Ubuntu Security Notice 5553-1 - It was discovered that libjpeg-turbo was not properly handling EOF characters, which could lead to excessive memory consumption through the execution of a large loop. An attacker could possibly use this issue to cause a denial of service. It was discovered that libjpeg-turbo was not properly performing bounds check operations, which could lead to a heap-based buffer overread. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM.
4e135a6155a1d14aa6894601823a2eb064d3b15e7f83a90a56f73977ea7ed49cUbuntu Security Notice 5554-1 - Pedro Ribeiro discovered that the GDK-PixBuf library did not properly handle certain GIF images. If an user or automated system were tricked into opening a specially crafted GIF file, a remote attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service, or possibly execute arbitrary code.
e3627154196feab669778608b18845cbd453c874886a6d8b9162c1db15124694Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.
55bf55c23ad3af98ba8b098c490b16c7d59a4f5cf7ca284cdbc46d065973c862Thingsboard version 3.3.1 suffers from multiple persistent cross site scripting vulnerabilities.
ebc19fabae10baaf27a649ed72c78fdc00a6360b84c4b01f5754b78406a8b3c2Red Hat Security Advisory 2022-5913-01 - Red Hat Kiali for OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers containers for the release. Issues addressed include a denial of service vulnerability.
31f39c61b76d0128cc72bb607b7be71992bb6ac41ab4b2e78086ea798090f1ceThis Metasploit module exploits CVE-2022-28219, which is a pair of vulnerabilities in ManageEngine ADAudit Plus versions before build 7060. They include a path traversal in the /cewolf endpoint along with a blind XML external entity injection vulnerability to upload and execute a file.
19ca84f8e53083cacedb632dc26e16f78047ee8e6573a717d22be7336e613cdbUbuntu Security Notice 5552-1 - It was discovered that phpLiteAdmin incorrectly handled certain GET requests. An attacker could possibly use this issue to perform cross-site scripting attacks.
d11c28be54d29888fbcb81900ade5f92a7f9ce5670ae0c80a2bd652530514a01Red Hat Security Advisory 2022-5915-01 - Red Hat Kiali for OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers containers for the release. Issues addressed include a denial of service vulnerability.
cdcfd73b6cdd2ceb6501ce89d6ca23026e96b2f4590c9e01a20fe55461da72beRed Hat Security Advisory 2022-5914-01 - Red Hat Kiali for OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers containers for the release. Issues addressed include a denial of service vulnerability.
6a3d3004097e4b6447c1da23478c8783229589ac01233615a1899107da646231Nortek Linear eMerge E3-Series version 0.32-07p suffers from a vulnerability where session fixation tied with cross site scripting can allow for account takeover.
6a30c71e741d3009dbaf81b18d14a4260f6043c44ce1ca7ff3fc8841c01a990eNortek Linear eMerge E3-Series version 0.32-09c suffers from a blind OS command injection vulnerability.
1b6d5355c3cfb8a305b173bd302a4a64ba695c262235e2d26ec6c0d12c984191Nortek Linear eMerge E3-Series versions 0.32-07p, 0.32-07e, 0.32-07p, 0.32-08f, and 0.32-09c suffer from an administrative credential disclosure vulnerability.
307313c2ca8b81c83cd5647ca35cba3eab21050364f124ce96583e8dff6bcfd4
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed