Ubuntu Security Notice 5347-1 - It was discovered that OpenVPN incorrectly handled certain configurations with multiple authentication plugins. A remote attacker could possibly use this issue to bypass authentication using incomplete credentials.
3ee944e2fc7c9844df36241348419e7a7f2d5bf154be7f89e992b63a4c2a020eRed Hat Security Advisory 2022-0992-01 - Twisted is a networking engine written in Python, supporting numerous protocols. It contains a web server, numerous chat clients, chat servers, mail servers and more. Issues addressed include a denial of service vulnerability.
79a19c3cbf15f775863e451c8f8686dcdb3e9de3fe286f70b8ac87b5062b8b31Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.
b60364a4c0068a10811ab3fd075ca6c1eb0e75d44600271b88a20ed93a2ef631Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not properly restrict access to the cgroups v1 release_agent feature. A local attacker could use this to gain administrative privileges. Nick Gregory discovered that the Linux kernel incorrectly handled network offload functionality. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
2192c199581e31d17ad1f82ccb72319fb36da887cc27a4431990dced1f3967d7Red Hat Security Advisory 2022-0995-01 - An update for openstack-tripleo-heat-templates is now available for Red Hat OpenStack Platform 16.2 (Train). A data leak issue has been addressed.
9fe874e55fe050e0ce2eb6bcdcb4a6cbcffea219d765cc0dc420fc49db13efecUbuntu Security Notice 5346-1 - It was discovered that the ICMPv6 implementation in the Linux kernel did not properly deallocate memory in certain situations. A remote attacker could possibly use this to cause a denial of service.
a48b0e4250ecc79c0235657365ca5321d3e07c034d1cab4da7ddbff61939df73Red Hat Security Advisory 2022-0996-01 - OpenStack Networking is a virtual network service for OpenStack. Just as OpenStack Compute provides an API to dynamically request and configure virtual servers, OpenStack Networking provides an API to dynamically request and configure virtual networks. These networks connect 'interfaces' from other OpenStack services. The OpenStack Networking API supports extensions to provide advanced network capabilities. Issues addressed include a memory leak vulnerability.
b3d962e53260c625a6241832d74144cead5bf93bfd9a20305e7f2347746bf931Red Hat Security Advisory 2022-0999-01 - OpenStack Compute is open source software designed to provision and manage large networks of virtual machines,creating a redundant and scalable cloud computing platform. It gives you the software, control panels, and APIs required to orchestrate a cloud, including running instances, managing networks, and controlling access through users and projects.OpenStack Compute strives to be both hardware and hypervisor agnostic, currently supporting a variety of standard hardware configurations and seven major hypervisors. Issues addressed include an open redirection vulnerability.
28779d3e50dbd7213d9f1459f5541bdd16267995b0e63c216606c8a9cbe17defEvent Management System version 1.0 suffers from a remote shell upload vulnerability.
d29d273732819885b424497e3b63f2a9de904b0f6dec9747251cdc6b6074a7afMicrofinance Management System version 1.0 suffers from a remote blind SQL injection vulnerability that can be used to escalate privileges and execute code.
4fe771253957bc9da8bf9d6f354bd85b68d2b3caf66a57e6f2dcca042cc36d78Red Hat Security Advisory 2022-1039-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include privilege escalation and traversal vulnerabilities.
a3aa6dabb32b90d59c78082f139db0780896fec7f29703a5c21de22ea3a9a54aUbuntu Security Notice 5345-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass security restrictions, obtain sensitive information, cause undefined behaviour, spoof the browser UI, or execute arbitrary code. It was discovered that extensions of a particular type could auto-update themselves and bypass the prompt that requests permissions. If a user were tricked into installing a specially crafted extension, an attacker could potentially exploit this to bypass security restrictions.
158e67eea2f1566d437c34e7e51105fbd18e6d48a7076eb1db7f2932c00300c5Sports Complex Booking System version 1.0 suffers from a remote blind SQL injection vulnerability that can be used to escalate privileges and execute code.
a8cb19d10a1f7b7c0a2498ba042893133e48b8c8396e0f136ecbf2cac615ec6eRed Hat Security Advisory 2022-1040-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include privilege escalation and traversal vulnerabilities.
8585975b6b8703271e6071314b4fb1c73d4b84f1a0f532c60be866e36b89a090Red Hat Security Advisory 2022-1041-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include privilege escalation and traversal vulnerabilities.
6445fba90799b01b872171494589c69dffa5557ff9ffa53f46f79a6cee9831a2Trend Micro Virtual Mobile Infrastructure version 6.0.1278 suffers from a denial of service vulnerability.
3b00f21e7929d1458139e444a2f23ea35c0669abaa488505d6edbbfed139131dRed Hat Security Advisory 2022-1042-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include privilege escalation and traversal vulnerabilities.
5265a1937f32a43b20d3f66c08e5c5c57fd157ff3cf351d7f38e42467527af1aFoxit PDF Editor (iOS) version 11.3.1 suffers from an arbitrary file upload vulnerability.
eee6585def5e7c7d4e32865c6af95620ceb8365f388cac02687c0e833289acfaRed Hat Security Advisory 2022-0993-01 - An update for python-oslo-utils is now available for Red Hat OpenStack Platform 16.2 (Train). A password masking issue has been addressed.
73b222483929a1b567341acd7a38848b81b9d3e846ed4ffae140ef8a250be3caSports Complex Booking System version 1.0 suffers from a remote shell upload vulnerability.
6b6e16ae3e626d94c06305d8b0563b09389a334fb41a994beb29c510874c6b2dRed Hat Security Advisory 2022-0997-01 - An update for golang-qpid-apache is now available for Red Hat OpenStack Platform 16.2 (Train).
c5e65941dc3cd35001cc56db522dce7751f4f7219eb9839b70edd04e9e2b7fc5Red Hat Security Advisory 2022-1000-01 - A fast multidimensional array facility for Python. Issues addressed include a buffer overflow vulnerability.
76aa73135456b18c518d7251996c8c9ca909eae28e4bf2fe48da0e967d9c5497Red Hat Security Advisory 2022-0998-01 - An update for golang-github-vbatts-tar-split is now available for Red Hat OpenStack Platform 16.2 (Train).
3b69cb9b3533df3e7568f3882c7632a98f376ed7157fb20e9213fd120ca6c99fOnline Sports Complex Booking System version 1.0 suffers from a remote blind SQL injection vulnerability.
50854eb8792e73913f0d0793afa007df0993cd73ec2fea6ff41d6269463d3db2Online Sports Complex Booking System version 1.0 suffers from an account takeover vulnerability due to missing authorization controls.
a18fa028a2df9ed56cfc98dd85b49189c95b2eecbf3fc80170c5430f78db9060
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed