Red Hat Security Advisory 2023-5103-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.11.6 images.
ff86c5fcb20d801641ee0a943d716618abfc792dd089f942079ae10795581374Ubuntu Security Notice 6237-3 - USN-6237-1 fixed several vulnerabilities in curl. This update provides the corresponding updates for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. Hiroki Kurosawa discovered that curl incorrectly handled validating certain certificate wildcards. A remote attacker could possibly use this issue to spoof certain website certificates using IDN hosts.
4aab60fd32ca66bfe087d6a307e821248cd1fc2c9b55fb50ae6a43d6c19b5921Red Hat Security Advisory 2023-5061-01 - The dmidecode packages provide utilities for extracting Intel 64 and Intel Itanium hardware information from the system BIOS or Extensible Firmware Interface, depending on the SMBIOS/DMI standard. This information typically includes system manufacturer, model name, serial number, BIOS version, and asset tag, as well as other details, depending on the manufacturer.
c6fa9bebd1ea564914c7b9aac7ff8e44a4f84de722f8284372c4924f30869330Ubuntu Security Notice 6339-3 - It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service. Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
2eb90c30fa41f35eeadbbd911d813105f3e87f3a1db17a27a52b84d78bcc4b2cUbuntu Security Notice 6164-2 - USN-6164-1 fixed several vulnerabilities in c-ares. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Hannes Moesl discovered that c-ares incorrectly handled certain ipv6 addresses. An attacker could use this issue to cause c-ares to crash, resulting in a denial of service, or possibly execute arbitrary code.
008778f8349168613c9ea3309b75435d9c5183c9a80a91bcaab9013c577de116Red Hat Security Advisory 2023-5069-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass, information leakage, and use-after-free vulnerabilities.
d1d2671f8a3af58445d1e0aa04838bed4cb8aa8eca76d4c0771529fae16ba345Red Hat Security Advisory 2023-5091-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include bypass, information leakage, and use-after-free vulnerabilities.
692e3399682d917e015031b7ecbf9074ae894e373dd78e0e924c5ef7cd103383Red Hat Security Advisory 2023-5093-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.
d823b3d002e6c5a51689e4caf4dc36b044651db9819d7381ddde6dfeea7a833eRed Hat Security Advisory 2023-5094-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include a denial of service vulnerability.
60df9c0223db5787425cacba35e8fe74b4c0345dd4da73b94dcd73fbc771f789Red Hat Security Advisory 2023-5068-01 - The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Issues addressed include an information leakage vulnerability.
74ad4385d786e0c9375b6edae01f7d7a827e641dc39ca7336eb434e2315db14aThis Metasploit module exploits a vulnerability found in Online Pizza Ordering System version 1.0. By abusing the admin_class.php file, a malicious user can upload a file to the img/ directory without any authentication, which results in arbitrary code execution. The module has been tested successfully on Ubuntu 22.04.
3002ce5e2a8a96ceb421dddfd1cd12fa3676d726242592bcbe8fb80e7b19715fEquipment Rental Script version 1.0 suffers from a remote SQL injection vulnerability.
0ba0b1672e1ad0be57f6d8f077920536af11fdbfb040d7ce6901297ef47e3d6dKolifa Download CMS version 1.2 suffers from an html injection vulnerability.
72bae8d9dda31c373015f3ffd9dabaaaa4f1ab47e0e017c645caf47ec5f5fac3KALIMATAN GMS version 1.0.0 suffers from a cross site scripting vulnerability.
bd48e4a98638b72cd97b9bc442df28c3737e9b1208d03e5a4a7f58660e0bf243Kylin CMS version 1.3.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
b4173a9d0584f5d972485d9811d251edc9f29afbeb3c549939af1a3e130ed8bfRed Hat Security Advisory 2023-5044-01 - FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files. Issues addressed include a code execution vulnerability.
82e90d2ba0cd6032ed008d6aaa2e8803b85aa597c04e711dfc6f323a0f1b3c4aRed Hat Security Advisory 2023-5049-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include a HTTP response splitting vulnerability.
490143564723795ac422dacb6d921477f19cbb0da7bdbff8d4aa1e7daf599994Red Hat Security Advisory 2023-5046-01 - FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files. Issues addressed include a code execution vulnerability.
dbe2f0dec4150cab698a0c9c3bdc28e71a68d7b1a20a4a7c30418fed2ae13d62Red Hat Security Advisory 2023-5047-01 - FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files. Issues addressed include a code execution vulnerability.
e2f2ed53091300bdf2c481122e5a19d50269984fb955d89edd8c17508ab38868Red Hat Security Advisory 2023-5045-01 - FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files. Issues addressed include a code execution vulnerability.
1a1ba19844967447106c4f7bc6240580c53d6761b857fd2f8b8f506e27d25f15Red Hat Security Advisory 2023-5050-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include a HTTP response splitting vulnerability.
25f8f06b1b4912d1fa14b6d7b756d9ea75ac93234b3c93bde8319db1e520a571Red Hat Security Advisory 2023-5048-01 - FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files. Issues addressed include a code execution vulnerability.
1b365a34b16889359fcc8481b976ae49cc7c6cc9c698ea9b0de82a0cb18aa06fKaledo RD CMS version 1.0 suffers from a remote SQL injection vulnerability.
662ec58ee1a280580701970ced4cea98bc34c24f6edeca3139d4c9b81acded97
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed