– Gentoo Linux Security Advisory 202411-1 – A vulnerability has been discovered in Neat VNC, which can lead to authentication bypass. Versions greater than or equal to 0.8.1 are affected. – Read More – Packet Storm
– Ubuntu Security Notice 7088-3 – Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. – Read More – Packet Storm
– Gentoo Linux Security Advisory 202411-2 – A vulnerability has been discovered in Flatpak, which can lead to a sandbox escape. Versions greater than or equal to 1.4.10 are affected. – Read More – Packet Storm
– Gentoo Linux Security Advisory 202411-3 – A vulnerability has been discovered in Ubiquiti UniFi, which can lead to local privilege escalation. Versions greater than or equal to 8.5.6 are affected. – Read More – Packet Storm
– Gentoo Linux Security Advisory 202411-4 – A vulnerability has been discovered in EditorConfig Core C library, which may lead to arbitrary code execution. Versions greater than or equal to 0.12.6 are affected. – Read More – Packet Storm
– Gentoo Linux Security Advisory 202411-5 – Multiple vulnerabilities have been discovered in libgit2, the worst of which could lead to arbitrary code execution. Versions greater than or equal to 1.7.2 are affected. – Read More – Packet Storm
– Ubuntu Security Notice 7092-1 – It was discovered that mpg123 incorrectly handled certain mp3 files. If a user or automated system were tricked into opening a specially crafted mp3 file, a remote attacker could use this issue to cause mpg123 to crash, resulting in a denial of service, or possibly execute arbitrary code. – Read More – Packet Storm
– Red Hat Security Advisory 2024-5013-03 – Red Hat OpenShift Builds 1.1.0. – Read More – Packet Storm
– Ubuntu Security Notice 7088-2 – Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. – Read More – Packet Storm
– Red Hat Security Advisory 2024-8885-03 – An update for Openshift Jenkins is now available for Red Hat Product OCP Tools 4.14. Red Hat Product Security has rated this update as having a security impact of important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the...
– Ubuntu Security Notice 7089-2 – Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the...
– Red Hat Security Advisory 2024-8886-03 – An update for Openshift Jenkins is now available for Red Hat Product OCP Tools 4.12. Red Hat Product Security has rated this update as having a security impact of important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the...
– Ubuntu Security Notice 7083-1 – It was discovered that OpenJPEG incorrectly handled certain memory operations when using the command line “-ImgDir” in a directory with a large number of files, leading to an integer overflow vulnerability. An attacker could potentially use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu...
– Red Hat Security Advisory 2024-8887-03 – An update for Openshift Jenkins is now available for Red Hat Product OCP Tools 4.13. Red Hat Product Security has rated this update as having a security impact of important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the...
– Ubuntu Security Notice 7091-1 – It was discovered that Ruby incorrectly handled parsing of an XML document that has specific XML characters in an attribute value using REXML gem. An attacker could use this issue to cause Ruby to crash, resulting in a denial of service. This issue only affected in Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. It was...
– GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on...
– A vulnerability was identified in a ABB Cylon Aspect version 3.08.00 where an off-by-one error in array access could lead to undefined behavior and potential denial of service. The issue arises in a loop that iterates over an array using a less than or equals to condition, allowing access to an out-of-bounds index. This can trigger errors or unexpected behavior...
– Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can...
– Post Content – Read More – Packet Storm
– Post Content – Read More – Packet Storm
– Post Content – Read More – Packet Storm
– Post Content – Read More – Packet Storm
– Post Content – Read More – Packet Storm
– Post Content – Read More – Packet Storm
– Red Hat Security Advisory 2024-8425-03 – Red Hat OpenShift Container Platform release 4.15.37 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include denial of service and traversal vulnerabilities. – Read More – Packet Storm
– khugepaged in Linux races with rmap-based zap, races with GUP-fast, and fails to call MMU notifiers. – Read More – Packet Storm
– SQLite3 suffers from a stack buffer underflow condition in seriesBestIndex in the generate_series extension. – Read More – Packet Storm
– ESET NOD32 Antivirus version 18.0.12.0 suffers from an unquoted service path vulnerability. – Read More – Packet Storm
– IBM Security Verify Access Appliance suffers from multiple insecure transit vulnerabilities, hardcoded passwords, and uninitialized variables. ibmsecurity versions prior to 2024.4.5 are affected. – Read More – Packet Storm
– IBM Security Verify Access versions prior to 10.0.8 suffer from authentication bypass, reuse of private keys, local privilege escalation, weak settings, outdated libraries, missing password, hardcoded secrets, remote code execution, missing authentication, null pointer dereference, and lack of privilege separation vulnerabilities. – Read More – Packet Storm
– Sysax Multi Server version 6.9.9 suffers from a cross site scripting vulnerability. – Read More – Packet Storm
– Sysax Multi Server version 6.9.9 suffers from an SSH related denial of service vulnerability. – Read More – Packet Storm
– Debian Linux Security Advisory 5802-1 – Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. – Read More – Packet Storm
– Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals...
– Post Content – Read More – Packet Storm
– Post Content – Read More – Packet Storm
– Post Content – Read More – Packet Storm
– Post Content – Read More – Packet Storm
– Post Content – Read More – Packet Storm
– Post Content – Read More – Packet Storm
– Post Content – Read More – Packet Storm
– [[{“value”:” Posted by Pierre Kim on Nov 03 ## Advisory Information Title: 32 vulnerabilities in IBM Security Verify Access Advisory URL: https://pierrekim.github.io/advisories/2024-ibm-security-verify-access.txt Blog URL: https://pierrekim.github.io/blog/2024-11-01-ibm-security-verify-access-32-vulnerabilities.html Date published: 2024-11-01 Vendors contacted: IBM Release mode: Released CVE: CVE-2022-2068, CVE-2023-30997, CVE-2023-30998, CVE-2023-31001, CVE-2023-31004, CVE-2023-31005,…“}]] – Read More – Full Disclosure
– [[{“value”:” Posted by Pierre Kim on Nov 03 ## Advisory Information Title: 4 vulnerabilities in ibmsecurity Advisory URL: https://pierrekim.github.io/advisories/2024-ibmsecurity.txt Blog URL: https://pierrekim.github.io/blog/2024-11-01-ibmsecurity-4-vulnerabilities.html Date published: 2024-11-01 Vendors contacted: IBM Release mode: Released CVE: CVE-2024-31871, CVE-2024-31872, CVE-2024-31873, CVE-2024-31874 ## Product description ## Vulnerability Summary Vulnerable versions:…“}]] – Read More – Full Disclosure
– SmartAgent version 1.1.0 suffers from multiple unauthenticated remote SQL injection vulnerabilities. – Read More – Packet Storm
– SmartAgent version 1.1.0 suffers from a server-side request forgery vulnerability. – Read More – Packet Storm
– SmartAgent version 1.1.0 suffers from an unauthenticated remote code execution vulnerability in youtubeInfo.php. – Read More – Packet Storm
– Ubuntu Security Notice 7089-1 – Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the...
– Ubuntu Security Notice 7090-1 – Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the...
– Xlibre Xnest versions 24.1.0 and 24.2.0 suffer from a buffer overflow vulnerability that affected Xorg. – Read More – Packet Storm
– Debian Linux Security Advisory 5801-1 – Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, cross-site scripting, spoofing or information disclosure. – Read More – Packet Storm
This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.
If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.
