Gentoo Linux Security Advisory 202301-9 - A vulnerability has been discovered in protobuf-java which could result in denial of service. Versions less than 3.20.3 are affected.
cc6d14bcef672773530eeb289efb90812d18552fdbb505d47acafcd798c97a92Ubuntu Security Notice 5799-1 - Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code.
ce4998fbf8aa90d0155c6a2ddebcdd951316a5e7ef8f07cd60cd721cb26a6117Debian Linux Security Advisory 5313-1 - It was found that those using java.sql.Statement or java.sql.PreparedStatement in hsqldb, a Java SQL database, to process untrusted input may be vulnerable to a remote code execution attack.
1d7fc878734f084dc8dcd41a06ba4458d483fcff883a09dbd6cb56025fb30b75I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.
83098c1277204c5569284b32b37ef137656b27bfe15ef903eca2da7c269288d1Gentoo Linux Security Advisory 202301-8 - Multiple vulnerabilities have been discovered in Mbed TLS, the worst of which could result in arbitrary code execution. Versions less than 2.28.1 are affected.
aa2e8b7c11eff17581a3f5e6d9bacb5ad34eeb6898cf65272451c69c932c77f2Ubuntu Security Notice 5793-3 - It was discovered that the io_uring subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
de87ce493d82fd0359247a8cad970c787d81d4e8273265a324e13a768ef64e55WordPress Royal Elementor add-ons versions 1.3.59 and below suffer from cross site request forgery, insufficient access control, cross site scripting vulnerabilities.
5d3c94aa12c0662cecfc95164895acace4553b37a6d627727e5abb15210b1abaGentoo Linux Security Advisory 202301-7 - Multiple vulnerabilities have been found in Alpine, the worst of which could result in denial of service. Versions less than 2.25 are affected.
1277152afde2b848ea7b2be8e8d6aac57c4056be5b89d6d625fb8aa0faba50fdUbuntu Security Notice 5793-4 - It was discovered that the io_uring subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
2c32e72ace00f2afbe7c74ffcd43d9f0c6bdd99ce3882f8881790ea8ad77c31ckhugepaged on Linux races with rmap-based zap, races with GUP-fast, and fails to call MMU notifiers.
4a7e3cd6f113b1a612bf06b09dde29c3da416e1312821de9fb2c055f4fb2c180Debian Linux Security Advisory 5312-1 - Several flaws have been discovered in libjettison-java, a collection of StAX parsers and writers for JSON. Specially crafted user input may cause a denial of service via out-of-memory or stack overflow errors.
3daa77d88d206ccc8e01f6d94f0bded06078aee0fd8414f2f8b9dacfa6025445Gentoo Linux Security Advisory 202301-6 - Multiple vulnerabilities have been discovered in liblouis, the worst of which could result in denial of service. Versions less than 3.22.0 are affected.
94a2f2c5be14fe68d686addb64f73eb82170a890a0318c50ee784a71e6901718Red Hat Security Advisory 2023-0058-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an out of bounds write vulnerability.
7b7edf125ae22874d50a3b09b291a372321815970e76983072aa3ecb7d5cc6dbOnline Food Ordering System version 2.0 suffers from a cross site scripting vulnerability.
c31bcc5a60cd27f8119d87b4f144a9eaf9594d3c617109db4929ab93ac2c1beeGentoo Linux Security Advisory 202301-5 - A vulnerability has been discovered in Apache Commons Text which could result in arbitrary code execution. Versions less than 1.10.0 are affected.
db71108f98463292403fd7c6f94877025ceff307cd04b48feff8fc02a418ecb7Ubuntu Security Notice 5791-3 - It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. David Leadbeater discovered that the netfilter IRC protocol tracking implementation in the Linux Kernel incorrectly handled certain message payloads in some situations. A remote attacker could possibly use this to cause a denial of service or bypass firewall filtering.
bea4157756a0d933dd299dae28bd0050fa218f5e44ba4864a54ee5c6b82a4669Ubuntu Security Notice 5798-1 - Johan Gorter discovered that .NET 6 incorrectly processed certain invalid HTTP requests. An attacker could possibly use this issue to cause a denial of service condition for an exposed endpoint.
6f04e95fb87ef0a2799772fb3d4c02ce94894556c53f409d710c5dc07039eaa0Gentoo Linux Security Advisory 202301-4 - A vulnerability has been discovered in jupyter_core which could allow for the execution of code as another user. Versions less than 4.11.2 are affected.
f44323dced467288588371281aca9dc34e93422967c869d6dbd7875281a8ed27Gentoo Linux Security Advisory 202301-3 - A vulnerability was found in scikit-learn which could result in denial of service. Versions less than 1.1.1 are affected.
f252198ad66f9844070d12fc54f7c3877a053d7dcfd4181674f14cb2171c9f19Tiki Wiki CMS Groupware version 25.0 suffers from a cross site scripting vulnerability.
9b64abf86a75127aac800b86c82f3f1dc138c4ad60a01b3fc17f2cbc5edcca03Medisense-Healthcare Solutions CRM version 2.0 suffers from a cross site request forgery vulnerability.
01f668cbe090f4fc42a294a8bc4e25ae5e25e8e14835dab57cbbc94d04815623Red Hat Security Advisory 2023-0059-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include an out of bounds write vulnerability.
ed85617fd0cc5c6e9e86eb55f1e3fd6f037afae3a8b47069a7db300c94ebf0c3Gentoo Linux Security Advisory 202301-2 - Multiple vulnerabilities have been discovered in Twisted, the worst of which could result in denial of service. Versions less than 22.10.0 are affected.
b441ca2c4d874c35f758b6990de03c9569bb1b254025b76eaf5b0699fb0a4fc7ERPGo SaaS CRM version 3.3 suffers from an arbitrary file upload vulnerability.
75550497f441c15436243b166bf836846ad5f220742342f795cbab8cded44902eCart Web version 4.0.0 appears to leave a default administrative account in place post installation.
5f4831484c2a6347bfd3953e993fa0b0c543702e4b64f7aae13418bbf440e002
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed