Ubuntu Security Notice 6508-1 - It was discovered that poppler incorrectly handled certain malformed PDF files. If a user or an automated system were tricked into opening a specially crafted PDF file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. It was discovered that poppler incorrectly handled certain malformed PDF files. If a user or an automated system were tricked into opening a specially crafted PDF file, a remote attacker could possibly use this issue to cause a denial of service.
0a5780d370acd693467a216eb7a49184eb45dde07e93b2febeeb6b2de1efb474Ubuntu Security Notice 6509-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. It was discovered that Firefox did not properly manage memory when images were created on the canvas element. An attacker could potentially exploit this issue to obtain sensitive information.
b829fdf51cf2a37d15b78f3f6807c30a0b585c7fbda044f4d27c269eebcb3308CSZ CMS version 1.3.0 suffers from a remote shell upload vulnerability.
b8f0f3c59686781c297f072ed9c3ca2896c1c6ea8f3916447a7e73c9086eb19aGentoo Linux Security Advisory 202311-3 - Multiple vulnerabilities have been discovered in SQLite, the worst of which may lead to code execution. Versions greater than or equal to 3.42.0 are affected.
1c78773ee054ae93bfcd3b4e97d0857dff73e53681e6d7e0a540acff2c260724The Nullcon Berlin 2024 Call For Papers is open. It will take place March 14th through the 15th, 2024 in Berlin, Germany. Training courses are March 11th through the 13th.
9d898d2e9216636ff0ee2829f5372248546c6aacbe8d6ffd65fd875822b51870Red Hat Security Advisory 2023-7488-01 - A security update is now available for Red Hat Single Sign-On 7.6 from the Customer Portal. Issues addressed include a denial of service vulnerability.
8e61b0cadfc87c80df4b1b4445674a0c846df7d2553836487807a6e159de978aRed Hat Security Advisory 2023-7486-01 - A new image is available for Red Hat Single Sign-On 7.6.6, running on OpenShift Container Platform 3.10 and 3.11, and 4.3. Issues addressed include a denial of service vulnerability.
5752fce366651e5855a1f5b66e788aed627bb6d0427350a429c470005e6f3a18Debian Linux Security Advisory 5561-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information leaks or clickjacking.
6601acc60747d10ac14a92a45b7963ac8980a3a2ad51592be357beecdf48cf9aUbuntu Security Notice 6507-1 - It was discovered that GlusterFS incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause GlusterFS to crash, resulting in a denial of service.
fba8ba7315ef2a833029272a8516db9bd4a63304cb532fa82940bf18f618d4e3Red Hat Security Advisory 2023-7484-01 - New Red Hat Single Sign-On 7.6.6 packages are now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.
55e5436ba9f1d21c4ee13268e526a399527e2b88ec5d7aedd52fdf727f919131Red Hat Security Advisory 2023-7483-01 - New Red Hat Single Sign-On 7.6.6 packages are now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.
5589dc30533b96616d0fe3e877721fbdc51d5be495f50e1feaa20eb01583cee3Red Hat Security Advisory 2023-7482-01 - New Red Hat Single Sign-On 7.6.6 packages are now available for Red Hat Enterprise Linux 7. Issues addressed include a denial of service vulnerability.
e175e4a61d677a676f1e11334cd7627a7b41c5c1ab9bb886105dda69b1cd3048Red Hat Security Advisory 2023-7467-01 - An update for samba is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.
5e70af2312295b1b0ca486b20e09ebe94e6f89064e7c4c3770f0bdec3ad9fadfRed Hat Security Advisory 2023-7465-01 - An update for squid is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.
5dd80d3d5e680c6c94d1c016ee7bf8a14fcaa027b6e8ce0b89ed589131891e96Red Hat Security Advisory 2023-7464-01 - An update for samba is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a denial of service vulnerability.
a0770b85c2510927a2e9af35426ec77edecaa48a7db9d7a3236b379c6521feb2Ubuntu Security Notice 6506-1 - David Shoon discovered that the Apache HTTP Server mod_macro module incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. Prof. Sven Dietrich, Isa Jafarov, Prof. Heejo Lee, and Choongin Lee discovered that the Apache HTTP Server incorrectly handled certain HTTP/2 connections. A remote attacker could possibly use this issue to cause the server to consume resources, leading to a denial of service. This issue only affected Ubuntu 23.04, and Ubuntu 23.10.
8a919d1a4d307c69872670d645ac6969f558a3c26282d75583807e9eb42825c5Ubuntu Security Notice 6505-1 - It was discovered that nghttp2 incorrectly handled request cancellation. A remote attacker could possibly use this issue to cause nghttp2 to consume resources, leading to a denial of service.
03d107d2cf8ab399de40a112a24a0819d324fa4dda506f874f6f670d8e52d1fcUbuntu Security Notice 6504-1 - It was discovered that tracker-miners incorrectly handled sandboxing. If a second security issue was discovered in tracker-miners, an attacker could possibly use this issue in combination with it to escape the sandbox.
3b3d9faa327fabcfd7513e72be00f3390d2ce22460ac02fed2b03cf2e2ed14fdUbuntu Security Notice 6503-1 - Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service. Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service or possibly execute arbitrary code.
f49422348439f73d6b38b42749f79884cebe5eadebb4f303ea755ef60d55b31dUbuntu Security Notice 6502-1 - Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code. Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service.
8b281c71f5499aa0d9babf8be280fa9bfb686118750a8a2f47909b213297ce1dWordPress UserPro plugin versions 5.1.1 and below suffer from an insecure password reset mechanism, information disclosure, and authentication bypass vulnerabilities. Versions 5.1.4 and below suffer from privilege escalation and shortcode execution vulnerabilities.
bfb7306b803b1acac19078db2972f3aa4724b44e3c44892d41946574771b0edaUbuntu Security Notice 6501-1 - It was discovered that RabbitMQ incorrectly handled certain HTTP requests. An attacker could possibly use this issue to cause a denial of service.
2d3249c3745b8f65d72b1d274eb24d24152b2af6f363f93db9cc96d2f62e1dcbUbuntu Security Notice 6497-1 - Maxim Levitsky discovered that the KVM nested virtualization implementation for AMD processors in the Linux kernel did not properly handle x2AVIC MSRs. An attacker in a guest VM could use this to cause a denial of service. Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly handle queue initialization failures in certain situations, leading to a use-after-free vulnerability. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code.
1cc01b285543877683c581f44bf9007094b8fb6f7d0a6dae46f3076858904e22Ubuntu Security Notice 6496-1 - Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code. Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service.
fdc60d8e003a09f361ff5ac07a415ab8ebfa403348d5e5c0f06215ad1ca095ceUbuntu Security Notice 6495-1 - Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service. Manfred Rudigier discovered that the Intel PCI-Express Gigabit Ethernet driver in the Linux kernel did not properly validate received frames that are larger than the set MTU size, leading to a buffer overflow vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code.
0038b4a53931aed559aad4f7b7dc878297fdaf2901ec90a9d676eb3e2302139e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed