Ubuntu Security Notice 6767-2 - Chenyuan Yang discovered that the RDS Protocol implementation in the Linux kernel contained an out-of-bounds read vulnerability. An attacker could use this to possibly cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
885350375e9760db30c910ea3c9badf280ffc608433042df8187d13fec7c9681Ubuntu Security Notice 6772-1 - Jan Schermer discovered that strongSwan incorrectly validated client certificates in certain configurations. A remote attacker could possibly use this issue to bypass access controls.
590fa84cad23748ca02289e6f9530d990b8eb44ed69567c869b7a9030e59d269CrushFTP versions prior to 11.1.0 suffers from a directory traversal vulnerability.
f6f0dfaaef61e480d92184b9e2c78f7ab875206b68a377d6f7d4d096b36e0e6bTrojanSpy.Win64.EMOTET.A malware suffers from a code execution vulnerability.
10debc35623c145b6f978baa8cb84aaa54c64d5d82a5c05ac187f8de64eca19fPlantronics Hub version 3.25.1 suffers from an arbitrary file read vulnerability.
c63a856ff1866ac2a5b1c7cca4db6ffecb90758e7c84070c8f4234cfa6c54caaBackdoor.Win32.AsyncRat malware suffers from a code execution vulnerability.
aae895a856dbb790f39f2815c8d74efe74839c99e7531212e21ea34299f56a3eApache mod_proxy_cluster suffers from a cross site scripting vulnerability.
fadf8a3fa5550a659387386713c6d034a845c647a4595a8ba20fbad136400e1fRed Hat Security Advisory 2024-2833-03 - An update to the images for Red Hat Integration - Service Registry is now available from the Red Hat Container Catalog. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Issues addressed include denial of service and memory leak vulnerabilities.
2518d89938223d0533f6750e108477ab6b6747b6bc5badd565eecdf734bb1913Chryp version 2.5.2 suffers from a persistent cross site scripting vulnerability.
595f50a797273bc71e600e16b0c302e64f4c3bc6413b4e2f4eac3ca9d31edcdaLeafpub version 1.1.9 suffers from a persistent cross site scripting vulnerability.
a319d222989340e097fcceb563dd16ea12ab8f0c1bc6bc240ca39b4f7c8bcfb0Prison Management System Using PHP suffers from a remote SQL injection vulnerability that allows for authentication bypass.
e69f0a647f9409afaeb28fca9549b65a8f171f0f00a1d280a8d677cfdf0704eeDebian Linux Security Advisory 5688-1 - It was discovered that missing input sanitising in the Atril document viewer could result in writing arbitrary files in the users home directory if a malformed epub document is opened.
ce64dbc7042d36045420d8024d1749d0ba1c9d8b43b3a218aec4ed4925c70038Debian Linux Security Advisory 5687-1 - A security issue was discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. Google is aware that an exploit for CVE-2024-4671 exists in the wild.
fefd1de1decbc1434a5c297ec454790b8b54743c888a645237a73641ccde75e5This Metasploit module abuses a feature of the sudo command on Progress Kemp LoadMaster. Certain binary files are allowed to automatically elevate with the sudo command. This is based off of the file name. Some files have this permission are not write-protected from the default bal user. As such, if the file is overwritten with an arbitrary file, it will still auto-elevate. This module overwrites the /bin/loadkeys file with another executable.
0ba86964552be2e15d8dfa5aee3dc906633226221f56038c5adfd5023d1cef02Gentoo Linux Security Advisory 202405-33 - Multiple vulnerabilities have been discovered in PoDoFo, the worst of which could lead to code execution. Versions greater than or equal to 0.10.1 are affected.
0f079a3a9ed1b14c17eed0010b2a3a9dab852edc5acc1505fb4bbe146a15d7c1Gentoo Linux Security Advisory 202405-32 - Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. Versions greater than or equal to 115.10.0 are affected.
3283b7e266237a6df6b8dc58a8f3b51eb90071121c21462cfd91730f52a3efb9Gentoo Linux Security Advisory 202405-31 - A vulnerability has been discovered in Kubelet, which can lead to privilege escalation. Versions greater than or equal to 1.28.5 are affected.
cb7809ea80edc32b1ba6a8545c37a92c5980f394bbdd184747356f927ef58e32Ubuntu Security Notice 6771-1 - It was discovered that SQL parse incorrectly handled certain nested lists. An attacker could possibly use this issue to cause a denial of service.
d4667d289a8e91d1ce3a98ab4961c911970232c5d3603980b0eb0eb6e4153694Panel.SmokeLoader malware suffers from cross site request forgery, and cross site scripting vulnerabilities.
ef278eac34255b166212b8c3d391b9134c5e614f5beadcfc77d5664154f0a7dePanel.SmokeLoader malware suffers from a cross site scripting vulnerability.
bcc5e47df8b2d6bd47ac6d8b30cb4be97dade1f97e3d46af383c50831ef76904Esteghlal F.C.'s site suffers from a cross site scripting vulnerability.
27a3e849215cdeb3acce420536732c6bb9d4b0fd92ff4c0bea2720714ce42eceRed Hat Security Advisory 2024-2822-03 - An update for the squid:4 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a denial of service vulnerability.
5b1278591beedae5fcae4e4762e94641b13117bc5eda0f8c60a271d4a510d203Red Hat Security Advisory 2024-2821-03 - An update for bind and dhcp is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.
4f8df9f8e47e09d47ac5674f3aa068dfee1a6f8902e6fd33cfbc244643a3e3beRed Hat Security Advisory 2024-2820-03 - An update for varnish is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a denial of service vulnerability.
7c390b54da0eca65e2b0663efdcf83e2ef3a714b13ba783f9605f2507f6564b5Red Hat Security Advisory 2024-2817-03 - An update is now available for Red Hat OpenShift GitOps v1.10.5 for Argo CD UI and Console Plugin. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section.
5fce456a49aae23326971a5dc5d1b6f6787c2fbe0337f175c0e28b439bce0a90
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed