc4db3e3ec921bc8bf606501e7483d5Red Hat Security Advisory 2023-5597-01 - The libqb packages provide a library with the primary purpose of providing high performance client/server reusable features, such as high performance logging, tracing, inter-process communication, and polling. Issues addressed include a buffer overflow vulnerability.
021695d83bef8c30b584acb6836b289013c3dfdaca1194a46797731a014c4688Red Hat Security Advisory 2023-5591-01 - The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Issues addressed include an information leakage vulnerability.
8307ef0d8498cd13b280482e53887530af2a335f6ca254ecfebca28eb0b2bbeaRed Hat Security Advisory 2023-5589-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include double free and use-after-free vulnerabilities.
b37bebbe2d26642a0117389c07b0d5eaad4e6479dbffbd3e2e152d8f832ecc87Red Hat Security Advisory 2023-5588-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a use-after-free vulnerability.
88283276ff5ff31f32d98f62494af5e405364ddf43b9772e574b8a705860dbb3Red Hat Security Advisory 2023-5587-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include buffer overflow, code execution, and denial of service vulnerabilities.
fe869420c01693d346b07dc5dca63959c41063ef8e7326a586d90e74f290eebaRed Hat Security Advisory 2023-5580-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.
a8870bba66ad26aba640078bef5346bce019179b826c218351447f4161e13be7Red Hat Security Advisory 2023-5575-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include out of bounds write and use-after-free vulnerabilities.
68b8501b83246058c716181ae29aef2a03a3764a72cea024097ce57eb6e8ae33
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed