Clinic Queuing System version 1.0 suffers from a remote code execution vulnerability.
23c5d126d6744f4ca5ca7cb92f2a3a88c17df81ab9f24fd93329abb2706e0378Ubuntu Security Notice 6754-2 - USN-6754-1 fixed vulnerabilities in nghttp2. This update provides the corresponding update for Ubuntu 24.04 LTS. It was discovered that nghttp2 incorrectly handled the HTTP/2 implementation. A remote attacker could possibly use this issue to cause nghttp2 to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
a626406c69b2c3819d9892a59563e91ef3909ded6eee46f3085c5cbec0e0e54bUbuntu Security Notice 6765-1 - Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service. Sander Wiebing, Alvise de Faveri Tron, Herbert Bos, and Cristiano Giuffrida discovered that the Linux kernel mitigations for the initial Branch History Injection vulnerability were insufficient for Intel processors. A local attacker could potentially use this to expose sensitive information.
42046ab3e597891b35376f855bb093f99f7b85199aebb9184d7401f3b4fa1f10POMS PHP version 1.0 suffers from remote shell upload and remote SQL injection vulnerabilities.
6fbd9b24154b7a82bd33b970bc8f205aec51838beab9dfdcd8c402c4bc2fe213Kortex version 1.0 suffers from a remote SQL injection vulnerability.
a16f4013115276b1f531688e40762325affcbf56e829fa0b4b9a3e3651bbef0dGentoo Linux Security Advisory 204205-17 - Multiple vulnerabilities have been discovered in glibc, the worst of which could lead to remote code execution. Versions greater than or equal to 2.38-r13 are affected.
59ebb83094c9df05efeed10a6aa6e35b5fda337b12c4951e356174b8c268ab51Gentoo Linux Security Advisory 202405-16 - A vulnerability has been discovered in Apache Commons BCEL, which can lead to remote code execution. Versions greater than or equal to 6.6.0 are affected.
7f322fd49353c7dc30ad72c75bda0f014790e3f0929a1b292d08c8aea0d57b2dGentoo Linux Security Advisory 202405-15 - Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to remote code execution. Versions greater than or equal to 115.8.0:esr are affected.
126f3596099d2881a7490a64663b9d1583ba0463ce17ff35167d48f6edff1d12Gentoo Linux Security Advisory 202405-14 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.13_p20240322 are affected.
e52cc7095705b9bf68b81d946f0ab7823f8ecca2144a152db2d1f8e46744fbdbGentoo Linux Security Advisory 202405-11 - Multiple vulnerabilities have been discovered in MIT krb5, the worst of which could lead to remote code execution. Versions greater than or equal to 1.21.2 are affected.
cbd15bb1c6724a8aa28d838d94be9630722c0b6b8d1f63302b99478ca27bf2e0Gentoo Linux Security Advisory 202405-9 - Multiple vulnerabilities have been found in MediaInfo and MediaInfoLib, the worst of which could allow user-assisted remote code execution. Versions greater than or equal to 23.10 are affected.
235f26fdb30f9ae0586a8fbd14a07d8f45d4d55ce3c56c1eb06b6a3539ddc902Gentoo Linux Security Advisory 202405-8 - Multiple vulnerabilities have been discovered in strongSwan, the worst of which could possibly lead to remote code execution. Versions greater than or equal to 5.9.10 are affected.
252872e18b5fec9db43d123978774d36b127f4f73771b1c8db65f408c79c70f0Gentoo Linux Security Advisory 202405-6 - Multiple vulnerabilities have been discovered in mujs, the worst of which could lead to remote code execution. Versions greater than or equal to 1.3.2 are affected.
e369e4a1ff953c60979f88bb676ed92c8d7f7bb49f2e1bf8db1f036d7b54215fGentoo Linux Security Advisory 202405-2 - Multiple vulnerabilities have been discovered in ImageMagick, the worst of which can lead to remote code execution. Versions greater than or equal to 6.9.13.0 are affected.
673425e9b93e8fa03590f6a6a1e25235933b6eadbbbb7d45d6e66972fb35d73eSOPlanning version 1.52.00 suffers from a remote SQL injection vulnerability in projects.php.
e53b7e681658c99d38155029675c243627ca96d8d11916eba4a766fb4d6a4c69htmlLawed versions 1.2.5 and below proof of concept remote command execution exploit.
f7c13b91b7562803551ff2c81af4d91f8007cf734173bc191c1002abafa0fa8fOnline Tours and Travels Management System version 1.0 suffers from a remote SQL injection vulnerability.
60e4ec4738d6f6a64d63d565ba22b2f196e6175494953c8782b5d9edc6f07301Ubuntu Security Notice 6759-1 - It was discovered that FreeRDP incorrectly handled certain memory operations. If a user were tricked into connecting to a malicious server, a remote attacker could possibly use this issue to cause FreeRDP to crash, resulting in a denial of service.
3a5628139a70311c31214964c15cd8597177950d361357a28e3507256052bf61Ubuntu Security Notice 6733-2 - USN-6733-1 fixed vulnerabilities in GnuTLS. This update provides the corresponding updates for Ubuntu 24.04 LTS. It was discovered that GnuTLS had a timing side-channel when performing certain ECDSA operations. A remote attacker could possibly use this issue to recover sensitive information. It was discovered that GnuTLS incorrectly handled verifying certain PEM bundles. A remote attacker could possibly use this issue to cause GnuTLS to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.10.
ddfa9b53cf55c5c796be4d398f38aed182745e8f5742e95f3b46d0343f9fcb73Ubuntu Security Notice 6718-3 - USN-6718-1 fixed vulnerabilities in curl. This update provides the corresponding updates for Ubuntu 24.04 LTS. Dan Fandrich discovered that curl would incorrectly use the default set of protocols when a parameter option disabled all protocols without adding any, contrary to expectations. This issue only affected Ubuntu 23.10. It was discovered that curl incorrectly handled memory when limiting the amount of headers when HTTP/2 server push is allowed. A remote attacker could possibly use this issue to cause curl to consume resources, leading to a denial of service.
ade4e33456f4d06c99e18ff976f56f75797e1d3f0b86ecd687782229e52eb969Ubuntu Security Notice 6729-3 - USN-6729-1 fixed vulnerabilities in Apache HTTP Server. This update provides the corresponding updates for Ubuntu 24.04 LTS. Orange Tsai discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly use this issue to perform HTTP request splitting attacks. Keran Mu and Jianjun Chen discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly use this issue to perform HTTP request splitting attacks. Bartek Nowotarski discovered that the Apache HTTP Server HTTP/2 module incorrectly handled endless continuation frames. A remote attacker could possibly use this issue to cause the server to consume resources, leading to a denial of service.
64bc41b5243d484a6b2e16655cb72ea9b8aa3a19737b46627dbb01cfa4e8fb4eUbuntu Security Notice 6754-1 - It was discovered that nghttp2 incorrectly handled the HTTP/2 implementation. A remote attacker could possibly use this issue to cause nghttp2 to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that nghttp2 incorrectly handled request cancellation. A remote attacker could possibly use this issue to cause nghttp2 to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
5cf8f575ba3f618cd1a7ba459257c95bf26180fa995bf1e705ddd3bb811a5c3eUbuntu Security Notice 6753-1 - Thomas Neil James Shadwell discovered that CryptoJS was using an insecure cryptographic default configuration. A remote attacker could possibly use this issue to expose sensitive information.
9b59079ffc816463d7133b64a1e0918a00b6e29ba9a8c0f1321f133a3a7f8bb4Ubuntu Security Notice 6751-1 - It was discovered that Zabbix incorrectly handled input data in the discovery and graphs pages. A remote authenticated attacker could possibly use this issue to perform reflected cross-site scripting attacks.
aca65a6b1e51cfb0dd46b906420ebb846f14557c539fa2fa267bbee51159cbedUbuntu Security Notice 6752-1 - It was discovered that FreeRDP incorrectly handled certain memory operations. If a user were tricked into connecting to a malicious server, a remote attacker could possibly use this issue to cause FreeRDP to crash, resulting in a denial of service.
702e8249c383680f94def92bffb7af2a05d557c2c7231374395c96333198b803
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed