Open Web Analytics (OWA) versions prior to 1.7.4 allow an unauthenticated remote attacker to obtain sensitive user information, which can be used to gain admin privileges by leveraging cache hashes.
f257222aebae82bd8174357b1116bd0d590938b4d5b592db27830a87036b04c1Debian Linux Security Advisory 5356-2 - One of the security fixes released as DSA 5356 introduced a regression in the processing of specific WAV files. Updated sox packages are available to correct this issue.
e1babfd23fbc696770c5e3ea11e225dd0d9ca59dab909793c30fb2526b1cfa4fThere is an intra-object overflow in Shannon Baseband, inside the 5G MM protocol implementation (NrmmMsgCodec as it is called in Shannon according to debug strings), specifically when handling the Service Area List message (IEI = 0x27).
ca27ff3f40a5cef1422ff326c82c6ac37d4d2a24ac33342144bc8a5c84aa2848Ubuntu Security Notice 5959-1 - It was discovered that Kerberos incorrectly handled memory when processing KDC data, which could lead to a NULL pointer dereference. An attacker could possibly use this issue to cause a denial of service or have other unspecified impacts.
d9f3d92945cbc3be219bd04ebd7aac3aa31d1cac83d0d62d9ee82f4e45c4d1b0Riello UPS systems can have their restricted configuration shell bypassed to gain full underlying operating system access.
6ef7e8370834a1f65507385ad2f9fb981e57f39aa18bf52ca3a727aaa3955839Ubuntu Security Notice 5962-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
564ea90f0a9cb872d9edcccc127c68905719afec80e7f2bbba3ccb3fe0d567d9There is a heap buffer overflow in Shannon Baseband, inside the 5G MM protocol implementation (NrmmMsgCodec as it is called in Shannon according to debug strings), specifically when handling the Operator-defined access category definitions message (IEI = 0x76).
0d9b32ed9b931576486f7e7630f9b8e393f008ff2bccc77a8e30f84a45f1e0f0B-Sides Ljubljana will be held June 16, 2023 in Ljubljana, Slovenia.
a8a7fd33b3af62a91c8455b5929954ee7b0ebda0b1976fcd6027df433714ce33Debian Linux Security Advisory 5375-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service, the execution of arbitrary code or spoofing.
943bb672c5f5a142c518592167667218e9e53d058b0660c6d0458c7636cb77caThere is a heap buffer overflow in Shannon baseband, inside the 5G MM protocol implementation (NrmmMsgCodec as it is called in Shannon according to debug strings), specifically when handling the "Extended emergency number list" message (IEI = 0x7A).
ba04bb179ad4db118c637bfe6c329d2d3ebef7e310034bd5a8af11fa0123adc3Ubuntu Security Notice 5961-1 - It was discovered that abcm2ps incorrectly handled memory when parsing specially crafted ABC files. An attacker could use this issue to cause abcm2ps to crash, leading to a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. Chiba of Topsec Alpha Lab discovered that abcm2ps incorrectly handled memory when parsing specially crafted ABC files. An attacker could use this issue to cause abcm2ps to crash, leading to a denial of service.
b2dd20769972bbb693dff57a5249e0e6efe673b60728f67b614a4ce8f92ba882There is a heap buffer overflow in Shannon baseband, inside the 5G MM protocol implementation (NrmmMsgCodec as it is called in Shannon according to debug strings), specifically when handling the "Emergency number list" message (IEI = 0x34).
ff7c534a4bbc11dc3cd3ac7fb2571e8b2fc9cddf789fa05fff2fc30be17f2acaThis write up is an overview of how Microsoft's attempts to manage elevated access to executables via registry entries has added over complexity that still allows for escalation.
b1516a79355be52fa5902480223a989e031dabbe42f666f261b68eb25bbb8331
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed