Gentoo Linux Security Advisory 202210-33 - A vulnerability has been discovered in Libtirpc which could result in denial of service. Versions less than 1.3.2 are affected.
bccd5ffa227dfb527ebd33b9111ae8da5525ed6e94955ec7daa245544ffba101Debian Linux Security Advisory 5267-1 - Nicky Mouha discovered a buffer overflow in 'sha3', a Python library for the SHA-3 hashing functions.
d4090d5d01e608bb05f0321bed3147663eb2d627ff27188ec0ba8a82517bcbddThe Qualys Research Team has discovered authorization bypass and symlink vulnerabilities in multipathd. The authorization bypass was introduced in version 0.7.0 and the symlink vulnerability was introduced in version 0.7.7.
9fd49ad2d42596cc152f6771bcdd491b37e2986a01a0b0cdb2f997469ee1fdecGentoo Linux Security Advisory 202210-32 - An integer overflow has been found in hiredis which could result in arbitrary code execution. Versions less than 1.0.1 are affected.
105db92b690e6764645b296a0295ca4013e47d2ddf3ad5330f67bbaea019da48Debian Linux Security Advisory 5266-1 - A heap use-after-free vulnerability after overeager destruction of a shared DTD in the XML_ExternalEntityParserCreate function in Expat, an XML parsing C library, may result in denial of service or potentially the execution of arbitrary code.
322101dc26693e978fb7c1c772e4722e79ec519d4a8ef492d7c487c1a72f29afFaraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
5914d14057f73cf7e1ed7f7fe9b68343c80b437ca745b991b1d58229942e0d00Apple Security Advisory 2022-10-27-15 - Safari 16.1 addresses code execution, spoofing, and use-after-free vulnerabilities.
7e4afb58dc67e9a414148622643475a8d27c8f60baf2cda25e496eee7f816dfeGentoo Linux Security Advisory 202210-31 - Multiple vulnerabilities have been discovered in OpenEXR, the worst of which could result in arbitrary code execution. Versions less than 3.1.5 are affected.
742933db53305617f957ea035a21cf86bd376a21134fa31149ac0272c00d2cf1Simple Cold Storage Management System version 1.0 suffers from a remote SQL injection vulnerability.
fb5d717ac9eec8802533869820e2477f518070b4c89dbd42ffbacdd6ba37b3e3Train Scheduler App version 1.0 suffers from an insecure direct object reference vulnerability.
35e0aca5c12fde1a197fcd41a91aeee4b905c913ce48905a08acc0913c03bbe7Debian Linux Security Advisory 5265-1 - Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine.
edab69c62383a48d7848a4c6c8e38c4841b36fed01d7622dfb98f1e6bc7d88b4Apple Security Advisory 2022-10-27-14 - Safari 16 addresses buffer overflow, code execution, out of bounds read, and spoofing vulnerabilities.
9e96be57660dbb64494522fb501ab742107a0ac275cc908359b95be12c976690Gentoo Linux Security Advisory 202210-30 - Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in remote code execution. Versions less than 21.1.4 are affected.
1b2dcbaf25f272c2a1ff1faf91f1b1439b88e53e478cb4ed85dff490e21444edIn wolfSSL versions prior to 5.5.1, malicious clients can cause a buffer overflow during a resumed TLS 1.3 handshake. If an attacker resumes a previous TLS session by sending a maliciously crafted Client Hello, followed by another maliciously crafted Client Hello. In total 2 Client Hellos have to be sent. One which pretends to resume a previous session and a second one as a response to a Hello Retry Request message.
dc47311c0e4409688cd698016d1b6ec4010bff4dbccd63241e107b8a91774b58Red Hat Security Advisory 2022-7261-01 - OpenShift API for Data Protection enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes. Issues addressed include a denial of service vulnerability.
c7154b769aa8f770385e0062b01dadddba7912b1c640e1d7b6bb390748f4dccaApple Security Advisory 2022-10-27-13 - watchOS 9 addresses buffer overflow, bypass, code execution, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities.
6428e6976f75f88772e191c66ffeca140c9771776368e32addee2afff5b485b6Gentoo Linux Security Advisory 202210-29 - Multiple vulnerabilities have been discovered in Net-SNMP, the worst of which could result in denial of service. Versions less than 5.9.2 are affected.
7d56d5866d332c28f93f487543c282a7f0d12a991e0ed234055a043d72d0c068This is a custom firmware written for the Proxmark3 device. It extends the currently available firmware.
0fb778f238813b3b6fbf3bf6901a6699c2e38cee7cf8d65dc8ec5951e65cc0eaApple Security Advisory 2022-10-27-12 - watchOS 9.1 addresses code execution, out of bounds write, and spoofing vulnerabilities.
8e4f8e41c6c08442c3414a6d6392bded1a9151dda4734d8e9da1a5270584f100Debian Linux Security Advisory 5264-1 - It was discovered that Apache Batik, a SVG library for Java, allowed attackers to run arbitrary Java code by processing a malicious SVG file.
015824ee43f00ca3cb48b1b2b87d4833bfc2511ec7209daa105b61ccafa723a7Red Hat Security Advisory 2022-7257-01 - A minor version update is now available for Red Hat Camel K that includes CVE fixes in the base images. Details are linked in the References section.
242111e813446c8e1cb457ecdfa006b517061b1761d35cb5a0433587b7c79d80Gentoo Linux Security Advisory 202210-28 - A vulnerability has been discovered in exif which could result in denial of service. Versions less than 0.6.22 are affected.
0fdc5196e897379a7666fc1110f1fda68d0cdebbff4761d8fb622b6284e16f0bGentoo Linux Security Advisory 202210-27 - A vulnerability has been discovered in open-vm-tools which could allow for local privilege escalation. Versions less than 12.1.0 are affected.
ab6cfa3e8463ac3c2bcec1ee105f099a5a51f13505e9c0adeefc386cd174f36eRed Hat Security Advisory 2022-7191-01 - The device-mapper-multipath packages provide tools that use the device-mapper multipath kernel module to manage multipath devices. Issues addressed include a bypass vulnerability.
13099de012b04e0632ce15256132ec7c87db4de40f438c17def2ae26e1f15784Apple Security Advisory 2022-10-27-11 - tvOS 16 addresses buffer overflow, code execution, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities.
63c5867db3906364c96b636cc725186f8a902a06bbf76b96d5290afa0a3aa6ea
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed