Teradek VidiU Pro version 3.0.3 change password cross site request forgery exploit.
791670132a401e371b128bedde6411db04bcfe2b8c5b23042f4ce3ba84ae9a1fGitBucket version 4.23.1 suffers from remote code execution and arbitrary file read vulnerabilities.
6ffd9bc57428e103c842345d3420be4640d0f4e31753a4d916974caffdc9c31aUbuntu Security Notice 3653-1 - Jann Horn and Ken Johnson discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via a sidechannel attack. This flaw is known as Spectre Variant 4. A local attacker could use this to expose sensitive information, including kernel memory. It was discovered that the netlink subsystem in the Linux kernel did not properly restrict observations of netlink messages to the appropriate net namespace. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
d9fc900e1f4d55c8f25f80332560895a636a3d420324f107816b8351e17b5486Ubuntu Security Notice 3652-1 - Jann Horn and Ken Johnson discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via a sidechannel attack. This flaw is known as Spectre Variant 4. A local attacker could use this to expose sensitive information, including kernel memory.
4f305f3039ed043ebd551d5646ac1823153626251281ebbec53acda8e4c5c389Ubuntu Security Notice 3651-1 - Ken Johnson and Jann Horn independently discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via sidechannel attacks. An attacker in the guest could use this to expose sensitive guest information, including kernel memory. This update allows QEMU to expose new CPU features added by microcode updates to guests on amd64 and i386.
e1006701fb74f4331e5c75feae579f67e60025aeca0efd430ac543cd7ea720f7Teradek VidiU Pro version 3.0.3 suffers from a server-side request forgery vulnerability.
aca8cffbbdb7cb146f30b4adc684ff750ade104ffbf97f35037b30c1fddae561Debian Linux Security Advisory 4204-1 - This update fixes several vulnerabilities in imagemagick, a graphical software suite. Various memory handling problems or issues about incomplete input sanitizing would result in denial of service or memory disclosure.
eaec147b0d168f88971b3a540dc96f07a0b5e6ba9b5e5c0d789c720b0868a61aVMware Security Advisory 2018-0013 - VMware Workstation and Fusion updates address signature bypass and multiple denial-of-service vulnerabilities.
ce58c1ce49b2fc00cf05701b64367ec9b8b2db1bd6169b27784c129bca2d4b8fDebian Linux Security Advisory 4205-1 - This is an advance notice that regular security support for Debian GNU/Linux 8 (code name "jessie") will be terminated on the 17th of June.
ed907fec846c5e545766ab125e913fbfd3765dd6dc94215ed2cc1a4234736631Merge PACS version 7.0 suffers from a cross site request forgery vulnerability.
68a5da11ad4b01df5a53174c9b9a4b9d5ae57da58fc472378c66cf1e230f7efceventreg.oracle.com suffers from a cross site scripting vulnerability.
862ee05709fb06592382b4e9c7d351500999469bfe190051a079c1b2a013b53cModel Agency Media House and Model Gallery version 1.0 suffers from cross site request forgery, remote SQL injection, and cross site scripting vulnerabilities.
7a8597d4170ef2b72082793a52c69649aa07f15916f2c0a37666b9957ee77790Auto Dealership and Vehicle Showroom WebSys version 1.0 suffers from cross site request forgery, remote SQL injection, and cross site scripting vulnerabilities.
920e5bd63738f4266ef0e78c5f67e5d241d5b47370551eff726fd8643da81053Wchat PHP AJAX Chat Script version 1.5 suffers from a persistent cross site scripting vulnerability.
481366eebe9863418cf80932157bbe2adba1f778a34704551e88523729135dd7Schneider Electric PLCs suffer from a cross site request forgery vulnerability.
00024898ea29c4fc90258929adc88ba46a0f213ab7c2426a15ad7567a0297716
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed