The ABB Cylon Aspect version 3.07.00 BMS/BAS controller suffers from an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the host HTTP GET parameter called by networkDiagAjax.php script.
8123a5d0a4c6fa336d0b765079abb5168cf0f686b24baa715db1e55915f315feGentoo Linux Security Advisory 202409-25 - Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service. Versions greater than or equal to 4.05 are affected.
fac11019c2046399ae717b97268560c482db032ca010a9a6d9a286947ef0235aUbuntu Security Notice 7034-1 - The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 2.64 version of the Mozilla certificate authority bundle.
07051ae013dc2a27ea346908afccf5a1bad6728d7ac5c5a8b7c95220ee1faf34Red Hat Security Advisory 2024-7103-03 - An update for grafana-pcp is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.
95813b2104bdc7d0b4d5656c87b1d08a95eb492573d9c521988dadea9af1c2dfUbuntu Security Notice 7032-1 - It was discovered that Tomcat incorrectly handled HTTP trailer headers. A remote attacker could possibly use this issue to perform HTTP request smuggling.
19ad4cab25b37facba8c59f772004773b63724edac1ac9aadf381cd6bd195897PHP SPM version 1.0 suffers from a PHP code injection vulnerability.
42eadddca12393ee271fabcce4e022f9356f7034e6fb3c8f39890de24c8c2b65Red Hat Security Advisory 2024-7102-03 - An update for grafana is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.
932e594e58bd7c6b674ad73d959e34a51f6dcd3ad5862a855bbb608b0ebb54a2Ubuntu Security Notice 7009-2 - Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service.
bc022d142c18a55625e63d62b56d8f76cf8e0a79f3f0ed802474777c8cbc4817PHP ACRSS version 1.0 suffers from a PHP code injection vulnerability.
9a020e5f43760ba811c1702f617a4ccf04426dfe0e6f358f368a57c7bd6f3a92Ubuntu Security Notice 7033-1 - It was discovered that some Intel Processors did not properly restrict access to the Running Average Power Limit interface. This may allow a local privileged attacker to obtain sensitive information. It was discovered that some Intel Processors did not properly implement finite state machines in hardware logic. This may allow a local privileged attacker to cause a denial of service.
f8ba90a3153c8d619b3a6dea5959ad86e6310426029496d99414b1e5ad0e97b7Ubuntu Security Notice 7031-2 - USN-7031-1 fixedCVE-2024-45614 in Puma for Ubuntu 24.04 LTS. This update fixes theCVE for Ubuntu 22.04 LTS and Ubuntu 20.04 LTS. It was discovered that Puma incorrectly handled parsing certain headers. A remote attacker could possibly use this issue to overwrite header values set by intermediate proxies by providing duplicate headers containing underscore characters.
2a95508137a492aa4ffc4ab11704adb45120cf04c6fa0b177a2ef7e6efbb066dOnline mcq System version 1.0 suffers from a cross site scripting vulnerability.
9812280a7f199cadf92edba4b315443af80a2d51f9eb3e18e448c7ad4e24f4a3Red Hat Security Advisory 2024-7101-03 - An update for httpd is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.
9ae1792f18338c0118e1051f213a85c3abc73f5225741a02d641a34d46a95f7dOnline Job Search System version 1.0 suffers from an arbitrary file upload vulnerability.
25f5aa2a29c64ab981939ce3c1c10082aa1a07beb7098128132b5921c035bc9dOnline Flight Booking System version 1.0 suffers from an arbitrary file upload vulnerability.
cbda91dc01c92da5a98f256f2b262f13fd4937433fae73274fba8113fbbc7648Red Hat Security Advisory 2024-7074-03 - Network Observability 1.6 for Red Hat OpenShift. Issues addressed include a denial of service vulnerability.
df8bbe3331a55b3c17acec605ed72d8e235d96ef66a17ca1d5dabf3ed2b2b447Ubuntu Security Notice 7031-1 - It was discovered that Puma incorrectly handled parsing certain headers. A remote attacker could possibly use this issue to overwrite header values set by intermediate proxies by providing duplicate headers containing underscore characters.
0eee778b016375b0a6cb2bcb8c4d9af923ade9931d7a99f7509e98baaa80faa4Red Hat Security Advisory 2024-6827-03 - Red Hat OpenShift Container Platform release 4.16.14 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include an open redirection vulnerability.
335ad399d7d2a6a9c93e54d8e9f1810fa7d7ca320f7b103622b88ab2f0da60c9Red Hat Security Advisory 2024-6824-03 - Red Hat OpenShift Container Platform release 4.16.14 is now available with updates to packages and images that fix several bugs and add enhancements.
8c5f765a19c3c2f2bb50b23bb1e9c9f3adae1fa4b7e8d4bea8cda824bd75bafbMulti Branch School Management System version 3.5 suffers from a backup disclosure vulnerability.
b4c3fb3408f8d7a80baf2b5ec0b035520c60a8b287134c61abe01863834639eaRed Hat Security Advisory 2024-6818-03 - Red Hat OpenShift Container Platform release 4.15.34 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.
cb29c784c5574de24277fe8189216ebb2cbd8668d91d17ef22cfb03877eb0d54Red Hat Security Advisory 2024-6811-03 - Red Hat OpenShift Container Platform release 4.13.51 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.
2ce2a9e083a344acd2e91662f8716d1116572905f7af4b8b39c7702dfbcf5ac2Complete Multi Hospital Management System version 1.0 suffers from a backup disclosure vulnerability.
e760cf3c5b44d7d8984817fcf92204fd9912a026b5d02720406cc72f12ac70edTraccar version 5.1 suffers from a PHP code injection vulnerability.
5595b2f52c8ca128698035a80627f56d2e0f69a1d0d431ac663d369417828fbb
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed