Ubuntu Security Notice 5347-1 - It was discovered that OpenVPN incorrectly handled certain configurations with multiple authentication plugins. A remote attacker could possibly use this issue to bypass authentication using incomplete credentials.
3ee944e2fc7c9844df36241348419e7a7f2d5bf154be7f89e992b63a4c2a020e
Red Hat Security Advisory 2022-0992-01 - Twisted is a networking engine written in Python, supporting numerous protocols. It contains a web server, numerous chat clients, chat servers, mail servers and more. Issues addressed include a denial of service vulnerability.
79a19c3cbf15f775863e451c8f8686dcdb3e9de3fe286f70b8ac87b5062b8b31
Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.
b60364a4c0068a10811ab3fd075ca6c1eb0e75d44600271b88a20ed93a2ef631
Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not properly restrict access to the cgroups v1 release_agent feature. A local attacker could use this to gain administrative privileges. Nick Gregory discovered that the Linux kernel incorrectly handled network offload functionality. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
2192c199581e31d17ad1f82ccb72319fb36da887cc27a4431990dced1f3967d7
Red Hat Security Advisory 2022-0995-01 - An update for openstack-tripleo-heat-templates is now available for Red Hat OpenStack Platform 16.2 (Train). A data leak issue has been addressed.
9fe874e55fe050e0ce2eb6bcdcb4a6cbcffea219d765cc0dc420fc49db13efec
Ubuntu Security Notice 5346-1 - It was discovered that the ICMPv6 implementation in the Linux kernel did not properly deallocate memory in certain situations. A remote attacker could possibly use this to cause a denial of service.
a48b0e4250ecc79c0235657365ca5321d3e07c034d1cab4da7ddbff61939df73
Red Hat Security Advisory 2022-0996-01 - OpenStack Networking is a virtual network service for OpenStack. Just as OpenStack Compute provides an API to dynamically request and configure virtual servers, OpenStack Networking provides an API to dynamically request and configure virtual networks. These networks connect 'interfaces' from other OpenStack services. The OpenStack Networking API supports extensions to provide advanced network capabilities. Issues addressed include a memory leak vulnerability.
b3d962e53260c625a6241832d74144cead5bf93bfd9a20305e7f2347746bf931
Red Hat Security Advisory 2022-0999-01 - OpenStack Compute is open source software designed to provision and manage large networks of virtual machines,creating a redundant and scalable cloud computing platform. It gives you the software, control panels, and APIs required to orchestrate a cloud, including running instances, managing networks, and controlling access through users and projects.OpenStack Compute strives to be both hardware and hypervisor agnostic, currently supporting a variety of standard hardware configurations and seven major hypervisors. Issues addressed include an open redirection vulnerability.
28779d3e50dbd7213d9f1459f5541bdd16267995b0e63c216606c8a9cbe17def
Event Management System version 1.0 suffers from a remote shell upload vulnerability.
d29d273732819885b424497e3b63f2a9de904b0f6dec9747251cdc6b6074a7af
Microfinance Management System version 1.0 suffers from a remote blind SQL injection vulnerability that can be used to escalate privileges and execute code.
4fe771253957bc9da8bf9d6f354bd85b68d2b3caf66a57e6f2dcca042cc36d78
Red Hat Security Advisory 2022-1039-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include privilege escalation and traversal vulnerabilities.
a3aa6dabb32b90d59c78082f139db0780896fec7f29703a5c21de22ea3a9a54a
Ubuntu Security Notice 5345-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass security restrictions, obtain sensitive information, cause undefined behaviour, spoof the browser UI, or execute arbitrary code. It was discovered that extensions of a particular type could auto-update themselves and bypass the prompt that requests permissions. If a user were tricked into installing a specially crafted extension, an attacker could potentially exploit this to bypass security restrictions.
158e67eea2f1566d437c34e7e51105fbd18e6d48a7076eb1db7f2932c00300c5
Sports Complex Booking System version 1.0 suffers from a remote blind SQL injection vulnerability that can be used to escalate privileges and execute code.
a8cb19d10a1f7b7c0a2498ba042893133e48b8c8396e0f136ecbf2cac615ec6e
Red Hat Security Advisory 2022-1040-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include privilege escalation and traversal vulnerabilities.
8585975b6b8703271e6071314b4fb1c73d4b84f1a0f532c60be866e36b89a090
Red Hat Security Advisory 2022-1041-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include privilege escalation and traversal vulnerabilities.
6445fba90799b01b872171494589c69dffa5557ff9ffa53f46f79a6cee9831a2
Trend Micro Virtual Mobile Infrastructure version 6.0.1278 suffers from a denial of service vulnerability.
3b00f21e7929d1458139e444a2f23ea35c0669abaa488505d6edbbfed139131d
Red Hat Security Advisory 2022-1042-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include privilege escalation and traversal vulnerabilities.
5265a1937f32a43b20d3f66c08e5c5c57fd157ff3cf351d7f38e42467527af1a
Foxit PDF Editor (iOS) version 11.3.1 suffers from an arbitrary file upload vulnerability.
eee6585def5e7c7d4e32865c6af95620ceb8365f388cac02687c0e833289acfa
Red Hat Security Advisory 2022-0993-01 - An update for python-oslo-utils is now available for Red Hat OpenStack Platform 16.2 (Train). A password masking issue has been addressed.
73b222483929a1b567341acd7a38848b81b9d3e846ed4ffae140ef8a250be3ca
Sports Complex Booking System version 1.0 suffers from a remote shell upload vulnerability.
6b6e16ae3e626d94c06305d8b0563b09389a334fb41a994beb29c510874c6b2d
Red Hat Security Advisory 2022-0997-01 - An update for golang-qpid-apache is now available for Red Hat OpenStack Platform 16.2 (Train).
c5e65941dc3cd35001cc56db522dce7751f4f7219eb9839b70edd04e9e2b7fc5
Red Hat Security Advisory 2022-1000-01 - A fast multidimensional array facility for Python. Issues addressed include a buffer overflow vulnerability.
76aa73135456b18c518d7251996c8c9ca909eae28e4bf2fe48da0e967d9c5497
Red Hat Security Advisory 2022-0998-01 - An update for golang-github-vbatts-tar-split is now available for Red Hat OpenStack Platform 16.2 (Train).
3b69cb9b3533df3e7568f3882c7632a98f376ed7157fb20e9213fd120ca6c99f
Online Sports Complex Booking System version 1.0 suffers from a remote blind SQL injection vulnerability.
50854eb8792e73913f0d0793afa007df0993cd73ec2fea6ff41d6269463d3db2
Online Sports Complex Booking System version 1.0 suffers from an account takeover vulnerability due to missing authorization controls.
a18fa028a2df9ed56cfc98dd85b49189c95b2eecbf3fc80170c5430f78db9060