This archive contains all of the 314 exploits added to Packet Storm in July, 2023.
191302f3c23f0570167c8994830ff34d1956d34e1b44695873e223f86dcdd584Eramba version 3.19.1 suffers from a remote command execution vulnerability.
498834ba38cae4a4baa030af1b9873d149be69378a63e7ebf05d063e6b0d9df2Ubuntu Security Notice 6266-1 - Zac Sims discovered that librsvg incorrectly handled decoding URLs. A remote attacker could possibly use this issue to read arbitrary files by using an include element.
06773e26613c1f6604d2287ee6c54aa9a6a94e09a0c9341148dd41b01d3a1f80Joomla JLex Review extension version 6.0.1 suffers from a cross site scripting vulnerability.
f44fe1c411430bac50119a41a22e33e1f6cf7dd5bd1751f609712c8288a08198Red Hat Security Advisory 2023-4411-01 - CJose is C library implementing the Javascript Object Signing and Encryption.
dccddcd552f7680d2e72aefb3cffd84471aa6a23a83e150e4d8ca50f00633b60WordPress Stripe Payment Plugin for WooCommerce plugin versions 3.7.7 and below suffer from an authentication bypass vulnerability.
263a956ca459f42b4b70546f48ac6fceb289d765a400737df8fed883d25f9594Red Hat Security Advisory 2023-4410-01 - The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server.
962a03700cdaf2b77f70083e13671a7f51883c7dd8caf31e5fcb70c908ba55caAIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.
8ff36ce47d37d0cc987762d5d961346d475de74bba8a1832fd006db6edd3c10eOpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. The 3.1.x series is the current major version of OpenSSL.
a0ce69b8b97ea6a35b96875235aa453b966ba3cba8af2de23657d8b6767d6539OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. The 3.x series is the current major version of OpenSSL.
1761d4f5b13a1028b9b6f3d4b8e17feb0cedc9370f6afe61d7193d2cdce83323OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide.
d6697e2871e77238460402e9362d47d18382b15ef9f246aba6c7bd780d38a6b0Uvdesk version 1.1.3 suffers from a remote shell upload vulnerability.
785a58fce3185616f8ebb56cc4c3498d9ba2782170d34b1c487a14564309a3e1Ubuntu Security Notice 6263-1 - Motoyasu Saburi discovered that OpenJDK incorrectly handled special characters in file name parameters. An attacker could possibly use this issue to insert, edit or obtain sensitive information. This issue only affected OpenJDK 11 and OpenJDK 17. Eirik Bjørsnøs discovered that OpenJDK incorrectly handled certain ZIP archives. An attacker could possibly use this issue to cause a denial of service. This issue only affected OpenJDK 11 and OpenJDK 17.
2a8710ab7e6491abd98022fbf0e059c14cea84ff8d9b7cf0e64f2f7802428148General Device Manager version 2.5.2.2 suffers from a buffer overflow vulnerability.
4ff81e959ae441d46d55d7766788ad9ce12c3dd769abed1820c344a9346bb6c4Red Hat Security Advisory 2023-4409-01 - The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server.
40ffbac1f3fe480270dd9f44f9d7529da5cc4f57c4e56941745de21f93adbf30Online Lab Diagnostic Management version 1.0 suffers from a remote SQL injection vulnerability.
6f627879ce346fe7312f40f755225ff321e9af175797ec5f2341bde56ba9fde6Red Hat Security Advisory 2023-4408-01 - The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server.
1efff2ead8b420c3c676224349d5410ab7d79630c905f83d260e8b9095357348CoolAdmin version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
4c0ce1b7ce0e7e8856b0394425eef60c6c35434570524231315d66316a022b86Ubuntu Security Notice 6242-2 - USN-6242-1 fixed a vulnerability in OpenSSH. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. It was discovered that OpenSSH incorrectly handled loading certain PKCS#11 providers. If a user forwarded their ssh-agent to an untrusted system, a remote attacker could possibly use this issue to load arbitrary libraries from the user's system and execute arbitrary code.
fb3b87a987324313bce3c73932307702f8e60575e6a91b8babad2eb73b470d39Red Hat Security Advisory 2023-4416-01 - Iperf is a tool which can measure maximum TCP bandwidth and tune various parameters and UDP characteristics. Iperf reports bandwidth, delay jitter, and data-gram loss.
a0d85338c67b5cc1acd728f595d44342f38d305f92000ec9ceed5be4eaa6004cRed Hat Security Advisory 2023-4415-01 - Iperf is a tool which can measure maximum TCP bandwidth and tune various parameters and UDP characteristics. Iperf reports bandwidth, delay jitter, and data-gram loss.
1df7e9c2036865a6060380eb5c7ca9e8bd5becd01d7a38aa0f16083a8dfadd39Ubuntu Security Notice 6264-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
82871fa1fba43d05238c779b70fe1fa4ce8d4ecb76d357fcdd3cc95b927e2b1fRed Hat Security Advisory 2023-4414-01 - Iperf is a tool which can measure maximum TCP bandwidth and tune various parameters and UDP characteristics. Iperf reports bandwidth, delay jitter, and data-gram loss.
2866e8455b0d791116299a06f0914095112c844275466eeeaa4752ae29bac0fdRed Hat Security Advisory 2023-4380-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include an out of bounds write vulnerability.
76bfd0b219a147940968b013bcf9113ef82e3d224d1f4bfe49d0f729cfd55716City Variety LMS version 2.2 suffers from a cross site scripting vulnerability.
1cbbe0f2970a91c54fd6b773983a7f83c535dbf1c4e56f12913660cbe435877e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed