Ubuntu Security Notice 6717-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. Hubert Kario discovered that Thunderbird had a timing side-channel when performing RSA decryption. A remote attacker could possibly use this issue to recover sensitive information.
c7e276778f2c974b0aa76f968f7adfbc3e4984a93e8eaf31675ad13306e8e12aUbuntu Security Notice 6588-2 - USN-6588-1 fixed a vulnerability in PAM. This update provides the corresponding updates for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. Matthias Gerstner discovered that the PAM pam_namespace module incorrectly handled special files when performing directory checks. A local attacker could possibly use this issue to cause PAM to stop responding, resulting in a denial of service.
c7b2ad8e2a4e87b81fc87db1dc5b2aeb9a7d378c2c2f1ce83e2f5497ce27f2a0Bludit version 3.13.0 suffers from a cross site scripting vulnerability.
e30c7734bfb11521c11bd57e218e971d8a00d093a2268443b78f2c2f295a3316Ubuntu Security Notice 6716-1 - Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing garbage collection. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service. It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service.
ca7041e9e1eafaa437eb00fd772e3fc4d0224945b1c747de75266ab82a88c293Ubuntu Security Notice 6714-1 - It was discovered that debmany in Debian Goodies incorrectly handled certain deb files. An attacker could possibly use this issue to execute arbitrary shell commands.
d54f6944dfabbda777fb8a78361b6893760736de4073959bba84adbd8fa06495Red Hat Security Advisory 2024-1510-03 - An update for the nodejs:18 module is now available for Red Hat Enterprise Linux 8. Issues addressed include denial of service and privilege escalation vulnerabilities.
c4e6147191f85484eee5ae21e78a7706257747db690704310b707b291d30af6cRed Hat Security Advisory 2024-1509-03 - An update for Red Hat Data Grid 8 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section. Issues addressed include a denial of service vulnerability.
ab201e94c9eeeb4ca23426158c1ae91b99566dfd9eb0d28704bf90c452b176b4Red Hat Security Advisory 2024-1502-03 - An update for grafana-pcp is now available for Red Hat Enterprise Linux 9. Issues addressed include a memory leak vulnerability.
64af92473e9dc53ecf48f74ebad70ff0466cead91970b760217b6a2ed21f16c0Insurance Management System PHP and MySQL version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.
57a616cd0cf4b87402d807007a9cc4baf3849c77c283470d324acd935adbc001Red Hat Security Advisory 2024-1501-03 - An update for grafana is now available for Red Hat Enterprise Linux 9. Issues addressed include a memory leak vulnerability.
ebb63361bb759d3a9e7a13173336126c9fc98df8ecb9106b9f4cd1f8f0240020Red Hat Security Advisory 2024-1500-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.
c05f8f74cc8a662e477728100ce6bcdd582daa8a8b25edec9d157bea7fcf1396Red Hat Security Advisory 2024-1499-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.4 Advanced Mission critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.
4c35312ed656f58e5e77883ac99c6d4277c212a2120cbc8392c9387665c90811Craft CMS version 4.4.14 suffers from an unauthenticated remote code execution vulnerability.
6dada91b5125e5cbc3f8d9cb9d59a5f937052241fe1e5481dab19199fced220cUbuntu Security Notice 6707-3 - Lonial Con discovered that the netfilter subsystem in the Linux kernel did not properly handle element deactivation in certain cases, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Notselwyn discovered that the netfilter subsystem in the Linux kernel did not properly handle verdict parameters in certain cases, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
4481855a0359e6fcdb7c16104841f3e2ebed01d718273c406f874c85f64846a5Red Hat Security Advisory 2024-1497-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.
694916cc7f93ef561a4faa6e4737263c6cb158372d7f2f807cc33d8f3ad9986bRed Hat Security Advisory 2024-1496-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.
7f4ff279933caca7c3743c461957b45d21d77941725aa2ac85b04d5e1ce0acb3Red Hat Security Advisory 2024-1491-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.4 Advanced Mission critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.
945623663f2172096c6b71e3b08fdabe05c8a47439dd5ff05a8e7b4e291dc27aRed Hat Security Advisory 2024-1490-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.
ff89bb1e11cbe0562a24cf57e66f3825dcb41bc7cd1d8ebc94e15ab4bbdd16e0LimeSurvey Community version 5.3.32 suffers from a persistent cross site scripting vulnerability.
a0fc1c6d55d96c794b571df26d967b5cf55a3845f9c967220231741cb99ae87cOrange Station version 1.0 suffers from a remote shell upload vulnerability.
5a9f8a0ab40cab9d931909357ed512b4a4e0910b05218556dc4ed1977fa5b4d8Ubuntu Security Notice 6704-3 - It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service. Quentin Minster discovered that the KSMBD implementation in the Linux kernel did not properly handle session setup requests. A remote attacker could possibly use this to cause a denial of service.
01efe4c147c2288e39cc2669dc4bb7d1e7e1641d78d25efb20089e9afb739cf7Red Hat Security Advisory 2024-1489-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.
86bc89a9b35a07fa4157edb431950ea320dbafa5691bafdddeddeb1a3c184da5Red Hat Security Advisory 2024-1488-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.
6bf37a4b678fce20bf909634fe2de254458bf2ea9e41119e298ea3af53f80f9cRed Hat Security Advisory 2024-1487-03 - An update for firefox is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.
7c27cfc7e2501f297c9a798bd9de71a80591b82191a8429e1542992a7cd7ad91Ubuntu Security Notice 6701-3 - Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service. It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service.
5a4090a47f47b9d450d81add0c7c5cc25fe72ace31de291f6722899f4e03c608
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed