The Microsoft Windows Kernel has a time-of-check / time-of-use issue in verifying layered key security which may lead to information disclosure from privileged registry keys.
d827eb89d09814af2562b27f8d81aceb5f4a617c3fbb070846fd5b39ebfaa03eDebian Linux Security Advisory 5569-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
d5d2209b119ae9264996f7c9c9bb3d93c4f147ce270625707943898e702df953Loytec LINX-151 with firmware version 7.2.4 and LINX-212 with firmware version 6.2.4 suffer from file disclosure vulnerabilities that leak secrets as well as issues with stories secrets in the clear.
c8d887d4717b94c1aee40cf1ff1bea9d76d8c987065fd897b45f142808786003Debian Linux Security Advisory 5563-1 - Benoit Morgan, Paul Grosen, Thais Moreira Hamasaki, Ke Sun, Alyssa Milburn, Hisham Shafi, Nir Shlomovich, avis Ormandy, Daniel Moghimi, Josh Eads, Salman Qazi, Alexandra Sandulescu, Andy Nguyen, Eduardo Vela, Doug Kwan, and Kostik Shtoyk discovered that some Intel processors mishandle repeated sequences of instructions leading to unexpected behavior, which may result in privilege escalation, information disclosure or denial of service.
d7001a334e8b340f1b8652c36b9d2a6bbfa2e0f10274b965432d30653479e5d9WordPress UserPro plugin versions 5.1.1 and below suffer from an insecure password reset mechanism, information disclosure, and authentication bypass vulnerabilities. Versions 5.1.4 and below suffer from privilege escalation and shortcode execution vulnerabilities.
bfb7306b803b1acac19078db2972f3aa4724b44e3c44892d41946574771b0edaDebian Linux Security Advisory 5556-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
519a318efaad30a7fa7103defd914262b4ed68624fd96d43a944225ff56b8607Debian Linux Security Advisory 5549-1 - Several vulnerabilities were discovered in Apache Traffic Server, a reverse and forward proxy server, which could result in denial of service or information disclosure.
06b531869de4400f36aa992d6b50615be2536465773861a5ff199f2168e9638cDebian Linux Security Advisory 5546-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
f605ced5231fa8850108e39ed6f3283295576605c06dae3fd77dcbc7547e581fDebian Linux Security Advisory 5536-1 - An important security issue was discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
8dc27122c27d00fc7f75791b3d0ac5dda33c19caad3ed212f62aa04a79188200Oracle database versions 19.3 through 19.20 and 21.3 through 21.11 have an issue where an account with create session and select any dictionary can view password hashes stored in a system table that is part of a sharding component setup.
d2f153475e1ccb9fba7a3c56502ebe8182c7fe13f5f32cca180c60ebe9c205c7Debian Linux Security Advisory 5526-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
46cb308795f98ff9a9e444ff6b114afd63592578e7be19a637bbd471ef7fa013Debian Linux Security Advisory 5525-1 - Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix, which might result in denial of service, information disclosure or privilege escalation.
796922c8109c26f29b46a6c85521b96598f1e79e22b650b1166a48c9207bd4e0Debian Linux Security Advisory 5520-1 - Multiple security issues were discovered in MediaWiki, a website engine for collaborative work, which could result in cross-site scripting, denial of service or information disclosure.
c9b0eef917ca7122324a4555874745119c1290c98bda7f3ff8c5cf676e9d555bDebian Linux Security Advisory 5515-1 - A security issue was discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
cd387add5ecac48e0ec28d632aaa0667202aefef4687f0629b6c55ff658c3240Debian Linux Security Advisory 5508-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
5550e68ba1d2b614ebdd9b77285dea84c54ce37ebdd27ec26f2df951e220f22cDebian Linux Security Advisory 5503-1 - Multiple security issues were discovered in Netatalk, an implementation of the Apple Filing Protocol (AFP) for offering file service (mainly) to macOS clients, which may result in the execution of arbitrary code or information disclosure.
3ad19cdf2f3e4a2e4515cadb2985e91ea06909ebbd3aa9ef44bfbdc77aef9dabDebian Linux Security Advisory 5501-1 - Mickael Karatekin discovered that the GNOME session locking didn't restrict a keyboard shortcut used for taking screenshots in GNOME Screenshot which could result in information disclosure.
6dd5a03b36c342db3e425efff947ef6751149b63a87ddd53a27eb00501832777Debian Linux Security Advisory 5499-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
18c7f1f67b298f5df1f43785c385d5afbd0b2d8bba69a0a01d8a3731e5b29df2VMware vRealize Log Insights versions 8.x contain multiple vulnerabilities, such as directory traversal, broken access control, deserialization, and information disclosure. When chained together, these vulnerabilities allow a remote, unauthenticated attacker to execute arbitrary commands on the underlying operating system as the root user. This Metasploit module achieves code execution via triggering a RemotePakDownloadCommand command via the exposed thrift service after obtaining the node token by calling a GetConfigRequest thrift command. After the download, it will trigger a PakUpgradeCommand for processing the specially crafted PAK archive, which then will place the JSP payload under a certain API endpoint (pre-authenticated) location upon extraction for gaining remote code execution. Successfully tested against version 8.0.2.
2e4132d3093987ff065179429e52ff5e9baad8185fde7f58136c18d0aa950a90Ubuntu Security Notice 6354-1 - It was discovered that Python did not properly handle XML entity declarations in plist files. An attacker could possibly use this vulnerability to perform an XML External Entity injection, resulting in a denial of service or information disclosure.
55bae84a27165496e4c61f96e67a29907c9b0b2752c81b4e650223bf8ebf69c7Debian Linux Security Advisory 5491-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
3a6cfcbdc911ffcc1d3db52f8089b5fad3df27b575010e4f29577ea3ede1e7d0TECHView LA5570 Wireless Gateway version 1.0.19_T53 suffers from directory traversal, privilege escalation, and information disclosure vulnerabilities.
d1257e7bf2cdf6fd21b1cc76b8960cbdf567e1b24499e73c14da1c1903331e35Remote disconnect exploit for AtlasVPN Linux client version 1.0.3 that will allow a remote website to extract a client's real IP address.
c22b568ca47d98ca9a5a328dfea2c54acf630205d9141efd30804e6c4fe23e1fDLINK DPH-400SE version FRU2.2.15.8 suffers from an information disclosure vulnerability.
e04c693b7f9f2fc627223d12d2bb72ef8540956fc844b65711e66b98c9fb70bbPlayTube version 3.0.1 suffers from an information leakage vulnerability.
6634c359fbe26d15c6168d3a3cc4055c0d3b3c5bc2b752d4130d644d141485be
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed