Midnight Commander version 4.8.29-146-g299d9a2fb suffers from a null pointer vulnerability.
7704da75c33ce4d3a881ee529ffcb8375379985bea5336613aea356c66252e9blibglvnd version bb06db5a suffers from buffer overflow and null pointer vulnerabilities.
50e1b3717c6284bcd2406f2015f51c6e14858d67d56d68e68d8992a55fe55b50gtk version 824e9833 suffers from a null pointer vulnerability.
017fec6407983b5deabc8d7a2634de94b4f90b2932e5ffae8929e60580a14d23Mesa version 23.0.4 suffers from buffer overflow and null pointer vulnerabilities.
7051b3fc2398afac61bd7f1281c9a3ed1add60651b7b124db50f978ef2f6df85vim version 9.0 suffers from denial of service and null pointer vulnerabilities.
d17276ee3bea6209056a77902e523072783d903b12e008696206811cee6064a3Xfig version 3.2.8 suffers from a null pointer vulnerability.
0a1ee7d8ce4527356134c90455e553a99f3986ed54963ebad4078496f89587c5Mesa version 23.0.4 suffers from a buffer overflow vulnerability.
d7e6a08e6fb48262955ef5485faed285936f79a63446702b02f95917aed2a726ncurses version 6.4-20230610 suffers from a null pointer vulnerability.
a52d48d416bba9a0b0716b3f652599acb48097f4d94944d5efb90615ed90445dMesa version 23.0.4 suffers from a null pointer vulnerability.
31c4820cc14c35a3e2ab60624d179073cdd747327262369a75c9557c1bbb0afcXedit version 1.2.3 suffers from denial of service and null pointer vulnerabilities.
60bb9b6ee2b8366b74a14e76de1192144bce5dea55039695f8a9244334037f57Apple Security Advisory 01-22-2024-3 - iOS 16.7.5 and iPadOS 16.7.5 addresses code execution vulnerabilities.
f808342c47a19d49aca6649451e4d052f6ea01681c6945bc9ba9ef843c24277bApple Security Advisory 01-22-2024-2 - iOS 17.3 and iPadOS 17.3 addresses bypass and code execution vulnerabilities.
b07df46bbc49dc6256540afff75e6f47490aa51c8b41ac11c19d287b535dbba9Vinchin Backup and Recovery versions 7.2 and below suffer from a command injection vulnerability in SystemHandler.class.php.
dc8db7a93b49f089a2c51bccac868cf579a7563c72b570b389665c44bbc72c33Vinchin Backup and Recovery version 7.2 has been identified as being configured with default root credentials, posing a significant security vulnerability.
143e6238373ef81a5ff8ac20adcd938850570b964ce2524cbda8409d063c34f6A critical security issue has been discovered in Vinchin Backup and Recovery version 7.2. The software has been found to use default MYSQL credentials, which could lead to significant security risks.
5cbb4901365c8c32a2383f8e2b3f381029f1d5fc24795a4103af00a458e5220bVinchin Backup and Recovery versions 7.2 and below suffer from a command injection vulnerability in the syncNtpTime function.
0242c4e4a374f9777179ac019e4dd5586b14c724b7f3ef5b41b8ad3c320ff6b3Apple Security Advisory 01-22-2024-1 - Safari 17.3 addresses code execution vulnerabilities.
4fc580eabecac6cc0941c7dbb31dc0c9e9e26517ffed4f28575f33cf4039f0faCloudLinux CageFS versions 7.0.8-2 and below insufficiently restrict file paths supplied to the sendmail proxy command. This allows local users to read and write arbitrary files of certain file formats outside the CageFS environment.
7cfae83fd5939609459b8ed98a7edecfd614eb3c5cd3373d9da412bc106b20d1CloudLinux CageFS versions 7.1.1-1 and below pass the authentication token as a command line argument. In some configurations this allows local users to view the authentication token via the process list and gain code execution as another user.
437f367ac50c53712ae264b28731e8929e461079e8ff05355b97f16fb6c32a55This Metasploit module exploits an SSTI injection in Atlassian Confluence servers. A specially crafted HTTP request uses the injection to evaluate an OGNL expression resulting in OS command execution. Versions 8.5.0 through 8.5.3 and 8.0 to 8.4 are known to be vulnerable.
39194aa16a97418685a42e7cf82542a18f6236bb69aa758c9c1945fa2ea34f1eVinchin Backup and Recovery versions 7.2 and below suffer from a command injection vulnerability in the setNetworkCardInfo function.
2407896a2dd181668f83b4a0636bae9fcbdf6fe55fccd57e7c2642e04f270ff5Ubuntu Security Notice 6609-1 - Lin Ma discovered that the netfilter subsystem in the Linux kernel did not properly validate network family support while creating a new netfilter table. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could cause a denial of service or possibly expose sensitive information.
7817da0f85320897d02f798d322e3d70452b6ca00073b6296b4b4ddb3c2ca762Ubuntu Security Notice 6608-1 - It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could cause a denial of service or possibly expose sensitive information. Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did not properly handle inactive elements in its PIPAPO data structure, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
53d012190f358505aba80f3efda1bdc41b32100cecfe3ea36a9fb9da7a26ed55Ubuntu Security Notice 6607-1 - It was discovered that the SMB network file sharing protocol implementation in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Lin Ma discovered that the netfilter subsystem in the Linux kernel did not properly validate network family support while creating a new netfilter table. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
129bf8e03fcff7ad53aea0dbb1617e402b728e93911e0d73e3c75fb0e9b25fd1YahooPOPs version 1.6 remote denial of service exploit.
449e12767e831eece79a8fae26beee6a73b9b0d9dc6530b98922775af27df060
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed