Ubuntu Security Notice 6644-1 - It was discovered that LibTIFF incorrectly handled certain files. If a user were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause the application to crash, resulting in a denial of service. It was discovered that LibTIFF incorrectly handled certain image files with the tiffcp utility. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause tiffcp to crash, resulting in a denial of service.
ef3f4db4f26363a7b6f29905c846ae44e713361a0326d73013b608026cee7283Ubuntu Security Notice 6643-1 - Emre Durmaz discovered that NPM IP package incorrectly distinguished between private and public IP addresses. A remote attacker could possibly use this issue to perform Server-Side Request Forgery attacks.
c16ecfe30134498bd139552611380f432fae442982648114d6b239d58d36cbcbUbuntu Security Notice 6625-3 - Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service. Zheng Wang discovered a use-after-free in the Renesas Ethernet AVB driver in the Linux kernel during device removal. A privileged attacker could use this to cause a denial of service.
52bdeffe5f0a9bcabf5888bdf230cc21b6b378f00b6361fdcb2347a717f725efA command injection vulnerability exists in Kafka UI versions 0.4.0 through 0.7.1 that allows an attacker to inject and execute arbitrary shell commands via the groovy filter parameter at the topic section.
1177f100a5a424ec41ea1f0b6efea99c8d820400e1819dbb7bf5253526f7dc02Ubuntu Security Notice 6642-1 - Shoham Danino, Anat Bremler-Barr, Yehuda Afek, and Yuval Shavitt discovered that Bind incorrectly handled parsing large DNS messages. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered that Bind incorrectly handled validating DNSSEC messages. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service.
59690fe75ddf72adb23e500a05f4e810c75b29c755af18781f7010d4def3deacSavsoft Quiz version 6.0 Enterprise suffers from a persistent cross site scripting vulnerability.
1ac23355d0f62f25e82f60f47ba431e52d9d96b2c52c9c3d4363d3b2c7465e82SPA-CART CMS version 1.9.0.3 suffers from a persistent cross site scripting vulnerability.
58fd612953477296342ab3025c080edfa2b76e3aadd2c0664b18066ad9c76722Petrol Pump Management Software version 1.0 suffers from a remote shell upload vulnerability.
17ba90fc439b26fdb9e7248c02187a9cca9a6bc58f83413a24bc776a007f4e2fTourism Management System version 2.0 suffers from a remote shell upload vulnerability.
1ae5b995d0df6c7d5380487c5e7a5f6326a545ef4255195c833afe8afb4e1c6cUbuntu Security Notice 6641-1 - Harry Sintonen discovered that curl incorrectly handled mixed case cookie domains. A remote attacker could possibly use this issue to set cookies that get sent to different and unrelated sites and domains.
a7d9ffd24a024ab8781ee9e6e2b5c442a80ad8acaf458870a637f085aae82d59Red Hat Security Advisory 2024-0903-03 - Red Hat AMQ Broker 7.10.6 is now available from the Red Hat Customer Portal. Issues addressed include a bypass vulnerability.
dd420bf69e5d471a1c9a71d726fa2114d18977f15d4ce47c39c7fe25d9c68ff7Red Hat Security Advisory 2024-0897-03 - An update for kernel is now available for Red Hat Enterprise Linux 8. Issues addressed include null pointer, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
dbe6e3d79434d09e6a6de1d79db1a3b3f4765b3c05cb2e3a5629c9ac87dd4f24Red Hat Security Advisory 2024-0894-03 - An update for the mysql:8.0 module is now available for Red Hat Enterprise Linux 8.
e94ba582758f752cfb3b7e0222b9ce4b68a8eac85917611867960ac0081c09dcRed Hat Security Advisory 2024-0893-03 - An update for python-pillow is now available for Red Hat Enterprise Linux 8. Issues addressed include a code execution vulnerability.
c38f79aa1fb6858b5c05f7a4fe033ec4d8c9043ac0b28db82931dc9620b2aa19Red Hat Security Advisory 2024-0889-03 - An update for oniguruma is now available for Red Hat Enterprise Linux 8. Issues addressed include buffer over-read, integer overflow, out of bounds read, and use-after-free vulnerabilities.
473bf95182d8508e9328183a3281cb7207332aea3603aaa463d0b86fb22b1fddRed Hat Security Advisory 2024-0888-03 - An update for edk2 is now available for Red Hat Enterprise Linux 8.
2caf5966bd70f2ed6f8c6c31a70942293c3b0c858d8049a4eea7b0a0e6470c95Red Hat Security Advisory 2024-0887-03 - An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.
252d850739346bcd9dd148f9d778246bd8a79d55919258160373d61950aeb2a9Red Hat Security Advisory 2024-0881-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Issues addressed include null pointer, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
0d650e7371fcf42179b3d918568d4272282b868665a9e8330b64c22c6a6fb2afRed Hat Security Advisory 2024-0880-03 - Red Hat OpenShift Serverless 1.31.1 is now available. Issues addressed include denial of service and traversal vulnerabilities.
aa68f4cfab348ee1b1507967052adf89219321d582502ccea75a76363d733cecRed Hat Security Advisory 2024-0879-03 - An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary. Issues addressed include denial of service and deserialization vulnerabilities.
21539e8ad6eb89398639a849c579977f6ef6754438fb5ff56e79d929991bbec0Red Hat Security Advisory 2024-0876-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Issues addressed include a use-after-free vulnerability.
88f9c47aaa0324386161a78572a528923c3a8133804aa675dca5e60c29d8085fRed Hat Security Advisory 2024-0866-03 - An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 8. Issues addressed include denial of service and deserialization vulnerabilities.
30e5668077d97760ad8a3286c9da5c6bb27b9dd1179bc70d3ab81244e99ede2bRed Hat Security Advisory 2024-0863-03 - An update for the gimp:2.8 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a buffer overflow vulnerability.
4ad1c2ff7c6984c20316850b018732953e013b2e0fb2d44058a8def664df2fa4Red Hat Security Advisory 2024-0862-03 - An update for the gimp:2.8 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a buffer overflow vulnerability.
63b69fd11719c5b738be54d4fe1e05a9567737003f24424873bf3a4674152e84Red Hat Security Advisory 2024-0861-03 - An update for the gimp:2.8 module is now available for Red Hat Enterprise Linux 8. Issues addressed include a buffer overflow vulnerability.
f3c8d2bbc41773c49d11a57274f8687c0735ba6322abdac0ae67793f6aa3785d
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed