Ubuntu Security Notice 6421-1 - It was discovered that Bind incorrectly handled certain control channel messages. A remote attacker with access to the control channel could possibly use this issue to cause Bind to crash, resulting in a denial of service.
16de65c7aa51273ab7badf3eb25eb0e019362a758426776599b21be001099910
Ubuntu Security Notice 6420-1 - It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS.
19c540acc5fd7d8746f07b092b83ebdd2213c5c327acab8774789ac8cbc44831
Gentoo Linux Security Advisory 202310-9 - Multiple vulnerabilities have been discovered in c-ares the worst of which could result in Denial of Service. Versions greater than or equal to 1.19.1 are affected.
dba467e1cac9309374c23a8d2f24d647cbf257865cdcc88db8600f113e7af9c7
Gentoo Linux Security Advisory 202310-8 - A root privilege escalation through setuid executable and cron job has been discovered in man-db. Versions greater than or equal to 2.8.5 are affected.
e4aabe866e1c6ec648f354ecbe47520ee91be112fc27b1f17b9e4e613a3bc3ab
Gentoo Linux Security Advisory 202310-7 - Multiple vulnerabilities have been discovered in VirtualBox, leading to compromise of VirtualBox. Versions greater than or equal to 7.0.6 are affected.
6f07aa54ccb53955aad4a9ce1685618ec85d82ad34574be40610e01e5006b879
Gentoo Linux Security Advisory 202310-6 - Multiple vulnerabilities have been discovered in Heimdal, the worst of which could lead to remote code execution on a KDC. Versions greater than or equal to 7.8.0-r1 are affected.
27611271da9764cfeb6bf4345cc8b0a457073005b818ba42fe2a3f1b4b278d83
Gentoo Linux Security Advisory 202310-5 - A vulnerability has been found in dav1d which could result in denial of service. Versions greater than or equal to 1.2.0 are affected.
15db8575893577faba1443afe44bf9503964d5dac132c98026322f40f9dd86cf
Debian Linux Security Advisory 5519-1 - Maxim Suhanov discovered multiple vulnerabilities in GURB2's code to handle NTFS filesystems, which may result in a Secure Boot bypass.
69c6c2e6aac12f53f91896003b4bf1c34f93099bdaab89e3995c3c1a344d85ba
Kibana versions prior to 7.6.3 suffer from a prototype pollution bug within the Upgrade Assistant. By setting a new constructor.prototype.sourceURL value you can execute arbitrary code. Code execution is possible through two different ways. Either by sending data directly to Elastic, or using Kibana to submit the same queries. Either method enters the polluted prototype for Kibana to read. Kibana will either need to be restarted, or collection happens (unknown time) for the payload to execute. Once it does, cleanup must delete the .kibana_1 index for Kibana to restart successfully. Once a callback does occur, cleanup will happen allowing Kibana to be successfully restarted on next attempt.
7b00b8eea8f510a8a337e334be1bacd682e8cb1dc1f59ad886193ba45fa3094d
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. This is the current stable release.
049c847835fcf6ef3a9e206b33de05dd38999c325e247482772a5598d9e5ece3
Simple Packet Sender (SPS) is a Linux packet crafting tool. It supports IPv4, IPv6 (but not extension headers yet), and tunneling IPv6 over IPv4. Written in C on Linux with GUI built using GTK+. Both source and binaries are included. Features include packet crafting and sending one, multiple, or flooding packets of type TCP, ICMP, or UDP. All values within ethernet frame can be modified arbitrarily. Supports TCP, ICMP and UDP data as well, with input from either keyboard as UTF-8/ASCII, keyboard as hexadecimal, or from file. Various other features exist as well.
27655eb9a3a11f0253a3989eedbe5dd12a1cb92bbb5594ec4c58e5663a454db3
eClass Junior version 4.0 suffers from a remote SQL injection vulnerability.
fe25bf20628b95e728482b08a8d3f9ce6bd4e732844de33554a5951468322a2a
eClass IP version 2.5 suffers from a remote SQL injection vulnerability.
b711babfc66671ea5103fe26d521747c60621f2c26be69bc9fb4ef7463b6da31
Chicv Management System Login version 4.5.6 suffers from an insecure direct object reference vulnerability.
a1f22b058663bc8da61360fc44754976f6b505a75676b87d6ab966e195c4f96c
Aicte India LMS version 3.0 suffers from a cross site scripting vulnerability.
d6bdd519cdbf391aa1f466dbf921113b4bbdfc1dadd6a058a7f32ab5384d6235