Judging Management System version 1.0 a remote shell upload vulnerability.
83f876fc3d80ece47561fec342194ec07aa98b26bfff525e03e3d4f6b07ff644Judging Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
52c0e04fae6ca307aa21417a61ea5886413834dee6a4ddc9826d696b899a914aTrojan-Dropper.Win32.Decay.dxv (CyberGate 1.00.0) malware suffers from an insecure proprietary password encryption vulnerability.
327cdad4f54bb339def30383a6e9ad6ba1713e20fa30cdbaf1573da6857d4dfeUbuntu Security Notice 5775-1 - It was discovered that Vim uses freed memory in recursive substitution of specially crafted patterns. An attacker could possibly use this to crash Vim and cause denial of service. It was discovered that Vim makes illegal memory calls when patterns start with an illegal byte. An attacker could possibly use this to crash Vim, access or modify memory, or execute arbitrary commands. It was discovered that Vim could be made to crash when parsing invalid line numbers. An attacker could possibly use this to crash Vim and cause denial of service.
86a76a57dca961e715fa59af00dc3256a194ac2f855e321e3ac71a71ca7500f1Red Hat Security Advisory 2022-8915-01 - The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System.
29d6965b936fe710269629f429a3675ca23567f477ba01516d44d6b53b7cb0f0Red Hat Security Advisory 2022-8932-01 - Red Hat OpenShift Serverless Client kn 1.26.0 provides a CLI to interact with Red Hat OpenShift Serverless 1.26.0. The kn CLI is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms.
171db102be84c23e4931da536757100ae624f9a732b431ed63da84f60b8808a1Debian Linux Security Advisory 5300-1 - Multiple security issues were discovered in pngcheck, a tool to verify the integrity of PNG, JNG and MNG files, which could potentially result in the execution of arbitrary code.
0dc5440273afe8861337c23972ecab6c0e53079ef773efae17a4e5f1b133ed61Ubuntu Security Notice 5774-1 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service.
6e56ac06b223dab70c8cc4ea9d04b28dca6d246125512b3c713e93fc6e047549Red Hat Security Advisory 2022-8917-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.7.1 serves as a replacement for Red Hat JBoss Web Server 5.7.0. This release includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References. Issues addressed include a code execution vulnerability.
e2ebdbaf4c79d3de91c8c304faa329eba295ed6a073effe53a962cd2f1ed5044Red Hat Security Advisory 2022-8913-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.7.1 serves as a replacement for Red Hat JBoss Web Server 5.7.0. This release includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References. Issues addressed include a code execution vulnerability.
3e504f38beac3d1906cd48f6f34212f6eeba7ec47f89bcdde4c10f1dd05640deUbuntu Security Notice 5773-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
c9100bb857d73facffc3ed971e6c37e8c37d3a1f109d8abca983cb6b5da72d80Ubuntu Security Notice 5754-2 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a memory leak existed in the IPv6 implementation of the Linux kernel. A local attacker could use this to cause a denial of service.
f9146a5821e53563a635d3b6b5952eaba7b427e6602abe4a5c3b7d1c256b464bUbuntu Security Notice 5756-3 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a memory leak existed in the IPv6 implementation of the Linux kernel. A local attacker could use this to cause a denial of service.
be9aa22724ee89171ce95334acb4d6662e976fcbbe16b5ee394cfbc4d11d2a2fUbuntu Security Notice 5772-1 - It was discovered that QEMU incorrectly handled bulk transfers from SPICE clients. A remote attacker could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that QEMU did not properly manage memory when it transfers the USB packets. A malicious guest attacker could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.
768024681dfd9068a64b260049ff17b38a9319596abe4a29fe8b4d7a96a0987aUbuntu Security Notice 5767-2 - USN-5767-1 fixed a vulnerability in Python. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that Python incorrectly handled certain IDNA inputs. An attacker could possibly use this issue to expose sensitive information denial of service, or cause a crash.
63c7337bd47f13871b70d5ee38366430f1b2adff27aa41fb426d28bd98c80b47Ubuntu Security Notice 5771-1 - USN-3557-1 fixed vulnerabilities in Squid. This update introduced a regression which could cause the cache log to be filled with many Vary loop messages. This update fixes the problem. Mathias Fischer discovered that Squid incorrectly handled certain long strings in headers. A malicious remote server could possibly cause Squid to crash, resulting in a denial of service. This issue was only addressed in Ubuntu 16.04 LTS.
18a8aac17d2340eed70314b685221fc08c8fa291d4e28e008072aa320c633084
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed