Ubuntu Security Notice 6912-1 - James Henstridge discovered that provd incorrectly handled environment variables. A local attacker could possibly use this issue to run arbitrary programs and escalate privileges.
e0dbb950650ffee9227bc95e04f82d63498894eebd4019dc3c14308edd63d54f
Gentoo Linux Security Advisory 202407-28 - A vulnerability has been discovered in Freenet, which can lead to deanonymization due to path folding. Versions greater than or equal to 0.7.5_p1497 are affected.
b874781e75809fcfce304bd0bd15cf7011b804983702419e24541daec542188b
Gentoo Linux Security Advisory 202407-27 - Multiple vulnerabilities have been discovered in ExifTool, the worst of which could lead to arbitrary code execution. Versions greater than or equal to 12.42 are affected.
70b2c3a2a8c960c71bcd4a2608a6410fd215532ae908cfca040c366b7b0a7175
Ubuntu Security Notice 6906-1 - It was discovered that python-zipp did not properly handle the zip files with malformed names. An attacker could possibly use this issue to cause a denial of service.
1a62349ae29e7d79554a4ffcd79d5f0ffd879f7828af8cd95227ea5825dabd0b
SIM Wisuda version 1.0 suffers from an insecure direct object reference vulnerability.
7fed84c74a95aca63927ebf377895e9a07606b145886012809d45f932101a348
SLiMS CMS version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
40690990f8e7a9d69ac2a7722849376b960091b3430423c391d36914318f58b7
Ubuntu Security Notice 6910-1 - Chess Hazlett discovered that Apache ActiveMQ incorrectly handled certain commands. A remote attacker could possibly use this issue to terminate the program, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS. Peter Stoeckli discovered that Apache ActiveMQ incorrectly handled hostname verification. A remote attacker could possibly use this issue to perform a person-in-the-middle attack. This issue only affected Ubuntu 16.04 LTS.
2ae146c10db1dd391dc98c4fa06a3252bd241865630bfb4113b9433bc4f68d29
Ubuntu Security Notice 6530-2 - Seth Manesse and Paul Plasil discovered that HAProxy incorrectly handled URI components containing the hash character. A remote attacker could possibly use this issue to obtain sensitive information, or to bypass certain path_end rules.
58168a762eb0c9cf33ac4f136c917cd582ae33ea9ebf9c0389eb492248ad3ecc
StarTask CRM version 1.9 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
6e2fd2cbf7c7bffe7c302d4b461bf6f489fbda9665b18dc56c36e3c574b89861
UBM CMS version 1.2 suffers from an insecure direct object reference vulnerability.
ca7cdb66f2dc41183a9aa7df2672ee5767e95408be450748fad9f7991aa97729
Ubuntu Security Notice 6907-1 - Joshua Rogers discovered that Squid did not properly handle multi-byte characters during Edge Side Includes processing. A remote attacker could possibly use this issue to cause a memory corruption error, leading to a denial of service.
9c136fbdc40fa780322300ff78d451d018ef8f0e38ed960fa3d82de437e9c749
TAIF LMS version 5.8.0 suffers from a remote shell upload vulnerability.
ba349faa2be4ef714aa164c5655faad9e8a44e970f5e25e60f66cee08f658427
Gentoo Linux Security Advisory 202407-26 - A vulnerability has been discovered in Dmidecode, which can lead to privilege escalation. Versions greater than or equal to 3.5 are affected.
60e696031c25789dc73777144ea1e004dcb8f6420ee81844e6af977cda1ba447
Ubuntu Security Notice 6911-1 - Arnaud Morin discovered that Nova incorrectly handled certain raw format images. An authenticated user could use this issue to access arbitrary files on the server, possibly exposing sensitive information.
8f717bc82952c168a0370701143e28cfffe9992338fcaf85126f67a805e5c78e
Ubuntu Security Notice 6908-1 - It was discovered that the Tomcat SSI printenv command echoed user provided data without escaping it. An attacker could possibly use this issue to perform an XSS attack. It was discovered that Tomcat incorrectly handled certain uncommon PersistenceManager with FileStore configurations. A remote attacker could possibly use this issue to execute arbitrary code.
7726e75bbe7b39bbdc84999efb427741b22bbfa118702c92655b75b6eafddeef
Vencorp version 2.1.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
1efa85ad70e114a1d0f8dac25bda7b473b55d33338cbdef57caf77c451658123
Webdenim AppUI version 1.0 suffers from an insecure direct object reference vulnerability.
3418251e6b23a29fe38369d103a67d4c4c7e084f78a767a8b4660ce397493457
Ubuntu Security Notice 6909-1 - It was discovered that Bind incorrectly handled a flood of DNS messages over TCP. A remote attacker could possibly use this issue to cause Bind to become unstable, resulting in a denial of service. Toshifumi Sakaguchi discovered that Bind incorrectly handled having a very large number of RRs existing at the same time. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service.
306da0210b1902b737e1fa55bad21112997cf1e927d3439a48d391e725b8de48
Red Hat Security Advisory 2024-4779-03 - An update for python3 is now available for Red Hat Enterprise Linux 9.
5e4fde04b6509c0f75db95e351d3c0b39a614b0e638863e55983d8e33e9da52b
Red Hat Security Advisory 2024-4776-03 - An update for cups is now available for Red Hat Enterprise Linux 9.
d89bc212ad7799d2c619bc32e3ae3aa2d2f73aa653e55f76c564176979afa9f0
Red Hat Security Advisory 2024-4774-03 - An update for linux-firmware is now available for Red Hat Enterprise Linux 9.
7a86bad3e1c41138d2d391d59a6b0f0d844eee195b29529c11ca3ac52e5afc41
Red Hat Security Advisory 2024-4766-03 - An update for python3 is now available for Red Hat Enterprise Linux 9.
a5605b55a9d7b6936d66aa5ca4e3f1a5e06c020412e47f3799525716c5c5b048
Red Hat Security Advisory 2024-4762-03 - An update for runc is now available for Red Hat Enterprise Linux 9. Issues addressed include a memory leak vulnerability.
0c2f6f6f83deed431efe0ea68a94a76a8ee68b84da400d49cc1f8580a3d93126
Red Hat Security Advisory 2024-4761-03 - An update for containernetworking-plugins is now available for Red Hat Enterprise Linux 9. Issues addressed include a memory leak vulnerability.
518eb50066c2d4cfda49c6888a19313eb7982e56af1a991a5320fec23c6fbfa1
Red Hat Security Advisory 2024-4757-03 - An update for libvirt is now available for Red Hat Enterprise Linux 9. Issues addressed include a use-after-free vulnerability.
791358d78547fbdfa6aef1937437d97deaee9956bc41ea04b0e20efcf5b2f77f