Ubuntu Security Notice 6393-1 - It was discovered that ImageMagick did not properly handle memory when processing the -help option. An attacker could potentially use this issue to cause a crash.
4abf26bc1f0dfecb8dbdc0483a549e871cdc8ef7d7b3599786d81660a995da2dDebian Linux Security Advisory 5503-1 - Multiple security issues were discovered in Netatalk, an implementation of the Apple Filing Protocol (AFP) for offering file service (mainly) to macOS clients, which may result in the execution of arbitrary code or information disclosure.
3ad19cdf2f3e4a2e4515cadb2985e91ea06909ebbd3aa9ef44bfbdc77aef9dabRed Hat Security Advisory 2023-5309-01 - The libwebp packages provide a library and tools for the WebP graphics format. WebP is an image format with a lossy compression of digital photographic images. WebP consists of a codec based on the VP8 format, and a container based on the Resource Interchange File Format. Webmasters, web developers and browser developers can use WebP to compress, archive, and distribute digital images more efficiently. Issues addressed include a buffer overflow vulnerability.
eb2977aa529aec96d7933b8299cb17b054007739cd2c8bc9d8684c322b8941cdMultiple TOTOLINK network products contain a command injection vulnerability in setting/setTracerouteCfg. This vulnerability allows an attacker to execute arbitrary commands through the command parameter. After exploitation, an attacker will have full access with the same user privileges under which the webserver is running - which is typically root.
fc2e74774d3c46b6268870bd1ebc63fc2bde4c03b9aa77f9c16fb05791fe2e00Ubuntu Security Notice 6391-2 - USN-6391-1 fixed a vulnerability in CUPS. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that CUPS incorrectly parsed certain Postscript objects. If a user or automated system were tricked into printing a specially crafted document, a remote attacker could use this issue to cause CUPS to crash, resulting in a denial of service, or possibly execute arbitrary code.
2bbd33f5dbd043a17e8699e6259ec4ec442da6bb68bc75fa03ab06b00a5f8f2bUbuntu Security Notice 6392-1 - It was discovered that libppd incorrectly parsed certain Postscript objects. If a user or automated system were tricked into printing a specially crafted document, a remote attacker could use this issue to cause libppd to crash, resulting in a denial of service, or possibly execute arbitrary code.
3f8a500234b3f18b215ff2ff9e651e8eaa09b23b37b4dfa15dc9835d66312d57Red Hat Security Advisory 2023-5314-01 - OpenShift API for Data Protection enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes. Issues addressed include a denial of service vulnerability.
8cf8572f470b3beefb5a0e9b9113eb0f47bd25024311177330838258f83c2573Luxcal Event Calendar version 3.2.3 suffers from a cross site request forgery vulnerability.
2988b35bb1b22bee81c03c905525b0e5df1206ee53aee901ca3b610f65c28437Ubuntu Security Notice 6391-1 - It was discovered that CUPS incorrectly parsed certain Postscript objects. If a user or automated system were tricked into printing a specially crafted document, a remote attacker could use this issue to cause CUPS to crash, resulting in a denial of service, or possibly execute arbitrary code.
00a4ff35552f91f78ad301813991a81c43438a4529f2b13731a0d5bd04289f5fUbuntu Security Notice 6390-1 - It was discovered that Bind incorrectly handled certain control channel messages. A remote attacker with access to the control channel could possibly use this issue to cause Bind to crash, resulting in a denial of service. Robert Story discovered that Bind incorrectly handled certain DNS-over-TLS queries. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04.
e4041908fd214dd1780282d9e6d3057954c45306f5a3646b3c1109ebf89ef79aRed Hat Security Advisory 2023-5313-01 - The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines. Issues addressed include a bypass vulnerability.
f451d5f8a8d1b83c274443ae5b5b2438a39c26a958beafe47fa2b2f4fe61393cRed Hat Security Advisory 2023-5312-01 - The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines. Issues addressed include a bypass vulnerability.
9cbf793f550e11e6bee5205909b40bd5bac7ce8bcb5f96ad4ec2e1b5cdddb8f4The BDS Userland rootkit is a Linux userland rootkit. It hides files, directories, processes, the bind shell port, the daemon port, and the reverse shell port. It also cleans up bash history and logs during installation.
c7170315137f5e7109aba32c9e58a703b353e1326e4a9584ba97e9f9c1926310The BDS LKM rootkit is a simple and stable Linux loadable kernel module rootkit for Linux kernel versions 5.x and 6.x on x86_64 that hide files, hide processes, hides a bind shell and reverse shell port, provides privilege escalation, provides rootkit persistence, and cleans up logs and bash history during installation.
f80995082ade857bc8c222749aa3ff2fe683f4b3f02e618e111a589f857646e2Red Hat Security Advisory 2023-5095-01 - Logging Subsystem 5.6.11 - Red Hat OpenShift. Red Hat Product Security has rated this update as having a security impact of Moderate.
94bd4ad270c871267f8f1a3669462acdd1722227ddc192e24e45b28f9c5b76fb
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed