Ubuntu Security Notice 6767-2 - Chenyuan Yang discovered that the RDS Protocol implementation in the Linux kernel contained an out-of-bounds read vulnerability. An attacker could use this to possibly cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
885350375e9760db30c910ea3c9badf280ffc608433042df8187d13fec7c9681
Ubuntu Security Notice 6772-1 - Jan Schermer discovered that strongSwan incorrectly validated client certificates in certain configurations. A remote attacker could possibly use this issue to bypass access controls.
590fa84cad23748ca02289e6f9530d990b8eb44ed69567c869b7a9030e59d269
CrushFTP versions prior to 11.1.0 suffers from a directory traversal vulnerability.
f6f0dfaaef61e480d92184b9e2c78f7ab875206b68a377d6f7d4d096b36e0e6b
TrojanSpy.Win64.EMOTET.A malware suffers from a code execution vulnerability.
10debc35623c145b6f978baa8cb84aaa54c64d5d82a5c05ac187f8de64eca19f
Plantronics Hub version 3.25.1 suffers from an arbitrary file read vulnerability.
c63a856ff1866ac2a5b1c7cca4db6ffecb90758e7c84070c8f4234cfa6c54caa
Backdoor.Win32.AsyncRat malware suffers from a code execution vulnerability.
aae895a856dbb790f39f2815c8d74efe74839c99e7531212e21ea34299f56a3e
Apache mod_proxy_cluster suffers from a cross site scripting vulnerability.
fadf8a3fa5550a659387386713c6d034a845c647a4595a8ba20fbad136400e1f
Red Hat Security Advisory 2024-2833-03 - An update to the images for Red Hat Integration - Service Registry is now available from the Red Hat Container Catalog. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Issues addressed include denial of service and memory leak vulnerabilities.
2518d89938223d0533f6750e108477ab6b6747b6bc5badd565eecdf734bb1913
Chryp version 2.5.2 suffers from a persistent cross site scripting vulnerability.
595f50a797273bc71e600e16b0c302e64f4c3bc6413b4e2f4eac3ca9d31edcda
Leafpub version 1.1.9 suffers from a persistent cross site scripting vulnerability.
a319d222989340e097fcceb563dd16ea12ab8f0c1bc6bc240ca39b4f7c8bcfb0
Prison Management System Using PHP suffers from a remote SQL injection vulnerability that allows for authentication bypass.
e69f0a647f9409afaeb28fca9549b65a8f171f0f00a1d280a8d677cfdf0704ee
Debian Linux Security Advisory 5688-1 - It was discovered that missing input sanitising in the Atril document viewer could result in writing arbitrary files in the users home directory if a malformed epub document is opened.
ce64dbc7042d36045420d8024d1749d0ba1c9d8b43b3a218aec4ed4925c70038
Debian Linux Security Advisory 5687-1 - A security issue was discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. Google is aware that an exploit for CVE-2024-4671 exists in the wild.
fefd1de1decbc1434a5c297ec454790b8b54743c888a645237a73641ccde75e5
This Metasploit module abuses a feature of the sudo command on Progress Kemp LoadMaster. Certain binary files are allowed to automatically elevate with the sudo command. This is based off of the file name. Some files have this permission are not write-protected from the default bal user. As such, if the file is overwritten with an arbitrary file, it will still auto-elevate. This module overwrites the /bin/loadkeys file with another executable.
0ba86964552be2e15d8dfa5aee3dc906633226221f56038c5adfd5023d1cef02
Gentoo Linux Security Advisory 202405-33 - Multiple vulnerabilities have been discovered in PoDoFo, the worst of which could lead to code execution. Versions greater than or equal to 0.10.1 are affected.
0f079a3a9ed1b14c17eed0010b2a3a9dab852edc5acc1505fb4bbe146a15d7c1
Gentoo Linux Security Advisory 202405-32 - Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. Versions greater than or equal to 115.10.0 are affected.
3283b7e266237a6df6b8dc58a8f3b51eb90071121c21462cfd91730f52a3efb9
Gentoo Linux Security Advisory 202405-31 - A vulnerability has been discovered in Kubelet, which can lead to privilege escalation. Versions greater than or equal to 1.28.5 are affected.
cb7809ea80edc32b1ba6a8545c37a92c5980f394bbdd184747356f927ef58e32
Ubuntu Security Notice 6771-1 - It was discovered that SQL parse incorrectly handled certain nested lists. An attacker could possibly use this issue to cause a denial of service.
d4667d289a8e91d1ce3a98ab4961c911970232c5d3603980b0eb0eb6e4153694
Panel.SmokeLoader malware suffers from cross site request forgery, and cross site scripting vulnerabilities.
ef278eac34255b166212b8c3d391b9134c5e614f5beadcfc77d5664154f0a7de
Panel.SmokeLoader malware suffers from a cross site scripting vulnerability.
bcc5e47df8b2d6bd47ac6d8b30cb4be97dade1f97e3d46af383c50831ef76904
Esteghlal F.C.'s site suffers from a cross site scripting vulnerability.
27a3e849215cdeb3acce420536732c6bb9d4b0fd92ff4c0bea2720714ce42ece
Red Hat Security Advisory 2024-2822-03 - An update for the squid:4 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a denial of service vulnerability.
5b1278591beedae5fcae4e4762e94641b13117bc5eda0f8c60a271d4a510d203
Red Hat Security Advisory 2024-2821-03 - An update for bind and dhcp is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.
4f8df9f8e47e09d47ac5674f3aa068dfee1a6f8902e6fd33cfbc244643a3e3be
Red Hat Security Advisory 2024-2820-03 - An update for varnish is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a denial of service vulnerability.
7c390b54da0eca65e2b0663efdcf83e2ef3a714b13ba783f9605f2507f6564b5
Red Hat Security Advisory 2024-2817-03 - An update is now available for Red Hat OpenShift GitOps v1.10.5 for Argo CD UI and Console Plugin. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section.
5fce456a49aae23326971a5dc5d1b6f6787c2fbe0337f175c0e28b439bce0a90