Ubuntu Security Notice 6730-1 - It was discovered that Apache Maven Shared Utils did not handle double-quoted strings properly, allowing shell injection attacks. This could allow an attacker to run arbitrary code.
15c8d6e5b9065ade2c2ed5b94442496e05fb18a0a38ae85a9562327745d57a90Debian Linux Security Advisory 5656-1 - Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
36d8ec32098862bd442312fd32c3ee1e040b8baf4b868bc51289c338d235032eTerratec dmx_6fire USB version 1.23.0.02 suffers from an unquoted service path vulnerability.
3b1ae38d17de2b6bb05d853af820ee9f6f5e2f2251357f5de9240f209b72112fUbuntu Security Notice 6729-1 - Orange Tsai discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly use this issue to perform HTTP request splitting attacks. Keran Mu and Jianjun Chen discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly use this issue to perform HTTP request splitting attacks.
b6b856a665b8ccd0c761b17ac9d0990bb16f01e11f4e9c76e440d6681ef8b0fdThe Ray Project dashboard contains a CPU profiling page, and the format parameter is not validated before being inserted into a system command executed in a shell, allowing for arbitrary command execution. If the system is configured to allow passwordless sudo (a setup some Ray configurations require) this will result in a root shell being returned to the user. If not configured, a user level shell will be returned. Versions 2.6.3 and below are affected.
71d55c6a52e12ee9261d11d52085671ffd68404f5deb15af6740a69e8a217fbaUbuntu Security Notice 6727-2 - USN-6727-1 fixed vulnerabilities in NSS. The update introduced a regression when trying to load security modules on Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. This update fixes the problem. It was discovered that NSS incorrectly handled padding when checking PKCS#1 certificates. A remote attacker could possibly use this issue to perform Bleichenbacher-like attacks and recover private data. This issue only affected Ubuntu 20.04 LTS. It was discovered that NSS had a timing side-channel when performing RSA decryption. A remote attacker could possibly use this issue to recover private data. It was discovered that NSS had a timing side-channel when using certain NIST curves. A remote attacker could possibly use this issue to recover private data. The NSS package contained outdated CA certificates. This update refreshes the NSS package to version 3.98 which includes the latest CA certificate bundle and other security improvements.
98f7aae4d30d1b37976aae71c2f8f3d1c09fb49865d4abec3139169342e9663aWordPress Playlist for Youtube plugin version 1.32 suffers from a persistent cross site scripting vulnerability.
89bd57c1d15c2fdb70027b10bc188998968404fee02a9c3318c678b99724d195MinIO versions prior to 2024-01-31T20-20-33Z suffer from a privilege escalation vulnerability.
1fd596cf1466301a3fd1b25b9e0abbc97d0da47e2d4cbfabb6133bac6cd96055Red Hat Security Advisory 2024-1795-03 - VolSync v0.9.1 general availability release images, which provide enhancements, security fixes, and updated container images.
2d60e84c0e26e9c6bc3737d447e60a85e24ea8b74de28f75685f3d881499bbd4Red Hat Security Advisory 2024-1789-03 - An update for bind is now available for Red Hat Enterprise Linux 9.
84bd7cf29f31db99a16698c475174af16965a7562a02b0006fce3148054a43e6Red Hat Security Advisory 2024-1787-03 - An update for squid is now available for Red Hat Enterprise Linux 7. Issues addressed include buffer over-read, denial of service, and null pointer vulnerabilities.
015523c72701c6b4ebda8d02b7728a2600a97d861a8fdfed0767aa6829228f17Red Hat Security Advisory 2024-1786-03 - An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.
9838d3362a205bf95b6542e2c2caf6d6b03da8436f7ed6e2cd637f0e92a53504Red Hat Security Advisory 2024-1785-03 - An update for xorg-x11-server is now available for Red Hat Enterprise Linux 7.
5280c0ce0aabacede5b0b1276745bee4a2e979d670ab34636d588a41a1ba82f3Red Hat Security Advisory 2024-1784-03 - An update for gnutls is now available for Red Hat Enterprise Linux 8. Issues addressed include an information leakage vulnerability.
3704f7681fcb98c2ef4644550c22ee9b60ac0ce4e8cb4b7e49563fcce13701fd
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed