– Debian Linux Security Advisory 5808-1 – Multiple security issues were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which could result in denial of service and potentially the execution of arbitrary code if malformed document files are processed. – Read More – Packet Storm
– Red Hat Security Advisory 2024-8692-03 – Red Hat OpenShift Container Platform release 4.12.68 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability. – Read More – Packet Storm
– Red Hat Security Advisory 2024-8697-03 – Red Hat OpenShift Container Platform release 4.14.40 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability. – Read More – Packet Storm
– Red Hat Security Advisory 2024-8974-03 – Red Hat Advanced Cluster Management for Kubernetes 2.12.0 GA release images are now available, which contain security and bug fixes. – Read More – Packet Storm
– WS02 versions 4.0.0, 4.1.0, and 4.2.0 are susceptible to remote code execution via an arbitrary file upload vulnerability. – Read More – Packet Storm
– Debian Linux Security Advisory 5807-1 – Several vulnerabilities were discovered in NSS, a set of cryptographic libraries, which may result in denial of service or potentially the execution of arbitrary code. – Read More – Packet Storm
– Ubuntu Security Notice 7094-1 – It was discovered that QEMU incorrectly handled memory during certain VNC operations. A remote attacker could possibly use this issue to cause QEMU to consume resources, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. It was discovered that QEMU incorrectly handled certain memory copy operations when loading ROM contents. If...
– Ubuntu Security Notice 7096-1 – Andy Boothe discovered that the Networking component of OpenJDK 8 did not properly handle access under certain circumstances. An unauthenticated attacker could possibly use this issue to cause a denial of service. It was discovered that the Hotspot component of OpenJDK 8 did not properly handle vectorization under certain circumstances. An unauthenticated attacker could possibly...
– Ubuntu Security Notice 7097-1 – Andy Boothe discovered that the Networking component of OpenJDK 11 did not properly handle access under certain circumstances. An unauthenticated attacker could possibly use this issue to cause a denial of service. It was discovered that the Hotspot component of OpenJDK 11 did not properly handle vectorization under certain circumstances. An unauthenticated attacker could possibly...
– Ubuntu Security Notice 7098-1 – Andy Boothe discovered that the Networking component of OpenJDK 17 did not properly handle access under certain circumstances. An unauthenticated attacker could possibly use this issue to cause a denial of service. It was discovered that the Hotspot component of OpenJDK 17 did not properly handle vectorization under certain circumstances. An unauthenticated attacker could possibly...
– Ubuntu Security Notice 7099-1 – Andy Boothe discovered that the Networking component of OpenJDK 21 did not properly handle access under certain circumstances. An unauthenticated attacker could possibly use this issue to cause a denial of service. It was discovered that the Hotspot component of OpenJDK 21 did not properly handle vectorization under certain circumstances. An unauthenticated attacker could possibly...
– Post Content – Read More – Packet Storm
– Post Content – Read More – Packet Storm
– Post Content – Read More – Packet Storm
– Post Content – Read More – Packet Storm
– [[{“value”:” Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Nov 09 SEC Consult Vulnerability Lab Security Advisory < 20241107-0 > ======================================================================= title: Multiple Vulnerabilities product: HASOMED Elefant and Elefant Software Updater vulnerable version: <24.04.00, Elefant Software Updater <1.4.2.1811 fixed version: 24.04.00, Elefant Software Updater 1.4.2.1811 CVE number: CVE-2024-50588,…“}]] – Read More – Full Disclosure
– Red Hat Security Advisory 2024-8700-03 – Red Hat OpenShift Container Platform release 4.14.40 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include denial of service and traversal vulnerabilities. – Read More – Packet Storm
– Debian Linux Security Advisory 5805-1 – It was discovered that the daemon of the GNU Guix functional package manager was susceptible to privilege escalation. – Read More – Packet Storm
– Debian Linux Security Advisory 5806-1 – A heap-based out-of-bounds write vulnerability was discovered in libarchive, a multi-format archive and compression library, which may result in the execution of arbitrary code if a specially crafted RAR archive is processed. – Read More – Packet Storm
– Post Content – Read More – Packet Storm
– Post Content – Read More – Packet Storm
– Post Content – Read More – Packet Storm
– Post Content – Read More – Packet Storm
– Post Content – Read More – Packet Storm
– Red Hat Security Advisory 2024-9015-03 – An update for thunderbird is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Issues addressed include cross site scripting, denial of service, spoofing, and use-after-free vulnerabilities. – Read More – Packet...
– Red Hat Security Advisory 2024-9016-03 – An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Issues addressed include cross site scripting, denial of service, spoofing, and use-after-free vulnerabilities. – Read More – Packet Storm
– Red Hat Security Advisory 2024-9017-03 – An update for thunderbird is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Issues addressed include cross site scripting, denial of service, spoofing, and use-after-free vulnerabilities. – Read More – Packet...
– Red Hat Security Advisory 2024-9018-03 – An update for thunderbird is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include cross site scripting, denial of service, spoofing, and use-after-free vulnerabilities. – Read More – Packet Storm
– Red Hat Security Advisory 2024-9019-03 – An update for thunderbird is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Issues addressed include cross site scripting, denial of service, spoofing, and use-after-free vulnerabilities. – Read More – Packet Storm
– A significant amount of vulnerabilities in the Linux kernel have been resolved that include use-after-free and race conditions. – Read More – Packet Storm
– Ubuntu Security Notice 6882-2 – USN-6882-1 fixed vulnerabilities in Cinder. The update caused a regression in certain environments due to incorrect privilege handling. This update fixes the problem. Martin Kaesberger discovered that Cinder incorrectly handled QCOW2 image processing. An authenticated user could use this issue to access arbitrary files on the server, possibly exposing sensitive information. – Read More – Packet...
– Debian Linux Security Advisory 5804-1 – The following vulnerabilities have been discovered in the WebKitGTK web engine. An anonymous researcher, Q1IQ (@q1iqF) and P1umer discovered that processing maliciously crafted web content may lead to an unexpected process crash. Narendra Bhati discovered that processing maliciously crafted web content may prevent Content Security Policy from being enforced. – Read More – Packet Storm
– Red Hat Security Advisory 2024-8694-03 – Red Hat OpenShift Container Platform release 4.12.68 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include denial of service and traversal vulnerabilities. – Read More – Packet Storm
– Red Hat Security Advisory 2024-8977-03 – An update for the python39:3.9 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. – Read More – Packet Storm
– While parsing test result XML files with the TestRail CLI, the presence of certain TestRail-specific fields can cause untrusted data to flow into an eval() statement, leading to arbitrary code execution. In order to exploit this, an attacker would need to be able to cause the TestRail CLI to parse a malicious XML file. Normally an attacker with this level...
– Ubuntu Security Notice 7089-3 – Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the...
– Ubuntu Security Notice 7095-1 – Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the...
– Ubuntu Security Notice 7088-4 – Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. – Read More – Packet Storm
– Proof of concept remote command execution exploit for CyberPanel versions prior to 5b08cd6. – Read More – Packet Storm
– WordPress Meetup plugin versions 0.1 and below suffer from an authentication bypass vulnerability. – Read More – Packet Storm
– Red Hat Security Advisory 2024-8690-03 – Red Hat OpenShift Container Platform release 4.13.53 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include denial of service and traversal vulnerabilities. – Read More – Packet Storm
– Post Content – Read More – Packet Storm
– Post Content – Read More – Packet Storm
– Post Content – Read More – Packet Storm
– Post Content – Read More – Packet Storm
– [[{“value”:” Posted by Devin Cook on Nov 06 This is not a very exciting vulnerability, but I had already publicly disclosed it on GitHub at the request of the vendor. Since that report has disappeared, the link I had provided to MITRE was invalid, so here it is again. -Devin — # Unsafe `eval()` in TestRail CLI FieldsParser Date Reported:...
– Red Hat Security Advisory 2024-8929-03 – An update for mod_jk is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include denial of service and information leakage vulnerabilities. – Read More – Packet Storm
– Red Hat Security Advisory 2024-8935-03 – An update for edk2 is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability. – Read More – Packet Storm
– Debian Linux Security Advisory 5803-1 – Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code. – Read More – Packet Storm
– Ubuntu Security Notice 7093-1 – It was discovered that Werkzeug incorrectly handled multiple form submission requests. A remote attacker could possibly use this issue to cause Werkzeug to consume resources, leading to a denial of service. – Read More – Packet Storm
This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.
If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.
