The Microsoft PlayReady toolkit assists with fake client device identity generation, acquisition of license and content keys for encrypted content, and much more. It demonstrates weak content protection in the environment of CANAL+. The proof of concept exploit 3 year old vulnerabilities in CANAL+ STB devices, which make it possible to gain code execution access to target STB devices over an IP network.
79dab3a7323f19a26d78f497deb3ea0052f2376b984ec830648a755230a60801Gentoo Linux Security Advisory 202405-15 - Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to remote code execution. Versions greater than or equal to 115.8.0:esr are affected.
126f3596099d2881a7490a64663b9d1583ba0463ce17ff35167d48f6edff1d12Gentoo Linux Security Advisory 202405-14 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.13_p20240322 are affected.
e52cc7095705b9bf68b81d946f0ab7823f8ecca2144a152db2d1f8e46744fbdbGentoo Linux Security Advisory 202405-12 - Multiple vulnerabilities have been discovered in Pillow, the worst of which can lead to arbitrary code execution. Versions greater than or equal to 10.2.0 are affected.
3383dd664c509ffd1c2c81e6191f3909def9ad15643115326144b65d82a168fdGentoo Linux Security Advisory 202405-11 - Multiple vulnerabilities have been discovered in MIT krb5, the worst of which could lead to remote code execution. Versions greater than or equal to 1.21.2 are affected.
cbd15bb1c6724a8aa28d838d94be9630722c0b6b8d1f63302b99478ca27bf2e0Gentoo Linux Security Advisory 202405-9 - Multiple vulnerabilities have been found in MediaInfo and MediaInfoLib, the worst of which could allow user-assisted remote code execution. Versions greater than or equal to 23.10 are affected.
235f26fdb30f9ae0586a8fbd14a07d8f45d4d55ce3c56c1eb06b6a3539ddc902Gentoo Linux Security Advisory 202405-8 - Multiple vulnerabilities have been discovered in strongSwan, the worst of which could possibly lead to remote code execution. Versions greater than or equal to 5.9.10 are affected.
252872e18b5fec9db43d123978774d36b127f4f73771b1c8db65f408c79c70f0Gentoo Linux Security Advisory 202405-7 - Multiple vulnerabilities have been discovered in HTMLDOC, the worst of which can lead to arbitrary code execution. Versions greater than or equal to 1.9.16 are affected.
43d80d2162c8fb931d320c17646d39e44e961690adb988834e99522b95e8e9a8Gentoo Linux Security Advisory 202405-6 - Multiple vulnerabilities have been discovered in mujs, the worst of which could lead to remote code execution. Versions greater than or equal to 1.3.2 are affected.
e369e4a1ff953c60979f88bb676ed92c8d7f7bb49f2e1bf8db1f036d7b54215fGentoo Linux Security Advisory 202405-5 - Multiple vulnerabilities have been discovered in MPlayer, the worst of which can lead to arbitrary code execution. Versions greater than or equal to 1.5 are affected.
730b8bda311492b7f6be03d831541466c42d2d7e1de0883012b34d84fda0f159Debian Linux Security Advisory 5679-1 - Several vulnerabilities were discovered in less, a file pager, which may result in the execution of arbitrary commands if a file with a specially crafted file name is processed.
1adb47345cdc4219b61c72f0d20b12f740386e08a0db134cff55f7ad9414852dDebian Linux Security Advisory 5678-1 - Several vulnerabilities were discovered in nscd, the Name Service Cache Daemon in the GNU C library which may lead to denial of service or the execution of arbitrary code.
297509b9e9505ae43d9b8da2d17a336f519a9c836b23ccaa5b3aec4c16403301Debian Linux Security Advisory 5677-1 - Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may result in information disclosure, denial of service or the execution of arbitrary code.
86604f92379ed2d3ce35ce272c376c61fa6148a0285472100b79b85bb4f1f07fGentoo Linux Security Advisory 202405-4 - Multiple vulnerabilities have been discovered in systemd, the worst of which can lead to a denial of service. Versions greater than or equal to 252.4 are affected.
00cf88b8047c0e19943460bac6ba38d15865ca9ed55c83a87d21582440231967Gentoo Linux Security Advisory 202405-2 - Multiple vulnerabilities have been discovered in ImageMagick, the worst of which can lead to remote code execution. Versions greater than or equal to 6.9.13.0 are affected.
673425e9b93e8fa03590f6a6a1e25235933b6eadbbbb7d45d6e66972fb35d73eGentoo Linux Security Advisory 202405-1 - Multiple vulnerabilities have been discovered in Python and PyPy3, the worst of which can lead to privilege escalation. Versions greater than or equal to 3.10.14:3.10 are affected.
6e25bc5c65df63d8a01e63b802487986b9e6cedfc10b8dea10de68a2cc7d298eRed Hat Security Advisory 2024-2697-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Issues addressed include privilege escalation and use-after-free vulnerabilities.
28cf427d0beac33407994538d777095eed775c545fae88ea7c679c6980fbd9d3Ubuntu Security Notice 6757-2 - USN-6757-1 fixed vulnerabilities in PHP. Unfortunately these fixes were incomplete for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.10. This update fixes the problem. It was discovered that PHP incorrectly handled PHP_CLI_SERVER_WORKERS variable. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS.
9657a689d1e137641b5539b1d18e172041c6d3cba27fdc722c254145353f09b5Ubuntu Security Notice 6747-2 - USN-6747-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Bartek Nowotarski discovered that Firefox did not properly limit HTTP/2 CONTINUATION frames. An attacker could potentially exploit this issue to cause a denial of service. Gary Kwong discovered that Firefox did not properly manage memory when running garbage collection during realm initialization. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. Lukas Bernhard discovered that Firefox did not properly manage memory during JIT optimizations, leading to an out-of-bounds read vulnerability. An attacker could possibly use this issue to cause a denial of service or expose sensitive information. Nan Wang discovered that Firefox did not properly manage memory during WASM garbage collection. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. Various other issues were also addressed.
7c2c9d128db1252739be1d7a0b93beb403f7c031e510470fefa2f2f7a74db59dRed Hat Security Advisory 2024-2621-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include information leakage, privilege escalation, and use-after-free vulnerabilities.
c0ab1228ff9631c40f7ba7a67ebe0cb98a66d5194f5937e26da67792d764f154Red Hat Security Advisory 2024-2568-03 - An update for grafana is now available for Red Hat Enterprise Linux 9. Issues addressed include bypass and memory leak vulnerabilities.
acebb6ebe8c86932a7649e165ac7f9b1295bf39b1e11f37a00188477d20764f2Red Hat Security Advisory 2024-2562-03 - An update for golang is now available for Red Hat Enterprise Linux 9. Issues addressed include denial of service, memory exhaustion, and memory leak vulnerabilities.
5642d245ff223701e0e1b969fbb176f20288ab28d6880360b0a56d5fda156a78Red Hat Security Advisory 2024-2525-03 - An update for mingw-pixman is now available for Red Hat Enterprise Linux 9. Issues addressed include integer overflow and out of bounds write vulnerabilities.
7611f233f16e4003c69a91ee23499cbe6bed6fd4c7a8d26442bbf86975a89a03Red Hat Security Advisory 2024-2456-03 - An update for grub2 is now available for Red Hat Enterprise Linux 9. Issues addressed include code execution, out of bounds read, and out of bounds write vulnerabilities.
522d251117a31b5cf29b4472d79399998985d63ff3a4e49df0eba1ac473063eeRed Hat Security Advisory 2024-2394-03 - An update for kernel is now available for Red Hat Enterprise Linux 9. Issues addressed include code execution, double free, integer overflow, memory exhaustion, memory leak, null pointer, out of bounds access, out of bounds read, out of bounds write, privilege escalation, and use-after-free vulnerabilities.
86435dbd1e42e1cb6babcb7c70863a0ed35c27cc178b52ec0cd6a1f94cb358cd
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed