Debian Linux Security Advisory 5792-1 - The following vulnerabilities have been discovered in the WebKitGTK web engine. Hafiizh and YoKo Kho discovered that visiting a malicious website may lead to address bar spoofing. Narendra Bhati discovered that a malicious website may exfiltrate data cross-origin.
6c18c5c48316e22ebdd4c277dc051b11216afc79e2f4ce344b61f3d3a8f4d3efABB Cylon Aspect version 3.08.00 suffers from an authenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the country, state, locality, organization, and hostname HTTP POST parameters called by the sslCertAjax.php script.
c9e65d912e7544e112d86ab5bdaf919b72100eb3203885121a442e427d5ebd32Ubuntu Security Notice 7068-1 - It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into processing a specially crafted file, an attacker could exploit this to cause a denial of service or affect the reliability of the system. The vulnerabilities included memory leaks, buffer overflows, and improper handling of pixel data.
5c6bd6bcb2ca53d4b3157c72c52e17703670e408f247ba00470808adc0387a40Ubuntu Security Notice 7014-3 - USN-7014-1 fixed a vulnerability in nginx. This update provides the corresponding update for Ubuntu 14.04 LTS. It was discovered that the nginx ngx_http_mp4 module incorrectly handled certain malformed mp4 files. In environments where the mp4 directive is in use, a remote attacker could possibly use this issue to cause nginx to crash, resulting in a denial of service.
f2683053371df5259d111ff196fa687100c99430c6996267cd6f85c2c643f862Ubuntu Security Notice 7040-2 - USN-7040-1 fixed a vulnerability in ConfigObj. This update provides the corresponding update for Ubuntu 14.04 LTS. It was discovered that ConfigObj contains regex that is susceptible to catastrophic backtracking. An attacker could possibly use this issue to cause a regular expression denial of service.
0c49bec4ebf7e79b130f9dda502ad48306527f5d1dc4b6f9c31fcf01986dec10Dolibarr version 20.0.1 suffers from a remote SQL injection vulnerability.
b68670196a13cfe286e8487af4ff4c175267f0b3c6b2117e063ec30584883b78Ubuntu Security Notice 6968-3 - USN-6968-1 fixedCVE-2024-7348 in PostgreSQL-12, PostgreSQL-14, and PostgreSQL-16. This update provides the corresponding updates for PostgreSQL-9.3 in Ubuntu 14.04 LTS and PostgreSQL-10 in Ubuntu 18.04 LTS. Noah Misch discovered that PostgreSQL incorrectly handled certain SQL objects. An attacker could possibly use this issue to execute arbitrary SQL functions as the superuser.
caa14a9859c8792706e743c255064ddabb11a49fd4e194ed7e800133d7c13668Ubuntu Security Notice 7067-1 - It was discovered that HAProxy did not properly limit the creation of new HTTP/2 streams. A remote attacker could possibly use this issue to cause HAProxy to consume excessive resources, leading to a denial of service.
0c3a8cc24aa96cf1a398f784dc3f6ce2e20ddac2a2383951bdbf8f7b7f0441bcWatchGuard XTM Firebox version 12.5.x suffers from a buffer overflow vulnerability.
78e6c67201f4e49d3389589aa7f41fc87652c0fde365477237abb7c91d9f8057Red Hat Security Advisory 2024-8131-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Issues addressed include a use-after-free vulnerability.
ce34741d3b62815cb980bf5413bdb05c861b81682048696db4ead5c800aec78eRed Hat Security Advisory 2024-8130-03 - An update for python3.9 is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.
228a695bcf57ae62f22004a300513e33442a6bc409bb776a7e14ac5826307b10Red Hat Security Advisory 2024-8113-03 - Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.16.3 on Red Hat Enterprise Linux 9 from Red Hat Container Registry.
b23976ea134a96e6dac837c6ca0abbb143932404f758cff9747beaebb6e067d8Red Hat Security Advisory 2024-8111-03 - An update for skopeo is now available for Red Hat Enterprise Linux 9.
cc4a7e0963628574a9cb71d4a9ac0a718efa3bb6301f08eee1327dbc39ab92d8Red Hat Security Advisory 2024-8110-03 - An update for containernetworking-plugins is now available for Red Hat Enterprise Linux 9.
e79a460776593c49180d550be3825b10749f794b1feb28e3a2a10f3328f3a4aeRed Hat Security Advisory 2024-8107-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a use-after-free vulnerability.
a9d0f692aa1e9fb98f7c1ee9f569d571d1e2cab7983e0308fc32285117bb118bRed Hat Security Advisory 2024-8105-03 - An update for python-gevent is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Issues addressed include a privilege escalation vulnerability.
005bafae0b4605c7b781cc94ecbb9e70852a6d3ca1a0d46f764e2c1364636593Red Hat Security Advisory 2024-8104-03 - An update for edk2 is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.
9fa1471deb67053b28db74a6a16e57506ced286ceddd216367c5dfa38964a839Red Hat Security Advisory 2024-8103-03 - An update for the python39:3.9 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.
32c2193a0744c32493318ca27b495274f7c985cbd62836947e3fb2bbc245596eRed Hat Security Advisory 2024-8102-03 - An update for python-gevent is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a privilege escalation vulnerability.
cb4b666c8c60966fc14602bdbaf14c8214b986d741aa75ab6860f9a7eabe7ad3Red Hat Security Advisory 2024-8093-03 - A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Issues addressed include a code execution vulnerability.
30e45045b5cfb95a0a5f2c1c30020e92b0228ede233c78afac610bb44187341cRed Hat Security Advisory 2024-8083-03 - An update for grafana is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.
0e02a9444cb50c637f104d8f53694dece6cb01bf32019d60d078890ce66a22acRed Hat Security Advisory 2024-8082-03 - An update for.NET 6.0 is now available for Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.6 Telecommunications Update Service, and Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support. Issues addressed include a denial of service vulnerability.
e1d3a754953e8ee668960d04e2a08c01ba4b8efbf505d0457a5b48742f4ecc3eRed Hat Security Advisory 2024-8081-03 - An update for OpenIPMI is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
0ab9d1a3ef5f7a0f9d3cf27187ddbad5bc680bb6a647113e26e73c85597017a8Red Hat Security Advisory 2024-8080-03 - An update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section. Issues addressed include cross site scripting and denial of service vulnerabilities.
e9d31617137ff55ab968d5c6b0d5c5a47cb10b708d7d3861665cc03b75f68da6Red Hat Security Advisory 2024-8077-03 - An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section. Issues addressed include cross site scripting and denial of service vulnerabilities.
14dd94cdd3babb6dc3c69e798766f5d1816e1f7b5d2f1ee400fcd13d7164c219
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed