Red Hat Security Advisory 2024-1409-03

Red Hat Security Advisory 2024-1409-03 - An update for cups is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include buffer overflow, denial of service, and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-1411-03

Red Hat Security Advisory 2024-1411-03 - An update for opencryptoki is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.

Red Hat Security Advisory 2024-1412-03

Red Hat Security Advisory 2024-1412-03 - An update for gmp is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include buffer overflow and integer overflow vulnerabilities.

Red Hat Security Advisory 2024-1417-03

Red Hat Security Advisory 2024-1417-03 - An update for libX11 is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a buffer overflow vulnerability.

Red Hat Security Advisory 2024-1406-03

Red Hat Security Advisory 2024-1406-03 - An update for bind is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a denial of service vulnerability.

Ubuntu Security Notice USN-6703-1

Ubuntu Security Notice 6703-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Hubert Kario discovered that Firefox had a timing side-channel when performing RSA decryption. A remote attacker could possibly use this issue to recover sensitive information.

Red Hat Security Advisory 2024-1404-03

Red Hat Security Advisory 2024-1404-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include buffer overflow, denial of service, double free, null pointer, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

[webapps] Teacher Subject Allocation Management System 1.0 - 'searchdata' SQLi

Teacher Subject Allocation Management System 1.0 - 'searchdata' SQLi

[webapps] Employee Management System 1.0 - 'admin_id' SQLi

Employee Management System 1.0 - 'admin_id' SQLi

[webapps] Simple Task List 1.0 - 'status' SQLi

Simple Task List 1.0 - 'status' SQLi

[webapps] Blood Bank 1.0 - 'bid' SQLi

Blood Bank 1.0 - 'bid' SQLi

[webapps] CSZCMS v1.3.0 - SQL Injection (Authenticated)

CSZCMS v1.3.0 - SQL Injection (Authenticated)

[remote] HNAS SMU 14.8.7825 - Information Disclosure

HNAS SMU 14.8.7825 - Information Disclosure

Ubuntu Security Notice USN-6701-1

Ubuntu Security Notice 6701-1 - Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service. It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service.

Red Hat Security Advisory 2024-1354-03

Red Hat Security Advisory 2024-1354-03 - An update for rh-nodejs14-nodejs is now available for Red Hat Software Collections. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2024-1367-03

Red Hat Security Advisory 2024-1367-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include null pointer, out of bounds write, and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-1368-03

Red Hat Security Advisory 2024-1368-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2024-1353-03

Red Hat Security Advisory 2024-1353-03 - An update is now available for Red Hat Process Automation Manager. Issues addressed include code execution, denial of service, and deserialization vulnerabilities.

Red Hat Security Advisory 2024-1316-03

Red Hat Security Advisory 2024-1316-03 - Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 3 is now available. Issues addressed include cross site scripting, information leakage, and out of bounds read vulnerabilities.

Red Hat Security Advisory 2024-1317-03

Red Hat Security Advisory 2024-1317-03 - Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 3 is now available. Issues addressed include buffer overflow, cross site scripting, information leakage, out of bounds read, and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-1318-03

Red Hat Security Advisory 2024-1318-03 - An update is now available for Red Hat JBoss Web Server 5.7.8 on Red Hat Enterprise Linux versions 7, 8, and 9. Issues addressed include HTTP request smuggling and denial of service vulnerabilities.

Red Hat Security Advisory 2024-1319-03

Red Hat Security Advisory 2024-1319-03 - Red Hat JBoss Web Server 5.7.8 zip release is now available for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, and Windows Server. Issues addressed include HTTP request smuggling and denial of service vulnerabilities.

Red Hat Security Advisory 2024-1324-03

Red Hat Security Advisory 2024-1324-03 - An update is now available for Red Hat JBoss Web Server 6.0.1 on Red Hat Enterprise Linux versions 8 and 9. Issues addressed include HTTP request smuggling, denial of service, and open redirection vulnerabilities.

Red Hat Security Advisory 2024-1325-03

Red Hat Security Advisory 2024-1325-03 - Red Hat JBoss Web Server 6.0.1 zip release is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, and Windows Server. Issues addressed include HTTP request smuggling, denial of service, and open redirection vulnerabilities.

Red Hat Security Advisory 2024-0722-03

Red Hat Security Advisory 2024-0722-03 - An update is now available for Red Hat build of Quarkus. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2024-1255-03

Red Hat Security Advisory 2024-1255-03 - Red Hat OpenShift Container Platform release 4.15.3 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a traversal vulnerability.

Ubuntu Security Notice USN-6700-1

Ubuntu Security Notice 6700-1 - It was discovered that the Layer 2 Tunneling Protocol implementation in the Linux kernel contained a race condition when releasing PPPoL2TP sockets in certain conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the ext4 file system implementation in the Linux kernel did not properly handle block device modification while it is mounted. A privileged attacker could use this to cause a denial of service or possibly expose sensitive information.

Ubuntu Security Notice USN-6699-1

Ubuntu Security Notice 6699-1 - Reima Ishii discovered that the nested KVM implementation for Intel x86 processors in the Linux kernel did not properly validate control registers in certain situations. An attacker in a guest VM could use this to cause a denial of service. It was discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel did not properly handle network packets in certain conditions, leading to a use after free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-6698-1

Ubuntu Security Notice 6698-1 - Zhen Zhou discovered that Vim did not properly manage memory. An attacker could possibly use this issue to cause a denial of service

Ubuntu Security Notice USN-6697-1

Ubuntu Security Notice 6697-1 - It was discovered that Bash incorrectly handled certain memory operations when processing commands. If a user or automated system were tricked into running a specially crafted bash file, a remote attacker could use this issue to cause Bash to crash, resulting in a denial of service, or possibly execute arbitrary code.

Backdoor.Win32.Emegrab.b / Remote Stack Buffer Overflow (SEH)

Posted by malvuln on Mar 19

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/19a14d0414aec62ef38378de2e8b259d.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Emegrab.b
Vulnerability: Remote Stack Buffer Overflow (SEH)
Family: Emegrab
Type: PE32
MD5: 19a14d0414aec62ef38378de2e8b259d
Vuln ID: MVID-2024-0675
ASLR: False
DEP: False
CFG: False
Safe SEH: False
Disclosure:...

[remote] TELSAT marKoni FM Transmitter 1.9.5 - Insecure Access Control Change Password

TELSAT marKoni FM Transmitter 1.9.5 - Insecure Access Control Change Password

[webapps] ZoneMinder Snapshots < 1.37.33 - Unauthenticated RCE

ZoneMinder Snapshots

[remote] TELSAT marKoni FM Transmitter 1.9.5 - Backdoor Account Information Disclosure

TELSAT marKoni FM Transmitter 1.9.5 - Backdoor Account Information Disclosure

[webapps] Gibbon LMS < v26.0.00 - Authenticated RCE

Gibbon LMS

[remote] TELSAT marKoni FM Transmitter 1.9.5 - Root Command Injection

TELSAT marKoni FM Transmitter 1.9.5 - Root Command Injection

[webapps] WEBIGniter v28.7.23 - Stored XSS

WEBIGniter v28.7.23 - Stored XSS

[webapps] Quick.CMS 6.7 - SQL Injection Login Bypass

Quick.CMS 6.7 - SQL Injection Login Bypass

[webapps] Atlassian Confluence < 8.5.3 - Remote Code Execution

Atlassian Confluence

[webapps] xbtitFM 4.1.18 - Multiple Vulnerabilities

xbtitFM 4.1.18 - Multiple Vulnerabilities

[webapps] TYPO3 11.5.24 - Path Traversal (Authenticated)

TYPO3 11.5.24 - Path Traversal (Authenticated)

[webapps] Backdrop CMS 1.23.0 - Stored XSS

Backdrop CMS 1.23.0 - Stored XSS

[webapps] WordPress File Upload Plugin < 4.23.3 - Stored XSS

WordPress File Upload Plugin

Red Hat Security Advisory 2024-1346-03

Red Hat Security Advisory 2024-1346-03 - An update is now available for Red Hat OpenShift GitOps 1.11. Issues addressed include a cross site scripting vulnerability.

Red Hat Security Advisory 2024-1348-03

Red Hat Security Advisory 2024-1348-03 - An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.

Ubuntu Security Notice USN-6696-1

Ubuntu Security Notice 6696-1 - Yi Yang discovered that the Hotspot component of OpenJDK 8 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. It was discovered that the Hotspot component of OpenJDK 8 did not properly verify bytecode in certain situations. An attacker could possibly use this issue to bypass Java sandbox restrictions.

Red Hat Security Advisory 2024-1345-03

Red Hat Security Advisory 2024-1345-03 - An update is now available for Red Hat OpenShift GitOps 1.10. Issues addressed include a cross site scripting vulnerability.

[webapps] Winter CMS 1.2.3 - Server-Side Template Injection (SSTI) (Authenticated)

Winter CMS 1.2.3 - Server-Side Template Injection (SSTI) (Authenticated)

[webapps] Karaf v4.4.3 Console - RCE

Karaf v4.4.3 Console - RCE

[local] LaborOfficeFree 19.10 - MySQL Root Password Calculator

LaborOfficeFree 19.10 - MySQL Root Password Calculator

[webapps] UPS Network Management Card 4 - Path Traversal

UPS Network Management Card 4 - Path Traversal

[local] vm2 - sandbox escape

vm2 - sandbox escape

[webapps] Nokia BMC Log Scanner - Remote Code Execution

Nokia BMC Log Scanner - Remote Code Execution

Ubuntu Security Notice USN-6694-1

Ubuntu Security Notice 6694-1 - It was discovered that Expat could be made to consume large amounts of resources. If a user or automated system were tricked into processing specially crafted input, an attacker could possibly use this issue to cause a denial of service.

Debian Security Advisory 5632-1

Debian Linux Security Advisory 5632-1 - It was discovered that composer, a dependency manager for the PHP language, processed files in the local working directory. This could lead to local privilege escalation or malicious code execution. Due to a technical issue this email was not sent on 2024-02-26 like it should have.

Red Hat Security Advisory 2024-1333-03

Red Hat Security Advisory 2024-1333-03 - Red Hat OpenShift Serverless version 1.32.0 is now available.

Red Hat Security Advisory 2024-1334-03

Red Hat Security Advisory 2024-1334-03 - An update for dnsmasq is now available for Red Hat Enterprise Linux 9.

Red Hat Security Advisory 2024-1335-03

Red Hat Security Advisory 2024-1335-03 - An update for dnsmasq is now available for Red Hat Enterprise Linux 8.

Red Hat Security Advisory 2024-1327-03

Red Hat Security Advisory 2024-1327-03 - An update for the gimp:2.8 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include a buffer overflow vulnerability.

Ubuntu Security Notice USN-6695-1

Ubuntu Security Notice 6695-1 - It was discovered that TeX Live incorrectly handled certain memory operations in the embedded axodraw2 tool. An attacker could possibly use this issue to cause TeX Live to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. It was discovered that TeX Live allowed documents to make arbitrary network requests. If a user or automated system were tricked into opening a specially crafted document, a remote attacker could possibly use this issue to exfiltrate sensitive information, or perform other network-related attacks. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS.