Revenue Collection System version 1.0 suffers from a persistent cross site scripting vulnerability allowing an authenticated client user to add an administrative user account to the application then log in as the newly created admin.
c480b839cfd03e90fa43402bbfa8f8ab4dc9db4461d292dd292b3383bf3c5995
Revenue Collection System version 1.0 suffers from an unauthenticated SQL injection vulnerability in step1.php that allows remote attackers to write a malicious PHP file to disk. The resulting file can then be accessed within the /rates/admin/DBbackup directory. This script will write the malicious PHP file to disk, issue a user-defined command, then retrieve the result of that command.
b41c4f6c71ea1156cfd52b2bd3c354cdb2fc0372d5b22d463c64b50c55b777c0
Ubuntu Security Notice 5726-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the contents of the addressbar, bypass security restrictions, cross-site tracing or execute arbitrary code.
b4c21832ad3bb61ebf8eab2d0d6047f68bee97b1b36d7847b505ddd8697605d5
Red Hat Security Advisory 2022-8494-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Issues addressed include buffer overflow, bypass, and out of bounds write vulnerabilities.
ea8be5e6db748b7db96745edc43d74ec16bc48ce23660f2153448482369ce675
Red Hat Security Advisory 2022-8493-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a privilege escalation vulnerability.
830e84737049728164089fedffb46a7456defd19bcdcd6e15286d0fe9df4be79
Red Hat Security Advisory 2022-8491-01 - X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Issues addressed include buffer overflow and memory leak vulnerabilities.
3372092786e747dd90937179d7501b29e4b4194e622025b31d20e00e3f05c27c
Red Hat Security Advisory 2022-8492-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a privilege escalation vulnerability.
6cf3a3fb83078828d12c9df5d5fe73dbfad72c496a535112ea92891acff4047d
Ubuntu Security Notice 5625-2 - USN-5625-1 fixed a vulnerability in Mako. This update provides the corresponding updates for Ubuntu 22.10. It was discovered that Mako incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service.
d0c94eb60f485507cd673ee2a45008fbb6bdc42fdf1dd8d2faebbf24827ab77e
Debian Linux Security Advisory 5281-1 - It was discovered that parsing errors in the mp4 module of Nginx, a high-performance web and reverse proxy server, could result in denial of service, memory disclosure or potentially the execution of arbitrary code when processing a malformed mp4 file.
2843476468a10f35ec307074aedcd47e5882da638047bde46235c74be4e43662
Debian Linux Security Advisory 5280-1 - Several issues were found in GRUB2's font handling code, which could result in crashes and potentially execution of arbitrary code. These could lead to by-pass of UEFI Secure Boot on affected systems.
3f127fc0be7c3dcc4fd8ba18c8ffe0115d3bbb944d5796670d7d8551cca8e78b
Red Hat Security Advisory 2022-8207-01 - OpenJPEG is an open source library for reading and writing image files in JPEG2000 format.
d3364ce9966359b4a16b105a29495d27d4868a167b5f1e57ae354c6e99d30246
Red Hat Security Advisory 2022-8291-01 - The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool. Issues addressed include a buffer over-read vulnerability.
fc436e498a53e5c49e1c1a8b09212891e27db5be700b48345aa6a7709f911fa7
Red Hat Security Advisory 2022-8250-01 - The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards.
763ca001b832a7eeb70226b1d2de4dd230c6013bc449a144b018b3485f826480
Red Hat Security Advisory 2022-8393-01 - The logrotate utility simplifies the administration of multiple log files by allowing their automatic rotation, compression, removal, and mailing. Issues addressed include a denial of service vulnerability.
0d82d51165bed738bee4e784350731a383d72c6f8a90f1696f1a99724d742924
Red Hat Security Advisory 2022-8222-01 - Xwayland is an X server for running X clients under Wayland. Issues addressed include an out of bounds access vulnerability.
8b87b190c1dbec56ad75fc32a3e8b9e6c69ea3cddf46662da1c7320f7ec0a101
Red Hat Security Advisory 2022-8162-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Issues addressed include denial of service and memory leak vulnerabilities.
4dc397ccf924d964d2de315c2bf8ddab8c92565237c1fb2931dcb388d4c43805
Red Hat Security Advisory 2022-8434-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.100 RC 2 and .NET Runtime 7.0.0 RC 2.
3c03db88c3f16f31e6edf6f9f2ec842940b684da1c45853b3a0cd9c1da084532
Red Hat Security Advisory 2022-7955-01 - The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Issues addressed include a denial of service vulnerability.
4e0707644ecf9e9421cd830bd73cba92844a7435320b5b6a805437f694882ab1
Red Hat Security Advisory 2022-8062-01 - The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver.
ad9465480ac5831015271d46593c2eb547ef8d26212fe261232dadc6e754d449
Red Hat Security Advisory 2022-8194-01 - The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Issues addressed include buffer overflow, denial of service, and out of bounds read vulnerabilities.
a7335970eb93f38ec1e86e4d351218867c61ef9c4a022cf6a1b98d5b202225a1
Red Hat Security Advisory 2022-8420-01 - The zlib packages provide a general-purpose lossless data compression library that is used by many different programs.
c0b3e73d14a8917e1e497a91996b09446a57b7c536c3c4925ae9e7c0f4fb5dd5
Red Hat Security Advisory 2022-8431-01 - The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Issues addressed include an information leakage vulnerability.
bde63b47a05fa71e76f75535ab11d13194617f32effd054fa1677bd6f9f48500
Red Hat Security Advisory 2022-8008-01 - The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images. Issues addressed include denial of service and information leakage vulnerabilities.
f27bc3e529f8aa8ebd57f3027862054868818878916e80cbd4d078f8cadc588f
Red Hat Security Advisory 2022-8068-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a denial of service vulnerability.
78e3d58d4d1eb9466ef6c8b562787c6ffcba6ecbec9891354c2e4d2422922fb6
Red Hat Security Advisory 2022-8098-01 - Toolbox is a tool for Linux operating systems, which allows the use of containerized command line environments. It is built on top of Podman and other standard container technologies from OCI.
896c52820d29c6247a9c4858eb4c3557cfc4c421ac3dbfbc2b20b4c0e0adbcff