Ubuntu Security Notice 5307-1 - Gaoning Pan discovered that QEMU incorrectly handled the floppy disk emulator. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. Gaoning Pan discovered that the QEMU vmxnet3 NIC emulator incorrectly handled certain values. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. It was discovered that the QEMU vhost-user GPU device contained several security issues. An attacker inside the guest could use these issues to cause QEMU to crash, resulting in a denial of service, leak sensitive information, or possibly execute arbitrary code. This issue only affected Ubuntu 21.10.
93c74c6aff190d655abe77b615cbb1fdb9e7fd27501547e3980eeee5e03af9e9
Ubuntu Security Notice 5306-1 - A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
4707e6455db6e67f13deff36f5a237a548085e428fab6e3fa9ad01323dd3f307
Casdoor version 1.13.0 suffers from a remote SQL injection vulnerability.
93062cdead6d8c30acd5f911a8c586515a0dee480dc4c1ced674d065a997669b
Ubuntu Security Notice 5305-1 - Several security issues were discovered in MariaDB and this update includes new upstream MariaDB versions to fix these issues. MariaDB has been updated to 10.3.34 in Ubuntu 20.04 LTS and to 10.5.15 in Ubuntu 21.10. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.
815bfa1ab915305e12d2a8aa42fa36c26e97c9bb08144e2f919e5d498502d721
Cipi Control Panel version 3.1.15 suffers from a cross site scripting vulnerability.
868be8a473f07ef8b17ba1fb7a561625c3b8913ea800d024beeb177f822e4165
Ubuntu Security Notice 5304-1 - Kevin Backhouse discovered that PolicyKit incorrectly handled file descriptors. A local attacker could possibly use this issue to cause PolicyKit to crash, resulting in a denial of service.
d4fe0dc859ca9f481562f7719091c3c6f63d05c071bed985bd5ecb5558850e9c
WAGO 750-8212 PFC200 G2 2ETH RS suffers from a privilege escalation vulnerability.
be01109a1136b5015b1371e991c44772c948affadfbeb6d826fffcd6d452fad3
Ubuntu Security Notice 5303-1 - It was discovered that PHP incorrectly handled certain scripts. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code.
eac3ef8542d9946db383117234b5345b135eed10bf4036c82db688ec31e6cf88
Cobian Backup Gravity version 11.2.0.582 suffers from an unquoted service path vulnerability.
64e3a74be268225c622d589847ccf65815d277873fde892561818f6632661f33
Cobian Backup 11 Gravity version 11.2.0.582 suffers from a denial of service vulnerability.
7cc796f5d2b9ff46619e6c2311da217d3c4465a40bc7151cf9164d8b4ee7cfef
Cobian Reflector version 0.9.93 RC1 suffers from a denial of service vulnerability.
06a66f18fc87a716d53e8170ada3441809054f1c9b46c353c76ccff80db6f707
Red Hat Security Advisory 2022-0682-01 - OpenShift GitOps v1.3.4 on OCP 4.7-4.9 Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include a traversal vulnerability.
2a065937d0d658441015a3945dc5716db5be87649f22c19ccb83de2aa84dafaf
Whitepaper called PE Infection that discusses portable execution injection and exploitation. Written in Arabic.
e0534cb924c64a357ac0fc2ed8a017fc1a7e5701279ab670c791cde630d32ab9