Red Hat Security Advisory 2021-3642-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
e5ea0b25b2d39793003ba5a3c2f5ece3db0e42eeb9158570c160ffde10c19998
Pet Shop Management System version 1.0 suffers from a remote shell upload vulnerability.
28477ad85ab4111f1df3679d0ad89f7074a8bafd27483d7ca25f37d1c4298c64
Ubuntu Security Notice 5092-2 - Valentina Palmiotti discovered that the io_uring subsystem in the Linux kernel could be coerced to free adjacent memory. A local attacker could use this to execute arbitrary code. Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF verifier in the Linux kernel missed possible mispredicted branches due to type confusion, allowing a side-channel attack. An attacker could use this to expose sensitive information. Various other issues were also addressed.
fe6e6f7b890fe9c454e6d8b6981a93e9900e3e12cc8de38080233a23b6f9f395
Mitrastar GPT-2541GNAC-N1 suffers from a privilege escalation vulnerability that provides root privileges.
79eee6856f1f12654bc6bb4b93dba0735934aa5df9b92db70648672e0168b534
Google's Extensible Service Proxy suffers from a header forgery vulnerability.
c2a95ac806be1e61288f44e7ec319f21ec2702adefa41386a2ad0039ac44ff37
Ubuntu Security Notice 5094-1 - It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. An attacker who could start and control a VM could possibly use this to expose sensitive information or execute arbitrary code. It was discovered that the tracing subsystem in the Linux kernel did not properly keep track of per-cpu ring buffer state. A privileged attacker could use this to cause a denial of service. Various other issues were also addressed.
61410dbe4257dd87ae714e3f86a082bb3acae0802b9d7ce2e4fc034d086c4838
Storage Unit Rental Management System version 1.0 suffers from a remote shell upload vulnerability.
40921e68c1ec93ec4338b185d832ad6b9271cae7bd61a5da66366bf26fd606e0
Ubuntu Security Notice 5090-4 - USN-5090-1 fixed vulnerabilities in Apache HTTP Server. One of the upstream fixes introduced a regression in UDS URIs. This update fixes the problem. James Kettle discovered that the Apache HTTP Server HTTP/2 module incorrectly handled certain crafted methods. A remote attacker could possibly use this issue to perform request splitting or cache poisoning attacks. It was discovered that the Apache HTTP Server incorrectly handled certain malformed requests. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. Li Zhi Xin discovered that the Apache mod_proxy_uwsgi module incorrectly handled certain request uri-paths. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 21.04. It was discovered that the Apache HTTP Server incorrectly handled escaping quotes. If the server was configured with third-party modules, a remote attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that the Apache mod_proxy module incorrectly handled certain request uri-paths. A remote attacker could possibly use this issue to cause the server to forward requests to arbitrary origin servers. Various other issues were also addressed.
97566fcdf572aabba3700b134cb12c430056ecb69fad0c05e485f33bb178308a
WordPress Redirect 404 to Parent plugin version 1.3.0 suffers from a cross site scripting vulnerability.
f4ebfcd69e7f5176c540dbe75f7090e041c52868c64e8097859a7b178f1d3f4b
WordPress Select All Categories And Taxonomies plugin version 1.3.1 suffers from a cross site scripting vulnerability.
68fc9f4058f733ea1e46d65dc918535536c09807be809a6fe766a63989c5c709
OpenSIS version 8.0 suffers from a cross site scripting vulnerability.
bac5d8f25561abe1b7b4f87c94bf527231e8fcd6a9f8623f5506441d4deed74c
Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence. It was originally written by Google and open sourced in July of 2020.
9e5527ca4b40f218f5fc3dcb8685bd4dd7fecf7330f37e0ad5242e442db55a6b
Covid Vaccination Scheduler System version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities. Original discovery of SQL injection in this version is attributed to faisalfs10x in July of 2021.
ae710b05bd025d7e79e63517677882000a5dc8e341484db8f13afd0794170b66