Ubuntu Security Notice 6838-1 - It was discovered that Ruby RDoc incorrectly parsed certain YAML files. If a user or automated system were tricked into parsing a specially crafted .rdoc_options file, a remote attacker could possibly use this issue to execute arbitrary code. It was discovered that the Ruby regex compiler incorrectly handled certain memory operations. A remote attacker could possibly use this issue to obtain sensitive memory contents.
120b5d48766d2e4145ff11d42e77720c22fbb0e8c31ac33a57af9a29ab60b5c4
Debian Linux Security Advisory 5713-1 - A buffer overflow was discovered in libndp, a library implementing the IPv6 Neighbor Discovery Protocol (NDP), which could result in denial of service or potentially the execution of arbitrary code if malformed IPv6 router advertisements are processed.
414fe28d43c63628c7727e7dc813f24ee3af646af63e4134e6bac8a3e7c9927f
Ubuntu Security Notice 6836-1 - It was discovered that SSSD did not always correctly apply the GPO policy for authenticated users, contrary to expectations. This could result in improper authorization or improper access to resources.
987d70b02a13b9f0ddd885ec0009fa259b1543ea0df3343d78174d1c178533dc
Debian Linux Security Advisory 5712-1 - Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed.
97ff16eab403fc385d9f0212e630320c5a0ebb1797101a08bda0043e22658ef9
SPA-CART CMS version 1.9.0.6 suffers from business logic and user enumeration flaws.
c07ecb52014c29ee2ae79ddc27279f57e1299334d6615202ed7fd43f0bfec058
Ubuntu Security Notice 6837-1 - It was discovered that Rack incorrectly handled Multipart MIME parsing. A remote attacker could possibly use this issue to cause Rack to consume resources, leading to a denial of service. This issue only affected Ubuntu 23.10. It was discovered that Rack incorrectly parsed certain media types. A remote attacker could possibly use this issue to cause Rack to consume resources, leading to a denial of service.
824bad973b7cab22cded200621d28510e0c10f056f271c31954b083a1f0a7fcf
Debian Linux Security Advisory 5711-1 - Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code.
d17594a754beaf5d96a94c366b79d806553846db144bb60489c7c58df38c05ef
Debian Linux Security Advisory 5710-1 - Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
a94c3400d965474f472a6470d2cc5de01f3d9ff6f801375e77f029d1246035ca
Payroll Management System version 1.0 suffers from a remote code execution vulnerability.
95e70f2a7e3614ff59ea24008e2a7ac928b5443265fb898313f9d2e513e4e87f
Ubuntu Security Notice 6821-4 - It was discovered that the ATA over Ethernet driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service.
005197f93f9635a71a9d722ed30f7f10170a59d2fc5bf3241cc4fd1eef53f94e
Ubuntu Security Notice 6818-3 - Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service. It was discovered that the Intel Data Streaming and Intel Analytics Accelerator drivers in the Linux kernel allowed direct access to the devices for unprivileged users and virtual machines. A local attacker could use this to cause a denial of service.
dcff9f0b90830b9039bdc525bab3fafe6a039d75b4aa054c2fed494b9bcc3e2d
Ubuntu Security Notice 6817-3 - Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service.
1752b2af4ad48731e915d06f5b99e4c8ba4c916b26d5213c25202f418a9c4b84
Red Hat Security Advisory 2024-3939-03 - An update for linux-firmware is now available for Red Hat Enterprise Linux 7.
c32ff7b1ee9bfdb0cfab20ff6d6a9b9eccdb945e9408557a84cd5b3f9cac57f1
Red Hat Security Advisory 2024-3925-03 - An update is now available for Red Hat Ceph Storage 7.1.
beb8cfa76c001f4908d5d64ad2d908e8dcead1dfc72ca3f936b2af9223cea4b5
Red Hat Security Advisory 2024-3868-03 - Network Observability 1.6 for Red Hat OpenShift. Issues addressed include code execution, denial of service, memory exhaustion, and password leak vulnerabilities.
46b077840ecd537d76c8f7b7123641235f28f7db335fb249f137f29bfcd93328
WordPress RFC WordPress plugin version 6.0.8 suffers from a remote shell upload vulnerability.
4468f4696d03ffe956a92f27a6ffc10e0c20a263366746acf20b31b834d1c753