Debian Linux Security Advisory 5378-1 - Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in privilege escalation, denial of service or information leaks.
534651c98110967ad140bcfa71dd78eb084542164bab7956894a3aeb7d47cca4Ubuntu Security Notice 5972-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. Lukas Bernhard discovered that Thunderbird did not properly manage memory when invalidating JIT code while following an iterator. An attacker could potentially exploits this issue to cause a denial of service.
e5f3cee46373b48c3b21ce235d96b3a6bd98f17beb54b9cc7bfaf5a94b2aa79cRed Hat Security Advisory 2023-1470-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a double free vulnerability.
4ad723cba6491e91a2a35c8a9ceada57da8967f9b77153349a88252436c865c3Suprema BioStar 2 version 2.8.16 suffers from a remote SQL injection vulnerability.
d4430e30903a9db88dc6330e948ac08547e1622d7051cf8fedc3868bf8e104d1Red Hat Security Advisory 2023-1468-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a double free vulnerability.
e275dfe0f2c31f5d1d9d534f99966669124f80ed6af70961e050540aa12a066cWebTareas version 2.4 suffers from a remote blind SQL injection vulnerability. Original discovery of this issue in this version is attributed to Behrad Taher in May of 2022. Related CVE number: CVE-2021-43481.
227f751b494a8526993c807c6a09642bdde18c4570a2c251b1b157fa94d369f3WebTareas version 2.4 suffers from multiple cross site scripting vulnerabilities.
813491c88e8a5846d163a6f81ec121117f5e924631af78f81671e4d9e87dce95WebTareas version 2.4 suffers from a remote shell upload vulnerability.
eda323c318ad8fffa94b89ae2c95e9b9d5f2357f04e724bc7eabff0037f403b2Tftpd32_SE version 4.60 suffers from an unquoted service path vulnerability.
2d5e12d31eba41a615e383db729aae42660b882c8e913326abffc3ed81d412e1Rental House Management System version 1.0 suffers from a cross site scripting vulnerability.
88286aba973c30c4ed728bf0bfbda07be1dff2ad877d862bd44fa5ae1b00f266WPN-XM Serverstack for Windows version 0.8.6 suffers from cross site scripting, local file inclusion, and path traversal vulnerabilities.
ba0708cc5dc30c248dff73fe133d54a07726c0ef4f797720b6548f5184c612f3Fortinet FortiOS, FortiProxy, and FortiSwitchManager version 7.2.1 suffers from a authentication bypass vulnerability.
247c4cd746e2d193aec6a0770d24f595612937237ffa172a1a0806142b367e8aUbuntu Security Notice 5954-2 - USN-5954-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Lukas Bernhard discovered that Firefox did not properly manage memory when invalidating JIT code while following an iterator. An attacker could potentially exploits this issue to cause a denial of service. Rob Wu discovered that Firefox did not properly manage the URLs when following a redirect to a publicly accessible web extension file. An attacker could potentially exploits this to obtain sensitive information. Luan Herrera discovered that Firefox did not properly manage cross-origin iframe when dragging a URL. An attacker could potentially exploit this issue to perform spoofing attacks. Khiem Tran discovered that Firefox did not properly manage one-time permissions granted to a document loaded using a file: URL. An attacker could potentially exploit this issue to use granted one-time permissions on the local files came from different sources.
7ead7bb25c8c04a52256d67d583dcbfffb6725d38ac5236d51297e2bc3a0492aAtom CMS version 2.0 suffers from a remote SQL injection vulnerability. Original discovery of this issue in this version is attributed to Luca Cuzzolin in February of 2022.
560dde230303d063927a07f746c0f31a5c0578ab47d9adf0eb6f18b03bd4f150Red Hat Security Advisory 2023-1467-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a double free vulnerability.
1fdd5166a3ada3ce4990ad2afa71c9cfc4b5e253570c56e345b6a11aa3ce2a49Aero CMS version 0.0.1 remote shell upload exploit. Original discovery of this issue in this version is attributed to D4rkP0w4r in April of 2022.
a35219f9e6755006eaad3eec1f5ef104ed7890f3cc5a3b7b4be0b1043d4dc2beAero CMS version 0.0.1 suffers from multiple remote SQL injection vulnerabilities. Original discovery of this issue in this version is attributed to nu11secur1ty in August of 2022.
f6a9385e6ed885e833628974880b8b656154a8d37009525d195e3963fa66ac50Red Hat Security Advisory 2023-1469-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a double free vulnerability.
3eb0231031eab0bf6af86a0e8aeb60fd590681c5f4fed1b4796b6777c749f2deDesktop Central version 9.1.0 suffers from crlf injection, and server-side request forgery vulnerabilities.
f14d2baec680a12a6729214faa250eefbcdee817cb0b626a416ad3cbd5e5dd59Explorer32++ version 1.3.5.531 suffers from a buffer overflow vulnerability.
f80b4a69256c38987b58c51bee5f679412107e689665abba0114e994ae24cb15Frhed version 1.6.0 suffers from a buffer overflow vulnerability.
959dde62637448d83679582cb44257ab5507ba4fbdb345f1bda8f8a902e1f27cResource Hacker version 3.6.0.92 suffers from a buffer overflow vulnerability.
2e9e7023f2e6aa04cb6e80ed7b36edd27607bd73413af2fdd7b092c6f06c8af4Hex Workshop version 6.7 is vulnerable to denial of service via command line file arguments and control of the Structured Exception Handler (SEH) records.
363b0b81f7768d3d7407928bd222a873f56f1cca3aa221fb8cdab46aae7a0f55Scdbg version 1.0 suffers from a buffer overflow vulnerability that can cause a denial of service condition.
64a8c65f248d645e55c041b0566b60a6dcdb8bcf99a591a68e3ce6cce400fcd7Red Hat Security Advisory 2023-1471-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a double free vulnerability.
718201d2239ee4d34f7b1cf7fb2731744b8233f60c234f34d2ed0ee9b3e530e1
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed