Red Hat Security Advisory 2024-0982-03 - An update for unbound is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.
360fa45a6c8992cebc0239cec8454f4c50d05e55c52f2b3c8e8e5b76580afc16Red Hat Security Advisory 2024-0981-03 - An update for unbound is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
dc1c24b1e7160f01fdd4a22acfae05423534f64860a41bff38ec349fa207e7fdRed Hat Security Advisory 2024-0980-03 - An update for kernel is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support. Issues addressed include a use-after-free vulnerability.
5d9fbb2626d98bf7ef2287df21d4f242ac0b788fc7a9b46604bc9d90cc777ba6Red Hat Security Advisory 2024-0979-03 - An update for linux-firmware is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support.
18d46d4a3fd8f7ee691f6151f773f2fdc061ba796f1373957d19ee5583677744Red Hat Security Advisory 2024-0978-03 - An update for linux-firmware is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support.
eb87333fa2036cc0375592246778557bf379328ca680d41c19ec077623a8674fRed Hat Security Advisory 2024-0977-03 - An update for unbound is now available for Red Hat Enterprise Linux 9.
8e989ba23e4db864e1bd6c0226c320578d580472486ebc2c13e32ff73738952aThis Metasploit module exploits a broken access control vulnerability in Atlassian Confluence servers leading to an authentication bypass. A specially crafted request can be create new admin account without authentication on the target Atlassian server.
c9933148dbb3513e341045ef4dcef5999b02882361749da2c6cd6cfe8c0471bcMoodle version 4.3 suffers from an insecure direct object reference vulnerability.
0485561a16603707f6cfa13e517e05e872b10a48a6b02c4acd2dd562d2182284WordPress Canto versions prior to 3.0.5 suffer from remote file inclusion and shell upload vulnerabilities.
a59ad7feb866d8c5d65a87422165e0d5c276bf4da7b8e83a100a1933f7afdf64WordPress Comments Like Dislike plugin versions 1.2.0 and below suffer from a missing capability check on the restore_settings function that allows an attacker to reset the plugin's settings.
30694c0d87c0279433026fa6057e69b38edd9bdf49da277bc82125dd688bd97eSuperStoreFinder versions 3.7 and below suffer from cross site request forgery, remote command execution, and remote SQL injection vulnerabilities.
8a5a27ee2cdba842a87bb56778f36fe0e630257be6595b634453cc2afcaf8a8cGentoo Linux Security Advisory 202402-32 - A vulnerability has been discovered in btrbk which can lead to remote code execution. Versions greater than or equal to 0.31.2 are affected.
541c91cbae2bbeff664c40b186f2e6845d7a7c1c92d2bd88862f97150c95f02eUbuntu Security Notice 6653-1 - It was discovered that a race condition existed in the ATM subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the AppleTalk networking subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
7264b1489787bd2aa4f01e0965296f2e2b95a382b4da17e044109efb8286489eDebian Linux Security Advisory 5631-1 - It was discovered that iwd, the iNet Wireless Daemon, does not properly handle messages in the 4-way handshake used when connecting to a protected WiFi network for the first time. An attacker can take advantage of this flaw to gain unauthorized access to a protected WiFi network if iwd is operating in Access Point (AP) mode.
47a934b5ac3f1708759ab799a958d93a60179f6a1700104e3edfe19ebc9732ceSimple Inventory Management System version 1.0 suffers from a remote SQL injection vulnerability.
8e51d27e9d209102d0cc21f4fcd8ca293e548ced1856940a8a497960d3d17967Gentoo Linux Security Advisory 202402-31 - A vulnerability has been discovered in GNU Aspell which leads to a heap buffer overflow. Versions greater than or equal to 0.60.8-r3 are affected.
7c57c9353d30c1bbdbd822499608e237e331bb385443ffb9391b8d9d49bb6df8Gentoo Linux Security Advisory 202402-30 - A vulnerability has been found in Glances which may lead to arbitrary code execution. Versions greater than or equal to 3.1.7 are affected.
55f871f24e7d4185ef2873b142469a8f28b945b67c17b6db1aabf34804406d2cUbuntu Security Notice 6652-1 - Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service. Zheng Wang discovered a use-after-free in the Renesas Ethernet AVB driver in the Linux kernel during device removal. A privileged attacker could use this to cause a denial of service.
4f6741e6cd2ec7ebe45095a33d68bec179ca45c931ff0896b24a5a24f2017966Flashcard Quiz App version 1.0 suffers from a remote SQL injection vulnerability.
2d19f05f546a17fd7531fb2d8505ca2f52f76ae282a5f46a1b55c2ced76fd1efUbuntu Security Notice 6651-1 - It was discovered that a race condition existed in the ATM subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the AppleTalk networking subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
50ce129d01fba83dc1f23444d3644122297a10313ae31301b92dca3ee8a5400eUbuntu Security Notice 6650-1 - Zhenghan Wang discovered that the generic ID allocator implementation in the Linux kernel did not properly check for null bitmap when releasing IDs. A local attacker could use this to cause a denial of service.
3f6fd7285de278b165f5be6af2312c053a9e4c1e747410d3f389b749466cebe9FAQ Management System version 1.0 suffers from a remote SQL injection vulnerability.
2ea51098a949106e71b766b144109b1be9da517c51665344c9ebb17028a158a4Ubuntu Security Notice 6655-1 - It was discovered that GNU binutils was not properly handling the logic behind certain memory management related operations, which could lead to an invalid memory access. An attacker could possibly use this issue to cause a denial of service. It was discovered that GNU binutils was not properly performing bounds checks when dealing with memory allocation operations, which could lead to excessive memory consumption. An attacker could possibly use this issue to cause a denial of service.
396cf437b25e5fb094de4260df060587d374c3a0672e376e0ad2c3f2a679ccc0Ubuntu Security Notice 6654-1 - It was discovered that Roundcube Webmail incorrectly sanitized characters in the linkrefs text messages. An attacker could possibly use this issue to execute a cross-site scripting attack.
460026cc73cc6675127f73b71d11e0359570d321c9e013f075f7ee551cfcf679Backdoor.Win32.AutoSpy.10 malware suffers from a remote command execution vulnerability.
01433d0ad222e5da0927202b151b19c29afd6ce5f59f4e0b3302a97ed91a29bb
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed