Ubuntu Security Notice 6681-1 - Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing garbage collection. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service. It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service.
e6207c1377c4c4662d23c4c6808627d6ca7ab8ee47c61e983d303f015693e726FullCourt Enterprise version 8.2 suffers from multiple cross site scripting vulnerabilities.
fb84d6d2742c62baaef0300444804dccd4f9822a3ed05a712c9990f000275ecfDebian Linux Security Advisory 5636-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
45d2b3cd49f8d7b927168d63079c93e103a1882ab4c21a082c2c055ab0617188NDtaskmatic version 1.0 suffers from a remote SQL injection vulnerability.
937864e92a9493aa55230c661e22af5ba23fc573b0d4f507979622c61443310bXingyuan Mo discovered that the netfilter subsystem in the Linux kernel did not properly handle inactive elements in its PIPAPO data structure, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. It was discovered that the IGMP protocol implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Various other issues were also addressed.
bc88723b94872c87e1cb00b2d83a704f36fe21c1a1c29ddd39f56580a64d63b7Ubuntu Security Notice 6680-1 - 黄思聪 discovered that the NFC Controller Interface implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service. It was discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
2d0e95b66ec180b53afc0e7cf46240a83376c5acc340939b8b3af331c9190321GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.
f68f7d75d06cb1635c336d34d844af97436c3f64ea14bcb7c869782f96f44277Red Hat Security Advisory 2024-1203-03 - The components for Red Hat OpenShift for Windows Containers 9.0.1 are now available. This product release includes bug fixes and security updates for the following packages: windows-machine-config-operator and windows-machine-config-operator-bundle. Issues addressed include a privilege escalation vulnerability.
949fbe611112995312a21e905528d00484f0a440915ad36ba225e2cb84799929Red Hat Security Advisory 2024-1197-03 - A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4.
54cd1ab54bea48b840e3a9f936f00209a01bd7b4397d1cee7bc322c327301916Red Hat Security Advisory 2024-1196-03 - A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4.
2130fbf5d26dc7b366b1c67d35c9f3e8d8f200259ffbb0a2f00c34674ea9fcedRed Hat Security Advisory 2024-1195-03 - An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8.4 Advanced Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.
4a62e85d2e9335b31b753b1873c375b17d09631d47a9bc05cabe94644bfe396aRed Hat Security Advisory 2024-1194-03 - An update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section. Issues addressed include denial of service and file overwrite vulnerabilities.
f0f3be7697f2110437482d2e90d3989cdce20b610176d40a1167cfdf5efb89dbRed Hat Security Advisory 2024-1193-03 - An update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section. Issues addressed include denial of service and file overwrite vulnerabilities.
c9b1f836c9835204c0902c4b749dcf83980169a6ff0eee777e4f41d0c535a972Red Hat Security Advisory 2024-1192-03 - An update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section. Issues addressed include denial of service and file overwrite vulnerabilities.
76bf29dfdc10b5c5062b3c58a4fd2c4c95ee9852a84d28daf663ab970252101eRed Hat Security Advisory 2024-1037-03 - Red Hat OpenShift Container Platform release 4.13.36 is now available with updates to packages and images that fix several bugs and add enhancements.
5d7d154d2cc0073a8f42e62a4daf7a9e98a3ad019079deca2a3102a76f5e1909Red Hat Security Advisory 2024-0281-03 - Secondary Scheduler Operator for Red Hat OpenShift 1.2.1 for RHEL 9. Issues addressed include a denial of service vulnerability.
b791946b9e2c4310507ea80578fdf8a1f893d0cd72951ce726f795ae20774ff0GliNet with firmware version 4.x suffers from an authentication bypass vulnerability. Other firmware versions may also be affected.
9e410e03b3bd4618426fd89f2dff470200407bdec2f93eaee59126f9738230f6
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed