WordPress Automatic plugin versions 3.92.0 and below proof of concept exploit that demonstrates path traversal and server-side request forgery vulnerabilities.
1e3ab221180e7f26ab2127194c4584fbb6f05727c5578c16eb87089046795a1eQualitor versions 8.24 and below suffer from an unauthenticated server-side request forgery vulnerability.
2734b6bfa47ec29cef2a7ccb822c9b086285ff3cc271ca8735d81e8e43bcb1c6Proof of concept exploit for a command injection vulnerability in CyberPanel. This vulnerability enables unauthenticated attackers to inject and execute arbitrary commands on vulnerable servers by sending crafted OPTIONS HTTP requests to /dns/getresetstatus and /ftp/getresetstatus endpoints, potentially leading to full system compromise. Versions prior to 1c0c6cb appear to be affected.
f67f580b585c400ff03b025158d51ee9a118eeef098fff7d55b85a53e5841da2Proof of concept code for a flaw where a malicious insider can bypass the existing policy of Skyhigh Client Proxy without a valid release code.
2e31e7ddba5252351c7ee14e263acdbc754af802d6a309868e3a30682bf1b543Ubuntu Security Notice 7076-2 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
bda7c0835b76e6cb22841f216cfe22534c15850ff6552b4194bf6bddaf76eac3Ubuntu Security Notice 7021-5 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
eb08a7be99e6bc608aae772cb6e8597e4a4a6f2780086193c7dfb7689ea4a43fUbuntu Security Notice 7086-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code.
aa6ed1f85bd38a08bd3e875585159586c98e9a9532a72c63afc09f15bf1ced9eUbuntu Security Notice 7087-1 - It was discovered that libarchive incorrectly handled certain RAR archive files. If a user or automated system were tricked into processing a specially crafted RAR archive, an attacker could use this issue to cause libarchive to crash, resulting in a denial of service, or possibly execute arbitrary code.
1eed32f91872854f1e02f0b48a759383da1c9d02846a7e4fb7f0f2a490768aacUbuntu Security Notice 7085-2 - USN-7085-1 fixed a vulnerability in X.Org. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain memory operations in the X Keyboard Extension. An attacker could use this issue to cause the X Server to crash, leading to a denial of service, or possibly execute arbitrary code.
5a04aa298bf2801943178ba9998c092ae2bcd6c0e34fcbc1cc3fb661e09fb376Ubuntu Security Notice 7084-2 - USN-7084-1 fixed vulnerability in urllib3. This update provides the corresponding update for the urllib3 module bundled into pip. It was discovered that urllib3 didn't strip HTTP Proxy-Authorization header on cross-origin redirects. A remote attacker could possibly use this issue to obtain sensitive information.
312ed9f8bb4ab24eb7a502a24a8630b8be43aedef291065858629e605d73ca8dRed Hat Security Advisory 2024-8680-03 - An update for mod_http2 is now available for Red Hat Enterprise Linux 9. Issues addressed include denial of service and null pointer vulnerabilities.
1a0f26cd3e2a3ecc764f6e21f44ac6e77990d2dee873a0fc16ddbcd0fa0ed77dRed Hat Security Advisory 2024-8679-03 - An update for podman is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
66026814df9d3dcfd991b7883d2f4f5861da0798985524aa5052b5d6d16e541cRed Hat Security Advisory 2024-8678-03 - An update for grafana is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Issues addressed include a cross site scripting vulnerability.
22bd0b22c5fb809544bda17cde31535fbd820b287d57fc12812653247fb1af9dRed Hat Security Advisory 2024-8676-03 - Updated images that include numerous enhancements, security, and bug fixes are now available for Red Hat OpenShift Data Foundation 4.17.0 on Red Hat Enterprise Linux 9.
0fe604296003a4c0445ad9381112117f0cdd4d6a76d0ebad275243568298b64dRed Hat Security Advisory 2024-8675-03 - An update for buildah is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
55ee0b1bb77b41a6829f37ff8d07831c4c7f70e83952982dd94b3e8eec3e8176Red Hat Security Advisory 2024-8428-03 - Red Hat OpenShift Container Platform release 4.15.37 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include denial of service and traversal vulnerabilities.
e3a2b95dd3e1fe1ddf2193e0b934fac5b4b9c43793d647044a67aa4d301421f7Red Hat Security Advisory 2024-8337-03 - Run Once Duration Override Operator for Red Hat OpenShift 1.1.2 for RHEL 9.
c57d8a9306d060117e6c19196bba5fc0962178a9e83ecf926e4f8b3f889005b0
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed