Gentoo Linux Security Advisory 202405-25 - Multiple vulnerabilities have been discovered in MariaDB, the worst fo which can lead to arbitrary execution of code. Versions greater than or equal to 10.11.3:10.11 are affected.
c7eea512705fd85ee9b21b74205bd6536f65edcb5f0bb362d8617c6d376e0385Gentoo Linux Security Advisory 202405-24 - Multiple vulnerabilities have been discovered in ytnef, the worst of which could potentially lead to remote code execution. Versions greater than or equal to 2.0 are affected.
f773c0416c2314301424eef8ca3e6ea1f69246934de6a31f00bcad58e89121c0Gentoo Linux Security Advisory 202405-23 - A vulnerability has been discovered in U-Boot tools which can lead to execution of arbitrary code. Versions greater than or equal to 2020.04 are affected.
c1dc7bd1c32bc706d8d8f6cf71c063da8f4c690cc0c11dc94e128751c1bd5455Gentoo Linux Security Advisory 202405-22 - Multiple vulnerabilities have been discovered in rsync, the worst of which can lead to denial of service or information disclosure. Versions greater than or equal to 3.2.5_pre1 are affected.
4fb939a9acb6eea8907aff39bda3bbcb7e04b912b8b0e0f209f11800635e877aGentoo Linux Security Advisory 202405-21 - A vulnerability has been discovered in Commons-BeanUtils, which could lead to execution of arbitrary code. Versions greater than or equal to 1.9.4 are affected.
27c6c59af387590eb8be80ba66edbbef5b5173342aef388484994465cade7406Ubuntu Security Notice 6766-1 - It was discovered that the Open vSwitch implementation in the Linux kernel could overflow its stack during recursive action operations under certain conditions. A local attacker could use this to cause a denial of service. Sander Wiebing, Alvise de Faveri Tron, Herbert Bos, and Cristiano Giuffrida discovered that the Linux kernel mitigations for the initial Branch History Injection vulnerability were insufficient for Intel processors. A local attacker could potentially use this to expose sensitive information.
7b9d401aae999b54dc79d9c6b860920ebcf6a9add3896d3e2fa03e35ea39ca96Ubuntu Security Notice 6767-1 - Chenyuan Yang discovered that the RDS Protocol implementation in the Linux kernel contained an out-of-bounds read vulnerability. An attacker could use this to possibly cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
339076a1f5711d55cd375ea187457dc3949b36b7d8631b134fc24a9b65866d7eDebian Linux Security Advisory 5682-1 - Alicia Boya Garcia reported that the GDBus signal subscriptions in the GLib library are prone to a spoofing vulnerability. A local attacker can take advantage of this flaw to cause a GDBus-based client to behave incorrectly, with an application-dependent impact.
9ac18ed6ad66043155ccf297a5136b300fa25d826bec294f46991c0e83a982a7Ubuntu Security Notice 6764-1 - It was discovered that libde265 could be made to allocate memory that exceeds the maximum supported size. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service.
bb71b63888ed9360b8ccd31dec9e1511d62c5f17c7dcb7359f1be54836b0849fUbuntu Security Notice 6754-2 - USN-6754-1 fixed vulnerabilities in nghttp2. This update provides the corresponding update for Ubuntu 24.04 LTS. It was discovered that nghttp2 incorrectly handled the HTTP/2 implementation. A remote attacker could possibly use this issue to cause nghttp2 to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
a626406c69b2c3819d9892a59563e91ef3909ded6eee46f3085c5cbec0e0e54bUbuntu Security Notice 6765-1 - Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service. Sander Wiebing, Alvise de Faveri Tron, Herbert Bos, and Cristiano Giuffrida discovered that the Linux kernel mitigations for the initial Branch History Injection vulnerability were insufficient for Intel processors. A local attacker could potentially use this to expose sensitive information.
42046ab3e597891b35376f855bb093f99f7b85199aebb9184d7401f3b4fa1f10Ubuntu Security Notice 6763-1 - Martin Å irokov discovered that libvirt incorrectly handled certain memory operations. A local attacker could possibly use this issue to access virtproxyd without authorization.
bf2c08727c2512c2e1c685708d13693662d532ce0a0e38ceac2e34041c213272iboss Secure Web Gateway versions prior to 10.2.0 suffer from a persistent cross site scripting vulnerability.
50b166bd6a6b50ebc0b7770cf33221a56eafab69e5b4987b101fcd6a8a6d1e49POMS PHP version 1.0 suffers from remote shell upload and remote SQL injection vulnerabilities.
6fbd9b24154b7a82bd33b970bc8f205aec51838beab9dfdcd8c402c4bc2fe213Kortex version 1.0 suffers from a remote SQL injection vulnerability.
a16f4013115276b1f531688e40762325affcbf56e829fa0b4b9a3e3651bbef0dRansomLord generated PE files are saved in x32 and x64 directories and need to be placed in directories where programs execute. The goal of the project is to exploit vulnerabilities inherent in certain strains of ransomware by deploying exploits that defend the network! The DLLs may also provide additional coverage against generic and info stealer malwares.
221d2a4d0375910346145c1856290733a1e37e4f52286f7da98973d7e0ac7da6Drupal-Wiki versions 8.30 and 8.31 suffer from multiple persistent cross site scripting vulnerabilities.
3d088d17dda324bc2da3df91c94310af275ec6c5f0b68e54defa0a2c4496f8d0Red Hat Security Advisory 2024-2780-03 - An update for the nodejs:18 module is now available for Red Hat Enterprise Linux 8. Issues addressed include HTTP request smuggling, denial of service, and out of bounds read vulnerabilities.
14f40c5146795f41931c2250cbd7a2bf41dafc4d1ce15c66336cdff7aef2959cRed Hat Security Advisory 2024-2779-03 - An update for the nodejs:18 module is now available for Red Hat Enterprise Linux 9. Issues addressed include HTTP request smuggling, denial of service, and out of bounds read vulnerabilities.
dbce3e1febe8e44ee36a0aac3ae58470f3ffd077739447c2c363902460f6bcb0Red Hat Security Advisory 2024-2778-03 - An update for the nodejs:20 module is now available for Red Hat Enterprise Linux 8. Issues addressed include HTTP request smuggling, denial of service, and out of bounds read vulnerabilities.
39ab57f4ed248dcd1adf7e509d5372cf1f6c03922cd1774f9d2d751b8f36c646Red Hat Security Advisory 2024-2777-03 - An update for the squid:4 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include a denial of service vulnerability.
7821c6c9ca541899232b338cec866aa61d9d0724bed586ec90995cf9e57942b2Red Hat Security Advisory 2024-2764-03 - A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Issues addressed include memory exhaustion, spoofing, and traversal vulnerabilities.
6d0e801f209327af61683b090d9b91416777d80735e1710097028d00439abbe3Red Hat Security Advisory 2024-2763-03 - A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Issues addressed include memory exhaustion, spoofing, and traversal vulnerabilities.
51797a5e09eb7a1b813663b4e1289187a27d5cfdcf6c111749845de20f0f0173Red Hat Security Advisory 2024-2758-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.
9e130edc707896c0479ee23c0a67b0c6caa03909db4baea173f7b972ac8a7978Red Hat Security Advisory 2024-2724-03 - An update for git-lfs is now available for Red Hat Enterprise Linux 9. Issues addressed include denial of service and memory exhaustion vulnerabilities.
39fec62ac0ef9111d9a81e815947e20d03a20f3b657e931750258c0eda6c3edb
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed