ShopSite version 14.0 suffers from a persistent cross site scripting vulnerability.
f34fa6a72905f01bb41aaa658d65a5fcc525f2bfd0fd6925a5b8b8f32fc69080When handling DTLS-SRTP for media setup, FreeSWITCH version 1.10.10 is susceptible to denial of service due to a race condition in the hello handshake phase of the DTLS protocol. This attack can be done continuously, thus denying new DTLS-SRTP encrypted calls during the attack.
42111d854609afb4221ff75af6db4e27c366baa1bf5886242bf637a8ab822f76Debian Linux Security Advisory 5588-1 - Fabian Baeumer, Marcus Brinkmann and Joerg Schwenk discovered that the SSH protocol is prone to a prefix truncation attack, known as the "Terrapin attack". This attack allows a MITM attacker to effect a limited break of the integrity of the early encrypted SSH transport protocol by sending extra messages prior to the commencement of encryption, and deleting an equal number of consecutive messages immediately after encryption starts.
7af4170ad4031fd3d2a9ee78c01336ac9376c0590df4e88dd4e5550f0258ed24Debian Linux Security Advisory 5587-1 - Two security issues were discovered in Curl: Cookies were incorrectly validated against the public suffix list of domains and in same cases HSTS data could fail to save to disk.
ee8b5da3ccedc4ad611c77989a7b82094859da7f9354c5d153f42704a855a11aGentoo Linux Security Advisory 202312-14 - Multiple vulnerabilities have been discovered in FFmpeg, the worst of which could lead to code execution. Versions greater than or equal to 6.0 are affected.
0922bfbde257cc0b18058668376d2cab6f85025fca60b1954a14670568bf0216Gentoo Linux Security Advisory 202312-13 - Multiple vulnerabilities have been discovered in Gitea, the worst of which could result in information leakage. Versions greater than or equal to 1.20.6 are affected.
5a6fbc4b9762dddb1dc427ba9447ed15f97e4c9557de3f0888ae48ae8e114088Gentoo Linux Security Advisory 202312-12 - Several vulnerabilities have been found in Flatpack, the worst of which lead to privilege escalation and sandbox escape. Versions greater than or equal to 1.14.4 are affected.
3018a3aaac2e8e504bce240edb2f33466f227c0b15ee1ce0adb6bbddcdceb2caGentoo Linux Security Advisory 202312-11 - A vulnerability has been found in SABnzbd which allows for remote code execution. Versions greater than or equal to 4.0.2 are affected.
414698e4e9ba87a0138f321143a42ff3dd88e6bf81dd242518d6c09de60a3092Gentoo Linux Security Advisory 202312-10 - A vulnerability has been found in Ceph which can lead to root privilege escalation. Versions greater than or equal to 17.2.6 are affected.
daf313bfa471e6c911b744215f7deaf8540dd85955b1584a4642d7487964ba48
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed