Debian Linux Security Advisory 5708-1 - Damian Poddebniak discovered that the Cyrus IMAP server didn't restrict memory allocation for some command arguments which may result in denial of service. This update backports new config directives which allow to configure limits, additional details can be found at.
70eb25942337ab76e9c7ad5d061a4d5ff4412f5b6e6995e25486cb408f6e8b66Debian Linux Security Advisory 5707-1 - A buffer overflow was discovered in the MMS module of the VLC media player.
553c64480f66e1d6da6a0dbd03a9bb0004a704108cfb14edfd9dd82463652b90Carbon Forum version 5.9.0 suffers from a persistent cross site scripting vulnerability.
0275740466e4849423d62587753fa66335d2a4cb87f615eb7dc13dda378872d2Ubuntu Security Notice 6830-1 - It was discovered that libndp incorrectly handled certain malformed IPv6 router advertisement packets. A local attacker could use this issue to cause NetworkManager to crash, resulting in a denial of service, or possibly execute arbitrary code.
fd36f62e85473eb207c496bde2f292b4f91c7a0f5534585e03fe65ac3c322092Ubuntu Security Notice 6819-2 - Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service. Chenyuan Yang discovered that the RDS Protocol implementation in the Linux kernel contained an out-of-bounds read vulnerability. An attacker could use this to possibly cause a denial of service.
aa4906916aa0bf9376da682c5ed9fb70434203cee9f1f143722bf1febd67513cUbuntu Security Notice 6821-3 - It was discovered that the ATA over Ethernet driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service.
aae6b5f7c1a02571eceaa675caf0e3f9084a4a26a6ccfb4410f9c4ea33879bddUbuntu Security Notice 6820-2 - It was discovered that the ATA over Ethernet driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service.
00e4f9a494ac2b0dbc8e49a5e02c9ab2f51a1db97699c4f2c25ba3b67cc89914Ubuntu Security Notice 6828-1 - Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service. It was discovered that the ATA over Ethernet driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code.
488517b61336dab3bc51a5c78cc3f59815f9cbaf86589ad479bd44ac1cb98921Ubuntu Security Notice 6826-1 - Karl von Randow discovered that mod_jk was vulnerable to an authentication bypass. If the configuration did not provide explicit mounts for all possible proxied requests, an attacker could possibly use this vulnerability to bypass security constraints configured in httpd.
cf6017d31a48fcb0d18e99eff25ef34b45a6980db67fe71108a69071cda964a1Ubuntu Security Notice 6823-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.37 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.10, and Ubuntu 24.04 LTS. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.
018bcd047e605d3c04e17cb5d724bb88d369504a2d7d9bf3f1454672558565f4Apple Security Advisory 06-10-2024-1 - visionOS 1.2 addresses bypass, code execution, integer overflow, out of bounds access, out of bounds read, and out of bounds write vulnerabilities.
52123756454d00b97ff4a99cfa9ea8198fb27627fd76ba6c9ee40304e3ff4865XMB version 1.9.12.06 suffers from a persistent cross site scripting vulnerability.
b18b7ade8c93d26089ad547c0a84b59c6125527787f375a74692835723a66dd1Red Hat Security Advisory 2024-3859-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Issues addressed include a use-after-free vulnerability.
ad4dd7324a21f8ada00f4f0cbfbe64df788bb019bc980d68e69b09bf024797c6Red Hat Security Advisory 2024-3855-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include double free and use-after-free vulnerabilities.
646094b3ea0b558b8f2f7ded88435c3b43cab26529b77943634d1d4676b8f792Red Hat Security Advisory 2024-3854-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include double free and use-after-free vulnerabilities.
62ab26749677896b2e9f04d6e1948968133dca9fba2d6ec69ef11b5cd9ffc97dRed Hat Security Advisory 2024-3846-03 - An update for python-idna is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.
26ab2c9f0250acd2cff10d04d7f9fe69ce6054e704c30e8572fb9fa8b0cd2ad7Red Hat Security Advisory 2024-3843-03 - An update for cockpit is now available for Red Hat Enterprise Linux 9. Issues addressed include a code execution vulnerability.
8f10a60bfdd72fc343f8d365d8ba129cdfc7d1b46b4ad4a0c0a1505f7d55e087Red Hat Security Advisory 2024-3842-03 - An update for c-ares is now available for Red Hat Enterprise Linux 9. Issues addressed include an out of bounds read vulnerability.
a5e7749c400384de02569560302160c979c5e2317d1ce11bcb741740ed53dbb4Red Hat Security Advisory 2024-3838-03 - An update for ruby is now available for Red Hat Enterprise Linux 9. Issues addressed include HTTP response splitting and denial of service vulnerabilities.
2059cc3f70ad3bd2782f65d8186437a208d94ee6924545cb1f6dfaa50898d862Red Hat Security Advisory 2024-3837-03 - An update for 389-ds-base is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.
a2d7383a2db617105ce1a63c5573eefac19be4953641e9e8783fc328e94a1bb3Red Hat Security Advisory 2024-3835-03 - An update for libreoffice is now available for Red Hat Enterprise Linux 9.
3b17208804b8a1f83adfb15e5c3e485c09ec8c637d41f0faa4f26d084ebe1cd7Red Hat Security Advisory 2024-3834-03 - An update for gdk-pixbuf2 is now available for Red Hat Enterprise Linux 9.
ce47321d7659c1df721e3abe7e14b157b80d063692c6b9b94aa2b4593ccedbf2Red Hat Security Advisory 2024-3831-03 - An update for containernetworking-plugins is now available for Red Hat Enterprise Linux 9. Issues addressed include a memory exhaustion vulnerability.
a39fd8897717fe54c33a76ff622232e1bc3f85dbf517d4bbbb6e3d5725c3f198Red Hat Security Advisory 2024-3830-03 - An update for gvisor-tap-vsock is now available for Red Hat Enterprise Linux 9. Issues addressed include a memory exhaustion vulnerability.
766c7029ec599ba1a129e6268ea41dd1e1c2049651a5c37f4265135965edb059Red Hat Security Advisory 2024-3827-03 - An update for buildah is now available for Red Hat Enterprise Linux 9. Issues addressed include memory exhaustion and resource exhaustion vulnerabilities.
07cbfe15176fc2a628fe704049694d5b89d1d2e09118fd7569fbe50d1402fcce
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed