Debian Security Advisory 5456-1

Debian Linux Security Advisory 5456-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Ubuntu Security Notice USN-6239-1

Ubuntu Security Notice 6239-1 - It was discovered that ECDSA Util did not properly verify certain signature values. An attacker could possibly use this issue to bypass signature verification.

Red Hat Security Advisory 2023-4158-01

Red Hat Security Advisory 2023-4158-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include denial of service and integer overflow vulnerabilities.

Ubuntu Security Notice USN-6237-2

Ubuntu Security Notice 6237-2 - USN-6237-1 fixed vulnerabilities in curl. The update caused a certificate wildcard handling regression on Ubuntu 22.04 LTS. This update fixes the problem. Hiroki Kurosawa discovered that curl incorrectly handled validating certain certificate wildcards. A remote attacker could possibly use this issue to spoof certain website certificates using IDN hosts. Hiroki Kurosawa discovered that curl incorrectly handled callbacks when certain options are set by applications. This could cause applications using curl to misbehave, resulting in information disclosure, or a denial of service. It was discovered that curl incorrectly handled saving cookies to files. A local attacker could possibly use this issue to create or overwrite files. This issue only affected Ubuntu 22.10, and Ubuntu 23.04.

Red Hat Security Advisory 2023-4210-01

Red Hat Security Advisory 2023-4210-01 - The OpenJDK 17 packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. This release of the Red Hat build of OpenJDK 17 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 17 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include denial of service and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-4177-01

Red Hat Security Advisory 2023-4177-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Issues addressed include denial of service and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-4211-01

Red Hat Security Advisory 2023-4211-01 - The OpenJDK 17 packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. This release of the Red Hat build of OpenJDK 17 for Windows serves as a replacement for the Red Hat build of OpenJDK 17 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include denial of service and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-4175-01

Red Hat Security Advisory 2023-4175-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include denial of service and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-4176-01

Red Hat Security Advisory 2023-4176-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include an integer overflow vulnerability.

Red Hat Security Advisory 2023-4209-01

Red Hat Security Advisory 2023-4209-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for portable Linux serves as a replacement for Red Hat build of OpenJDK 8 and includes security and bug fixes as well as enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include an integer overflow vulnerability.

Red Hat Security Advisory 2023-4208-01

Red Hat Security Advisory 2023-4208-01 - The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat build of OpenJDK 11 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 11 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include denial of service and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-4212-01

Red Hat Security Advisory 2023-4212-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for Windows serves as a replacement for the Red Hat build of OpenJDK 8 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include an integer overflow vulnerability.

Red Hat Security Advisory 2023-4161-01

Red Hat Security Advisory 2023-4161-01 - The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat build of OpenJDK 11 for Windows serves as a replacement for the Red Hat build of OpenJDK 11 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include denial of service and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-4230-01

Red Hat Security Advisory 2023-4230-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2023-4170-01

Red Hat Security Advisory 2023-4170-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Issues addressed include denial of service and integer overflow vulnerabilities.

Gentoo Linux Security Advisory 202307-01

Gentoo Linux Security Advisory 202307-1 - Multiple vulnerabilities have been discovered in OpenSSH, the worst of which could result in remote code execution. Versions less than 9.3_p2 are affected.

Red Hat Security Advisory 2023-4169-01

Red Hat Security Advisory 2023-4169-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Issues addressed include denial of service and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-4167-01

Red Hat Security Advisory 2023-4167-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include an integer overflow vulnerability.

Red Hat Security Advisory 2023-4174-01

Red Hat Security Advisory 2023-4174-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include an integer overflow vulnerability.

Ubuntu Security Notice USN-6238-1

Ubuntu Security Notice 6238-1 - It was discovered that Samba incorrectly handled Winbind NTLM authentication responses. An attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. Andreas Schneider discovered that Samba incorrectly enforced SMB2 packet signing. A remote attacker could possibly use this issue to obtain or modify sensitive information. This issue only affected Ubuntu 23.04.

Red Hat Security Advisory 2023-4172-01

Red Hat Security Advisory 2023-4172-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include an integer overflow vulnerability.

Red Hat Security Advisory 2023-4171-01

Red Hat Security Advisory 2023-4171-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Issues addressed include denial of service and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-4164-01

Red Hat Security Advisory 2023-4164-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include denial of service and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-4168-01

Red Hat Security Advisory 2023-4168-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include an integer overflow vulnerability.

Red Hat Security Advisory 2023-4173-01

Red Hat Security Advisory 2023-4173-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include an integer overflow vulnerability.

[webapps] pfSense v2.7.0 - OS Command Injection

pfSense v2.7.0 - OS Command Injection

[webapps] Wifi Soft Unibox Administration 3.0 & 3.1 - SQL Injection

Wifi Soft Unibox Administration 3.0 & 3.1 - SQL Injection

[webapps] RWS WorldServer 11.7.3 - Session Token Enumeration

RWS WorldServer 11.7.3 - Session Token Enumeration

[remote] Microsoft Office 365 Version 18.2305.1222.0 - Elevation of Privilege + RCE.

Microsoft Office 365 Version 18.2305.1222.0 - Elevation of Privilege + RCE.

[webapps] PaulPrinting CMS - Multiple Cross Site Web Vulnerabilities

PaulPrinting CMS - Multiple Cross Site Web Vulnerabilities

[local] RaidenFTPD 2.4.4005 - Buffer Overflow (SEH)

RaidenFTPD 2.4.4005 - Buffer Overflow (SEH)

[webapps] Aures Booking & POS Terminal - Local Privilege Escalation

Aures Booking & POS Terminal - Local Privilege Escalation

[webapps] Webile v1.0.1 - Multiple Cross Site Scripting

Webile v1.0.1 - Multiple Cross Site Scripting

[webapps] Boom CMS v8.0.7 - Cross Site Scripting

Boom CMS v8.0.7 - Cross Site Scripting

Active Super Shop CMS v2.5 - HTML Injection Vulnerabilities

Posted by info () vulnerability-lab com on Jul 19

Document Title:
===============
Active Super Shop CMS v2.5 - HTML Injection Vulnerabilities

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2278

Release Date:
=============
2023-07-04

Vulnerability Laboratory ID (VL-ID):
====================================
2278

Common Vulnerability Scoring System:
====================================
5.4

Vulnerability Class:
====================
Script Code...

Boom CMS v8.0.7 - Cross Site Scripting Vulnerability

Posted by info () vulnerability-lab com on Jul 19

Document Title:
===============
Boom CMS v8.0.7 - Cross Site Scripting Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2274

Release Date:
=============
2023-07-03

Vulnerability Laboratory ID (VL-ID):
====================================
2274

Common Vulnerability Scoring System:
====================================
5.3

Vulnerability Class:
====================
Cross Site Scripting -...

Tiva Events Calender v1.4 - Cross Site Scripting Vulnerability

Posted by info () vulnerability-lab com on Jul 19

Document Title:
===============
Tiva Events Calender v1.4 - Cross Site Scripting Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2276

Release Date:
=============
2023-07-05

Vulnerability Laboratory ID (VL-ID):
====================================
2276

Common Vulnerability Scoring System:
====================================
5

Vulnerability Class:
====================
Cross Site...

Dooblou WiFi File Explorer 1.13.3 - Multiple Vulnerabilities

Posted by info () vulnerability-lab com on Jul 19

Document Title:
===============
Dooblou WiFi File Explorer 1.13.3 - Multiple Vulnerabilities

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2317

Release Date:
=============
2023-07-04

Vulnerability Laboratory ID (VL-ID):
====================================
2317

Common Vulnerability Scoring System:
====================================
5.1

Vulnerability Class:
====================
Multiple...

PaulPrinting CMS - (Search Delivery) Cross Site Scripting Vulnerability

Posted by info () vulnerability-lab com on Jul 19

Document Title:
===============
PaulPrinting CMS - (Search Delivery) Cross Site Scripting Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2286

Release Date:
=============
2023-07-17

Vulnerability Laboratory ID (VL-ID):
====================================
2286

Common Vulnerability Scoring System:
====================================
5.2

Vulnerability Class:
====================...

Webile v1.0.1 - Multiple Cross Site Web Vulnerabilities

Posted by info () vulnerability-lab com on Jul 19

Document Title:
===============
Webile v1.0.1 - Multiple Cross Site Web Vulnerabilities

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2321

Release Date:
=============
2023-07-03

Vulnerability Laboratory ID (VL-ID):
====================================
2321

Common Vulnerability Scoring System:
====================================
5.5

Vulnerability Class:
====================
Cross Site...

Aures Booking & POS Terminal - Local Privilege Escalation Vulnerability

Posted by info () vulnerability-lab com on Jul 19

Document Title:
===============
Aures Booking & POS Terminal - Local Privilege Escalation Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2323

Release Date:
=============
2023-07-17

Vulnerability Laboratory ID (VL-ID):
====================================
2323

Common Vulnerability Scoring System:
====================================
7.2

Vulnerability Class:
====================...

PaulPrinting CMS - Multiple Cross Site Web Vulnerabilities

Posted by info () vulnerability-lab com on Jul 19

Document Title:
===============
PaulPrinting CMS - Multiple Cross Site Web Vulnerabilities

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2285

Release Date:
=============
2023-07-19

Vulnerability Laboratory ID (VL-ID):
====================================
2285

Common Vulnerability Scoring System:
====================================
5.8

Vulnerability Class:
====================
Cross Site...

CVE-2023-38408: Remote Code Execution in OpenSSH's forwarded ssh-agent

Posted by Qualys Security Advisory via Fulldisclosure on Jul 19

Qualys Security Advisory

CVE-2023-38408: Remote Code Execution in OpenSSH's forwarded ssh-agent

========================================================================
Contents
========================================================================

Summary
Background
Experiments
Results
Discussion
Acknowledgments
Timeline

========================================================================
Summary...

Re: Citrix Gateway & Cloud MFA - Insufficient Session Validation Vulnerability

Posted by Jeffrey Walton on Jul 19

There's also https://en.wikipedia.org/wiki/Session_hijacking#Prevention

One thing Jim Manico of OWASP recommends is to (re)prompt the user for
their password on occasion, like when performing a high value
operation. That will effectively re-authenticate a user before a high
value operation. Attackers with a cookie but without the user's
password should fail the re-authentication challenge.

Jeff

Ubuntu Security Notice USN-6237-1

Ubuntu Security Notice 6237-1 - Hiroki Kurosawa discovered that curl incorrectly handled validating certain certificate wildcards. A remote attacker could possibly use this issue to spoof certain website certificates using IDN hosts. Hiroki Kurosawa discovered that curl incorrectly handled callbacks when certain options are set by applications. This could cause applications using curl to misbehave, resulting in information disclosure, or a denial of service.

Red Hat Security Advisory 2023-4053-01

Red Hat Security Advisory 2023-4053-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.45. Issues addressed include a code execution vulnerability.

Ubuntu Security Notice USN-6236-1

Ubuntu Security Notice 6236-1 - It was discovered that ConnMan could be made to write out of bounds. A remote attacker could possibly use this issue to cause ConnMan to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. It was discovered that ConnMan could be made to leak sensitive information via the gdhcp component. A remote attacker could possibly use this issue to obtain information for further exploitation. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS.

Red Hat Security Advisory 2023-4204-01

Red Hat Security Advisory 2023-4204-01 - VolSync is a Kubernetes operator that enables asynchronous replication of persistent volumes within a cluster, or across clusters. After deploying the VolSync operator, it can create and maintain copies of your persistent data.

Red Hat Security Advisory 2023-4201-01

Red Hat Security Advisory 2023-4201-01 - WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2023-4202-01

Red Hat Security Advisory 2023-4202-01 - WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2023-4200-01

Red Hat Security Advisory 2023-4200-01 - A new release for Red Hat Build of OptaPlanner 8.38.0 for Quarkus 2.13.8 including security updates is now available. The purpose of this text-only errata is to inform you about the security issues fixed. Red Hat Product Security has rated this update as having an impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section. Issues addressed include a denial of service vulnerability.

Ubuntu Security Notice USN-6233-1

Ubuntu Security Notice 6233-1 - It was discovered that YAJL was not properly performing bounds checks when decoding a string with escape sequences. If a user or automated system using YAJL were tricked into processing specially crafted input, an attacker could possibly use this issue to cause a denial of service. It was discovered that YAJL was not properly handling memory allocation when dealing with large inputs, which could lead to heap memory corruption. If a user or automated system using YAJL were tricked into running a specially crafted large input, an attacker could possibly use this issue to cause a denial of service.

Red Hat Security Advisory 2023-4203-01

Red Hat Security Advisory 2023-4203-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.

Ubuntu Security Notice USN-6183-2

Ubuntu Security Notice 6183-2 - USN-6183-1 fixed vulnerabilities in Bind. This update provides the corresponding updates for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Shoham Danino, Anat Bremler-Barr, Yehuda Afek, and Yuval Shavitt discovered that Bind incorrectly handled the cache size limit. A remote attacker could possibly use this issue to consume memory, leading to a denial of service.

Ubuntu Security Notice USN-6078-2

Ubuntu Security Notice 6078-2 - USN-6078-1 fixed a vulnerability in libwebp. This update provides the corresponding update for Ubuntu 16.04 LTS. Irvan Kurniawan discovered that libwebp incorrectly handled certain memory operations. If a user or automated system were tricked into opening a specially crafted image file, a remote attacker could use this issue to cause libwebp to crash, resulting in a denial of service, or possibly execute arbitrary code.

[webapps] phpfm v1.7.9 - Authentication type juggling

phpfm v1.7.9 - Authentication type juggling

[webapps] Vaidya-Mitra 1.0 - Multiple SQLi

Vaidya-Mitra 1.0 - Multiple SQLi

[webapps] Statamic 4.7.0 - File-Inclusion

Statamic 4.7.0 - File-Inclusion

[webapps] Blackcat Cms v1.4 - Remote Code Execution (RCE)

Blackcat Cms v1.4 - Remote Code Execution (RCE)

[webapps] PimpMyLog v1.7.14 - Improper access control

PimpMyLog v1.7.14 - Improper access control