Ubuntu Security Notice 6313-1 - It was discovered that FAAD2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. It was discovered that FAAD2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service.
46ccbdda6ac6dd1a7f5445fa68830938eed5d6c1e65d848ccb2e648474c2dffcRed Hat Security Advisory 2023-4835-01 - Red Hat OpenShift support for Windows Containers allows you to deploy Windows container workloads running on Windows Server containers. Issues addressed include a privilege escalation vulnerability.
7d5fb7a904d0639e338b71274e76ed0da2872dc277b1ffefea5a9c601cec7d2fUbuntu Security Notice 6312-1 - It was discovered that the netlink implementation in the Linux kernel did not properly validate policies when parsing attributes in some situations. An attacker could use this to cause a denial of service. Billy Jheng Bing Jhong discovered that the CIFS network file system implementation in the Linux kernel did not properly validate arguments to ioctl in some situations. A local attacker could possibly use this to cause a denial of service.
925705f14a84e7ecb29fa4649188f4da2792b062065b383661c4974e2d714a1fRed Hat Security Advisory 2023-4828-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include an out of bounds write vulnerability.
f9180b54333bfacb5bc7fb29b0a942965ea4bb74ff00da3b297826bbe6590d69Grawlix version 1.5.1 suffers from a cross site scripting vulnerability.
5dd35beba6ac582cc601ed4251101a93d1171a9e46150ab3b18106ee7ac0779cUbuntu Security Notice 6311-1 - William Zhao discovered that the Traffic Control subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service. It was discovered that the NTFS file system implementation in the Linux kernel did not properly check buffer indexes in certain situations, leading to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information.
38951d5b718d49a0351a328ce7f776379eb4fae74bf9110977c3b729f3c0f8acMozilla Firefox only stores up to 1024 HSTS entries. When the limit is reached, Firefox discards entries based on their age and recent visits to the domain in question.
28c30f393cb48239ab9dc658c1aff56b2651862c151910748a85b5596fc5ba67Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software. This is the LTS source code release.
97a192dffe141480b56cabf1063d79a9fc55cd59203241fa41bfc7a98a548020Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs). This is the source code release.
09c1ce74a25fc3b48c81ff146cbd0dd538cbbb8fe4e2964fc2fb2b192f6a1d2bUbuntu Security Notice 6310-1 - It was discovered that json-c incorrectly handled certain JSON files. An attacker could possibly use this issue to cause a crash or execute arbitrary code.
404947ee73899788b15b378503f91f2b5b27f30e6ea8800069775646c884f14bRed Hat Security Advisory 2023-4829-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include an out of bounds write vulnerability.
d7b8a5fc0f52c760510c5f2bcdddbc437421aca0d17e34c611a4424300b7deafGOM Player version 2.3.90.5360 man-in-the-middle proof of concept remote code execution exploit.
f2826517a53fda0ce64b48c45b78c7b264d5e4695963f36c0f2cda3c61797dceUbuntu Security Notice 6309-1 - Zheng Zhang discovered that the device-mapper implementation in the Linux kernel did not properly handle locking during table_clear operations. A local attacker could use this to cause a denial of service. It was discovered that a use-after-free vulnerability existed in the HFS+ file system implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service.
babc60df14f656c3c6f1d4b53c94991c7b510466619a66a6c569c61fa120f99fUbuntu Security Notice 6308-1 - It was discovered that Libqb incorrectly handled certain messages. An attacker could possibly use this issue to cause a crash or execute arbitrary code.
9d167b6378c08787fde14947ac27b9572d30ba52b586ef54e63575129caebd63Red Hat Security Advisory 2023-4834-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include an out of bounds write vulnerability.
fc80fbd7a30d35bef5219d85b3df743124581ac7d334e6c6b09a1d03701682e7Red Hat Security Advisory 2023-4838-01 - The Common UNIX Printing System provides a portable printing layer for Linux, UNIX, and similar operating systems. Issues addressed include an information leakage vulnerability.
de22288d1c9c74b836483469ef82b6911fe723a3e29fc932696d42a222b4ff82Red Hat Security Advisory 2023-4809-01 - The librsvg2 packages provide a Scalable Vector Graphics library based on the libart library.
ef7a88fc0fa7989c6c00f67428fdf8c566429a803bbf2144ccb7f977abc6d0fcImgHosting version 1.2 suffers from a cross site scripting vulnerability.
3e0de4ff80dc516a1abe50185e5807a1e503d782b2cd24457e01031368191dc0imax CMS version 1.0 suffers from a remote SQL injection vulnerability.
52f1d50540b76ffc52c7797e885e6908f2e13e1293503d674321d886a7bee4b7i-Gallery version 3.4 suffers from a database disclosure vulnerability.
4b8a837753cf89aafb9402b3feaaf42295a6b6cdf0c9c587a99043708662b845iBilling CRM version 4.5.0 suffers from add administrator and insecure direct object reference vulnerabilities.
760baebd14cdc30ea709aa4ed257510e4dc9b7a598037e6d629a4edd54e2b4aaHumhub version 1.3.13 suffers from a directory traversal vulnerability.
a273353e5f1cd7fd15cadb49c184f9e3db0f3e65128d11813d0c846dec64278aRed Hat Security Advisory 2023-4817-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include out of bounds access and out of bounds write vulnerabilities.
b4b5d1adc7f4e537181043ae9cba0af938502028acf15f80703bd65c2177dc12Red Hat Security Advisory 2023-4815-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include out of bounds access and out of bounds write vulnerabilities.
22150159ee09a20a4997845b7ab0a4d00dac6b3acdf37cb421ad3f6f44c0c336Red Hat Security Advisory 2023-4814-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include null pointer, out of bounds write, and use-after-free vulnerabilities.
8c5ac94c6537d23ca9834883b4b960ad9b55d066cc97d33f79eed6c4cff6d24b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed