Debian Linux Security Advisory 5621-1 - Several vulnerabilities were discovered in BIND, a DNS server implementation, which may result in denial of service.
c8c07e1985655854dd15f5e76e52c42de91372742f9064ab63788fb3a08e6280Statamic CMS versions prior to 4.46.0 and 3.4.17 suffer from multiple persistent cross site scripting vulnerabilities.
4c644d027d53cfba4c907e383ad879b026a3cfe941cbb9d3addd3ec2ec8ade1aAdapt CMS version 3.0.3 suffers from persistent cross site scripting and remote shell upload vulnerabilities.
ec4109d350da52c327fa8e68529d724cdbaf75ad4605a394f2c19b7289932d0aDebian Linux Security Advisory 5620-1 - Two vulnerabilities were discovered in unbound, a validating, recursive, caching DNS resolver. Specially crafted DNSSEC answers could lead unbound down a very CPU intensive and time costly DNSSEC (CVE-2023-50387) or NSEC3 hash (CVE-2023-50868) validation path, resulting in denial of service.
2128e1a0af0c67ffe2e1ffb50d3a9242efd9702a50aab4893ca90d85956fa4c9Varying revisions of OX App Suite version 7.10.6 suffer from cross site scripting and resource consumption vulnerabilities.
32ea285b9f1d95b8d51ee4996b126ef6f484d7f18c109b4ccf06178533953e56Ubuntu Security Notice 6608-2 - It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could cause a denial of service or possibly expose sensitive information. Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did not properly handle inactive elements in its PIPAPO data structure, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
a36fb866376042d55edb7600c47b39b6eea427e345f42f8acac97c6298960e3bUbuntu Security Notice 6626-2 - Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel when handling sessions operations. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service.
f604bb78b46c5c78f8d5c3eebf5d47fd8329d33d9d972d5425768f75ed48b1e8Ubuntu Security Notice 6629-2 - USN-6629-1 fixed vulnerabilities in UltraJSON. This update provides the corresponding updates for Ubuntu 20.04 LTS. It was discovered that UltraJSON incorrectly handled certain input with a large amount of indentation. An attacker could possibly use this issue to crash the program, resulting in a denial of service. Jake Miller discovered that UltraJSON incorrectly decoded certain characters. An attacker could possibly use this issue to cause key confusion and overwrite values in dictionaries. It was discovered that UltraJSON incorrectly handled an error when reallocating a buffer for string decoding. An attacker could possibly use this issue to corrupt memory.
ec6ddcf81a1c32520be536e38ebdd283e58f5386914c40a18c8dc5490e39e31aThe Google Passkey Manager on Android appears to have inconsistent messaging for deletion of data along with other varying issues that lead us to believe it's not ready for prime time.
71ba8e2e5aa435ade4ea33b5a81739d52d8bb150b921a598410d86d24ec2fe85Ubuntu Security Notice 6629-1 - It was discovered that UltraJSON incorrectly handled certain input with a large amount of indentation. An attacker could possibly use this issue to crash the program, resulting in a denial of service. Jake Miller discovered that UltraJSON incorrectly decoded certain characters. An attacker could possibly use this issue to cause key confusion and overwrite values in dictionaries. It was discovered that UltraJSON incorrectly handled an error when reallocating a buffer for string decoding. An attacker could possibly use this issue to corrupt memory.
d35aa970db759e585e1e8439b5af8a9496efa3c84d58b5fde339a617a0f22a82Red Hat Security Advisory 2024-0814-03 - An update for.NET 6.0 is now available for Red Hat Enterprise Linux 7. Issues addressed include a denial of service vulnerability.
f7726a7e9fa3ce18e812254eaff26348f43d49b08c687f1470d61cc3039e5f33Red Hat Security Advisory 2024-0811-03 - A security update for sudo is now available for Red Hat Enterprise Linux 8 and 9.
ec654651e87f4035f0e979f75bb2c09b6ba9a802f8461aa3b2a55b7083d3c55dRed Hat Security Advisory 2024-0808-03 - An update for dotnet6.0 is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.
c218a88c1eda75425f3125b205268e6e120fdf62be9f6fec3a628ddfe67fe889Red Hat Security Advisory 2024-0807-03 - An update for dotnet6.0 is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.
ed7bb87d790832c6f784dad2dfa10a57ce547ad273dea51b09e40444e56f986eRed Hat Security Advisory 2024-0806-03 - An update for dotnet7.0 is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.
c2ba7910b1f40c7b6618c20c8f0e221deebcc0cf117aee7b520a84af835fac7cRed Hat Security Advisory 2024-0805-03 - An update for dotnet7.0 is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.
d13898615934ed377dea3075fb089078403473f5c1571ee69459bfb4a9298becRed Hat Security Advisory 2024-0804-03 - A security update is now available for Red Hat Single Sign-On 7.6 from the Customer Portal. Issues addressed include bypass, cross site scripting, and open redirection vulnerabilities.
564a48e4431fbefc588e48ec21b02ef90020cba647a5856cc049e6eaffe55f93Red Hat Security Advisory 2024-0801-03 - A new image is available for Red Hat Single Sign-On 7.6.7, running on OpenShift Container Platform 3.10 and 3.11, and 4.3. Issues addressed include bypass, cross site scripting, and open redirection vulnerabilities.
f4de2f8c21c906aa0e154dc078fce9ebd9bc591c74ed56eeae78549fc28a2c4aRed Hat Security Advisory 2024-0800-03 - New Red Hat Single Sign-On 7.6.7 packages are now available for Red Hat Enterprise Linux 9. Issues addressed include bypass, cross site scripting, and open redirection vulnerabilities.
509c15998fb1ddd81de9964b56a98cca662d20930ea27690893ef78d61a8b668Red Hat Security Advisory 2024-0799-03 - New Red Hat Single Sign-On 7.6.7 packages are now available for Red Hat Enterprise Linux 8. Issues addressed include bypass, cross site scripting, and open redirection vulnerabilities.
278dd82a32febe57762166362c3feb2930b7b18159125a9766e572881b90e3fdRed Hat Security Advisory 2024-0798-03 - New Red Hat Single Sign-On 7.6.7 packages are now available for Red Hat Enterprise Linux 7. Issues addressed include bypass, cross site scripting, and open redirection vulnerabilities.
fcc71df89c8888e0fb7d60306de3c8bd51a8bacb60b7e0f93dd1ffd8df978219Red Hat Security Advisory 2024-0741-03 - Red Hat OpenShift Container Platform release 4.13.33 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include denial of service and traversal vulnerabilities.
a25dcd8597bc97c0d9a6a575fa86ff2b47f84f4ba79f027791772d1e54c93111Red Hat Security Advisory 2024-0740-03 - Red Hat OpenShift Container Platform release 4.13.33 is now available with updates to packages and images that fix several bugs. Issues addressed include denial of service and traversal vulnerabilities.
24ae07b28a863dccc1a820f1d7713f53fa4af2d8af04efd8cc127c4030a55095Red Hat Security Advisory 2024-0735-03 - Red Hat OpenShift Container Platform release 4.14.12 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include denial of service and traversal vulnerabilities.
bf099402f5c393b56a881a226a1bd12ac7ad3d8116082adeeb2aeefd848d9fdfUbuntu Security Notice 6634-1 - Brennan Conroy discovered that .NET with SignalR did not properly handle malicious clients. An attacker could possibly use this issue to cause a denial of service. Bahaa Naamneh discovered that .NET with OpenSSL support did not properly parse X509 certificates. An attacker could possibly use this issue to cause a denial of service.
de10672913c1c439d6731061defe8ff1f177c00fb56026d2b2e18bbcd3e60f15
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed