Debian Linux Security Advisory 5819-1 - Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in denial of service, CLRF injection or information disclosure.
2481470ddfb4c98e2a69dca6bc10f1fc70bf8a21d5327573eb900cd624ee6b9dUbuntu Security Notice 7126-1 - It was discovered that libsoup ignored certain characters at the end of header names. A remote attacker could possibly use this issue to perform a HTTP request smuggling attack. It was discovered that libsoup did not correctly handle memory while performing UTF-8 conversions. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. It was discovered that libsoup could enter an infinite loop when reading certain websocket data. An attacker could possibly use this issue to cause a denial of service.
cdd94a4f3569687a23d5f90580cbb143f94576b6385e0c33dfac46abdac253a6Ubuntu Security Notice 7127-1 - It was discovered that libsoup ignored certain characters at the end of header names. A remote attacker could possibly use this issue to perform a HTTP request smuggling attack. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. It was discovered that libsoup did not correctly handle memory while performing UTF-8 conversions. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code.
8eab9b3c18eec9367e7c8330678731ff248eafd1a6652553de40ab2d374e7f6eUbuntu Security Notice 7130-1 - It was discovered that GitHub CLI incorrectly handled username validation. An attacker could possibly use this issue to perform remote code execution if the user connected to a malicious server.
fe3eb861c4e7a23b6b2ce99368f3327913bcab99b1f679efb490abc72c37bc89Ubuntu Security Notice 7125-1 - It was discovered that RapidJSON incorrectly parsed numbers written in scientific notation, leading to an integer underflow. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code.
5959e05a4f919e8c421949a58be5b383c74c195a0627c0a6b62be2aa7a5df935Ubuntu Security Notice 6988-2 - USN-6988-1 fixedCVE-2024-41671 in Twisted. The USN incorrectly stated that previous releases were unaffected. This update provides the equivalent fix for Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 18.04 LTS. Ben Kallus discovered that Twisted incorrectly handled response order when processing multiple HTTP requests. A remote attacker could possibly use this issue to delay and manipulate responses. This issue only affected Ubuntu 24.04 LTS.
9f6c4ac3ae0181ed5637fe932441a9acc8aa722c23b40f44fc27316ef8f338d3Ubuntu Security Notice 7129-1 - It was discovered that TinyGLTF performed file path expansion in an insecure way on certain inputs. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code.
43b97184d979319f1754c2eac1453cd4112977dacc04a1b4e5f6bf6b99ea7ad7Ubuntu Security Notice 7128-1 - Sebastian Chnelik discovered that Pygments had an inefficient regex query for analyzing certain inputs. An attacker could possibly use this issue to cause a denial of service.
668d2cc6b2579ea7a3344658960fa1c48b5e4d4b3366c1ad0d944d336ae5e142Ubuntu Security Notice 7117-2 - USN-7117-1 fixed vulnerabilities in needrestart. The update introduced a regression in needrestart. This update fixes the problem. Qualys discovered that needrestart passed unsanitized data to a library which expects safe input. A local attacker could possibly use this issue to execute arbitrary code as root.
6045c90f6a06c6c706541b8ae686bc492ee7f2e736d368452534e35f1f2ef3ccRed Hat Security Advisory 2024-9885-03 - Red Hat Trusted Profile Analyzer 1.2.0 release Red Hat Product Security has rated this update as having a security impact of Moderate.
e0bc1d0e0b375cb703d1ebee931318c748e31c547117762fc9a82a9c57b2ad35Red Hat Security Advisory 2024-10492-03 - An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a bypass vulnerability.
239fc5b5b373b0c1e519d89cf6b101c8409857bb98ef3226b483ec979685d3d0Red Hat Security Advisory 2024-10483-03 - An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Issues addressed include a bypass vulnerability.
6e07b8a73866680967a947d8bb9e51594ed0f1d66529b1c117f3a5c2709e684eRed Hat Security Advisory 2024-10472-03 - An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9. Issues addressed include a bypass vulnerability.
04dc5877a858b49930517be0597d0861052545d2dbffcbe983cd485ccc376234Red Hat Security Advisory 2024-10389-03 - Red Hat OpenShift Virtualization release 4.13.11 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.
e9aa901dc07e42b8b0ee3aa3c5059d62c3df365e0ab185d739174a3d19885ffaRed Hat Security Advisory 2024-10386-03 - A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section.
6fa1f51512caf9b12c7d28b1aca2f2ebb6247624795929d5c61a4e0d85604a54Red Hat Security Advisory 2024-10385-03 - A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section.
7685e8cae51ba24ac9d3a8960a51d48fe92533726434e49338973df84ac2a6e5Red Hat Security Advisory 2024-10384-03 - An update for tuned is now available for Red Hat Enterprise Linux 9.
81ffaa341ca2f20857818ce21c2e8f8b35fce2ab0d74891a38cd6e4a0f02af05Red Hat Security Advisory 2024-10381-03 - An update for tuned is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.
b2d200e1b8d9ef807f86e0e47cc35641f4c52d93cf9bdb6e04c640e03ed0c0edRed Hat Security Advisory 2024-10379-03 - An update for pam is now available for Red Hat Enterprise Linux 8. Issues addressed include a bypass vulnerability.
9d021eda9681de10faf8d0e1687a12556a93d3bfe5b9b776036e8734b9c650c8Red Hat Security Advisory 2024-10289-03 - An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8. Issues addressed include denial of service and traversal vulnerabilities.
8cca4c9205ce2f835d3b0321f2fa4f2c71a7019bac0421b61c1d3c39ae209621Red Hat Security Advisory 2024-10282-03 - An update for the kernel-rt:4.18.0 module is now available for Red Hat Enterprise Linux 8. Issues addressed include a use-after-free vulnerability.
b2d62df3d4be8824e4635ae693a82c86c3365fb3966bef95b77da1947bfaf5b4Red Hat Security Advisory 2024-10281-03 - An update for the kernel:4.18.0 module is now available for Red Hat Enterprise Linux 8. Issues addressed include a use-after-free vulnerability.
7d1175e7bf1bb7c91e0f7efb53f70b56d9142454e5fb603b14948824ffcc56f6Red Hat Security Advisory 2024-10275-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.
18c649d00738466bebac043cd210aac4104c54781058b81c36d7626e24706bbaRed Hat Security Advisory 2024-10274-03 - An update for kernel is now available for Red Hat Enterprise Linux 9. Issues addressed include a use-after-free vulnerability.
fd558a975e5b57e8c84b0cd496c06539e5a5785bdc8e2bd06f596557d80f8efbRed Hat Security Advisory 2024-10273-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.
0638a02a2f80521fe36042791f3624cf61ae34acc52e7994d7502fac03a951c3
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed