Gentoo Linux Security Advisory 202402-33 - A vulnerability has been found in PyYAML which can lead to arbitrary code execution. Versions greater than or equal to 5.4 are affected.
f4d09f96c6fd63bc663c1fcd7759f0ad11b22c55258843d1b93b19d2ffbcb9bcUbuntu Security Notice 6663-1 - As a security improvement, this update prevents OpenSSL from returning an error when detecting wrong padding in PKCS#1 v1.5 RSA, to prevent its use in possible Bleichenbacher timing attacks.
70e2a3a25cb4e59a313bc99a88541c5d7f7f7e5852ffa537238da422d39d2f0dUbuntu Security Notice 6305-2 - USN-6305-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. It was discovered that PHP incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information.
caacfeb4e539a353abe770f6325dbffce7919a619b169957ffad81b1917bb00bUbuntu Security Notice 6662-1 - Yi Yang discovered that the Hotspot component of OpenJDK 21 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. It was discovered that the Hotspot component of OpenJDK 21 did not properly verify bytecode in certain situations. An attacker could possibly use this issue to bypass Java sandbox restrictions.
aaa047aaea8cde67a241170dbe81023fa98342d4dfece4d36d5b5774c741bb8aUbuntu Security Notice 6661-1 - Yi Yang discovered that the Hotspot component of OpenJDK 17 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. It was discovered that the Hotspot component of OpenJDK 17 did not properly verify bytecode in certain situations. An attacker could possibly use this issue to bypass Java sandbox restrictions.
074c45f3f5391055a9a621cd01f94fecea05dd020da0763a507bf083917efb09Hospital Management System version 1.0 suffers from insecure direct object reference and account takeover vulnerabilities.
be19d62054d99ae7a13a56bfe14d696f9386cb9b1076c31c5d2ce818f0bec232Hospital Management System version 1.0 suffers from a persistent cross site scripting vulnerability.
ee80dd4b7307acb7e78dc9fe5a4441a93e60abc361a7fa9ad6121fdf7e97628cHospital Management System version 1.0 suffers from a remote SQL injection vulnerability.
d44a649c2c912867d906854a7f620e0dc403f37dffff37c544bc1619094d5b96Ubuntu Security Notice 6660-1 - Yi Yang discovered that the Hotspot component of OpenJDK 11 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. It was discovered that the Hotspot component of OpenJDK 11 did not properly verify bytecode in certain situations. An attacker could possibly use this issue to bypass Java sandbox restrictions.
aa34f5f90f10131d0c663071adccbab36c202d5d64988d18d500f490c20b7cabUbuntu Security Notice 6659-1 - It was discovered that libde265 could be made to write out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. It was discovered that libde265 could be made to read out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service.
d962c76a1595f5d14d9bd9c4c43a02311f732979462f52580a68633ddd9b343eUbuntu Security Notice 6658-1 - It was discovered that libxml2 incorrectly handled certain XML documents. A remote attacker could possibly use this issue to cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code.
ef37288d1a6aa550f0abd5b82938c289b9e7762e12b39439453f8081d9ac4abdUbuntu Security Notice 6657-1 - Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered that Dnsmasq icorrectly handled validating DNSSEC messages. A remote attacker could possibly use this issue to cause Dnsmasq to consume resources, leading to a denial of service. It was discovered that Dnsmasq incorrectly handled preparing an NSEC3 closest encloser proof. A remote attacker could possibly use this issue to cause Dnsmasq to consume resources, leading to a denial of service.
46f1a09bc8e779b0877ec272386957a7de5ad50e209a3024756ed199c3923006Ubuntu Security Notice 6656-1 - It was discovered that PostgreSQL incorrectly handled dropping privileges when handling REFRESH MATERIALIZED VIEW CONCURRENTLY commands. If a user or automatic system were tricked into running a specially crafted command, a remote attacker could possibly use this issue to execute arbitrary SQL functions.
6797b8612873d00de8c6c855d9749b296bac7e6a4b0d216f58b119fed0c03bc5Executables created with perl2exe versions 30.10C and below suffer from an arbitrary code execution vulnerability.
4cecfc183baf33a9505c1e103e36e7ae9acc23ba7f3fc80294c995ac275e79b0Automatic-Systems SOC FL9600 FastLine version V06 has hardcoded credentials for super admin functionality.
8d39714181692d67f93a9e46f5f0953216b012889a3b7ebbe7fa9cd7bf60bd0dAutomatic-Systems SOC FL9600 FastLine version V06 suffers from a directory traversal vulnerability.
e43491c92de6a6e95e9bcf00c8f526235bfba3e6efc005c1ff1ac8382b3fa1aeRed Hat Security Advisory 2024-0998-03 - Red Hat OpenShift distributed tracing 3.1.0.
143dd5bbabbeba123290273e630b729f781cc27c23c91275c74881fb158d05c8Red Hat Security Advisory 2024-0992-03 - An update for rh-postgresql10-postgresql is now available for Red Hat Software Collections.
d6291af2df11e1db19f24e8b3717ba073eecc78193f560216049e340c1f231d4Red Hat Security Advisory 2024-0990-03 - An update for rh-postgresql12-postgresql is now available for Red Hat Software Collections.
d7e0c3662d4c5cdf8cbd95caaf0b209a2a72cbef6382b66a3c90aa289c3539aeRed Hat Security Advisory 2024-0989-03 - Red Hat Multicluster GlobalHub 1.0.2 General Availability release images, which fix bugs, provide security updates, and update container images. Issues addressed include denial of service and traversal vulnerabilities.
57b42be9db734f2bdd7232f51156229a202389f63103ac56d863571509f2ebfcRed Hat Security Advisory 2024-0988-03 - An update for rh-postgresql13-postgresql is now available for Red Hat Software Collections.
cf1570a55af5e2f79fae721d9d6919a1dfcb85452725c14be5f2f5a70571b435Red Hat Security Advisory 2024-0984-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a spoofing vulnerability.
aab36c295c56be4f5b1f50a8a8a5712c4577ca92e8d094696ab28d1bb66d7ebeRed Hat Security Advisory 2024-0983-03 - An update for firefox is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a spoofing vulnerability.
64cbe461df33b688044b9d9eca14744c446459fb5ef56bdea1146e19fd47a4cdRed Hat Security Advisory 2024-0982-03 - An update for unbound is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.
360fa45a6c8992cebc0239cec8454f4c50d05e55c52f2b3c8e8e5b76580afc16Red Hat Security Advisory 2024-0981-03 - An update for unbound is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
dc1c24b1e7160f01fdd4a22acfae05423534f64860a41bff38ec349fa207e7fd
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed