ALTISA CMS version 5.2.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
9e17286e56475dc106d870a870f847bdcd9c35792121d86320c02874e90f9e8fOpenDNSSEC is software that manages the security of domain names on the Internet. The project intends to drive adoption of Domain Name System Security Extensions (DNSSEC) to further enhance Internet security.
76e9358dd242abf9a7359948ab422ce9b34a04150b5af764dae5c214f9041b49Advanced Testimonials Manager version 4.1.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
19818aad4781217a8df9f86cfdf7ac968c26903698d308f7c1fa169993416fdfAdvanced PHP URL Shortener version 1.0 suffers from a cross site scripting vulnerability.
4e1d8e53e5314398ff0dd35afa47391639eddbece2db8c996181a7b27a46577eActive Matrimonial CMS version 1.6 suffers from an html injection vulnerability.
2325b275d212ebe3799490b742b05121dfb43d986d54ebc62f2b31d7dc699e0cRed Hat Security Advisory 2023-3811-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.
0e868d3f8e0212d6a8fc19318d1de8ed61af7b7cd789551008e4453e7f861826Red Hat Security Advisory 2023-3810-01 - Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for MySQL and PostgreSQL. Issues addressed include a bypass vulnerability.
76cfe26ca3696f3ad7bf0002382e58086fa14728e2d3738972bd28146928ee1bRed Hat Security Advisory 2023-3852-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.
99b0421c9042340eb88f7488998ec910e64dfe026c6fb33748c08b8ae18c8a01Red Hat Security Advisory 2023-3819-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include null pointer and use-after-free vulnerabilities.
67acbb14bdad3db046102d0aeebed0283ef235364ed5a84cc09c219519c3dcc8Red Hat Security Advisory 2023-3815-01 - An update to the images for Red Hat Integration - Service Registry is now available from the Red Hat Container Catalog. Issues addressed include denial of service, information leakage, and traversal vulnerabilities.
149e9ea0031a8555c13e69062a9556f7251e1f99081bbda6fa3a673c26c23f8fRed Hat Security Advisory 2023-3822-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include a memory leak vulnerability.
12304eba2c48f6801d19aeba5d6391a309d1fe6b19187b6bb5c3fb940c85ddfaRed Hat Security Advisory 2023-3827-01 - The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Issues addressed include a buffer overflow vulnerability.
f7d8c398d5d5860a4060714abcd0415664ec1886631b2a2ac9d624e547fa7892Red Hat Security Advisory 2023-3839-01 - libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Issues addressed include bypass and null pointer vulnerabilities.
997cf8690fa003f37458f6c848154afddcc36acd92a0fbab441ad337cda0aab8Red Hat Security Advisory 2023-3821-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP response splitting and denial of service vulnerabilities.
915adbe516e63371c901e0dbf9c061957d731f589acb09f314d7244a05d2317aRed Hat Security Advisory 2023-3847-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include null pointer and use-after-free vulnerabilities.
bda12397d623ea69ad01743219a25880cf5b10dda69260919de887713d8f4ed8Red Hat Security Advisory 2023-3840-01 - SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server.
290d2c21704b4ff69be6e8935ffeacf597b2290d02a6f7e13cdfbdfb9f11212aRed Hat Security Advisory 2023-3837-01 - The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. Issues addressed include a privilege escalation vulnerability.
5e96b0b1fed5df5f6978aa01380b1c111f08ab404d7b7ce65735f399ca9032cfDebian Linux Security Advisory 5439-1 - Several vulnerabilities were discovered in BIND, a DNS server implementation.
cc895f5c176833d74e7a3f8e0143a354220ebb5b634b336ac40ccc836c9f7e36Rocket LMS version 1.7 suffers from a persistent cross site scripting vulnerability.
97f580a88c2b993e6298fe38f539f299905ea42fdaf07c50ffd5ef2690baa6e0WordPress LearnDash LMS version 4.6.0 suffers from an insecure direct object reference vulnerability.
3a8f67c945962cd97a8543c7e9a730133e280935b834b5ed9f28ab87a13f1a38This Metasploit module is designed to exploit the JNDI injection vulnerability in Druid. The vulnerability specifically affects the indexer/v1/sampler interface of Druid, enabling an attacker to execute arbitrary commands on the targeted server. The vulnerability is found in Apache Kafka clients versions ranging from 2.3.0 to 3.3.2. If an attacker can manipulate the sasl.jaas.config property of any of the connector's Kafka clients to com.sun.security.auth.module.JndiLoginModule, it allows the server to establish a connection with the attacker's LDAP server and deserialize the LDAP response. This provides the attacker with the capability to execute java deserialization gadget chains on the Kafka connect server, potentially leading to unrestricted deserialization of untrusted data or even remote code execution (RCE) if there are relevant gadgets in the classpath. To facilitate the exploitation process, this module will initiate an LDAP server that the target server needs to connect to in order to carry out the attack.
f66b350948de8d0c6e468d03fb8436dd9af78149309b8e72facbdb3d5300a0eaRed Hat Security Advisory 2023-3615-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.22. Issues addressed include a denial of service vulnerability.
7fb4743cf0f6421a8fc76e5aeabe5a0d1c7e99c6c059a74b0989a6981fbfe871ONEST CRM version 1.0 suffers from a persistent cross site scripting vulnerability.
ab2c496a64d6d91e4d8455912306fd0acc5d24986ab8374367291acb391289acRed Hat Security Advisory 2023-3796-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.
ae2a9a38ac081006d84e460f9a3555858e4079b07f04dd6ece466b6912444933Office Suite Premium version 10.9.1.42602 suffers from a local file inclusion vulnerability.
67c4565694ad8b004ca5be03f3ce64ed4cb8208650aa9cf0be7cb6eed7c72a31
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed