1app Technologies, Inc Security Vulnerabilities

Ubuntu 18.04 LTS : SQLite vulnerability (USN-6566-2)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6566-2 advisory. USN-6566-1 fixed several vulnerabilities in SQLite. This update provides the corresponding fix for CVE-2023-7104 for Ubuntu 18.04 LTS. Original advisory...

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : Ruby vulnerability (USN-6853-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by a vulnerability as referenced in the USN-6853-1 advisory. It was discovered that Ruby incorrectly handled the ungetbyte and ungetc methods. A remote attacker could use this issue to cause Ruby to...

Ubuntu 16.04 ESM : Linux kernel vulnerabilities (USN-5557-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5557-1 advisory. It was discovered that a nft object or expression could reference a nft set on a different nft table, leading to a use-after-free once that table...

CVE-2023-52739

In the Linux kernel, the following vulnerability has been resolved: Fix page corruption caused by racy check in __free_pages When we upgraded our kernel, we started seeing some page corruption like the following consistently: BUG: Bad page state in process ganesha.nfsd pfn:1304ca...

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : Wget vulnerability (USN-6852-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6852-1 advisory. It was discovered that Wget incorrectly handled semicolons in the userinfo subcomponent of a URI. A remote attacker could...

Fedora: Security Advisory for suricata (FEDORA-2024-99337cc4a1)

The remote host is missing an update for...

Ubuntu 22.04 LTS : OpenSSL vulnerability (USN-6854-1)

The remote Ubuntu 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6854-1 advisory. It was discovered that OpenSSL failed to choose an appropriately short private key size when computing shared-secrets in the Diffie-Hellman Key Agreement...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Hibernate vulnerability (USN-6845-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6845-1 advisory. It was discovered that Hibernate incorrectly handled certain inputs with unsanitized literals. If a user or an automated system were...

Ubuntu 24.04 LTS : Google Guest Agent and Google OS Config Agent vulnerability (USN-6746-2)

The remote Ubuntu 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6746-2 advisory. USN-6746-1 fixed vulnerabilities in Google Guest Agent and Google OS Config Agent. This update provides the corresponding update for Ubuntu 24.04 LTS. ...

CVE-2024-2501

The Hubbub Lite – Fast, Reliable Social Sharing Buttons plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.33.1 via deserialization of untrusted input via the 'dpsp_maybe_unserialize' function. This makes it possible for authenticated attackers, with....

Texting Secrets: How Messenger Apps Guard Your Chats

By Uzair Amir Worried about prying eyes? We explain how messenger apps keep your chats confidential with features like encryption & multi-factor authentication. Learn about security risks & emerging technologies for a safer digital future. This is a post from HackRead.com Read the original post:...

Fedora: Security Advisory for gnutls (FEDORA-2024-0459dcd356)

The remote host is missing an update for...

Ubuntu 14.04 LTS : Salt vulnerabilities (USN-6849-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6849-1 advisory. It was discovered that Salt incorrectly validated method calls and sanitized paths. A remote attacker could possibly use this issue to access some...

Ubuntu 18.04 LTS : Linux kernel regression (USN-3871-2)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-3871-2 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS : Ansible vulnerabilities (USN-6846-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6846-1 advisory. It was discovered that Ansible incorrectly handled certain inputs when using tower_callback parameter. If a user...

Ubuntu 16.04 LTS / 18.04 LTS : Wget vulnerability (USN-6852-2)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6852-2 advisory. USN-6852-1 fixed a vulnerability in Wget. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original...

CentOS 7 : jss (CESA-2019:3067)

An update for jss is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the.....

CVE-2023-52635

In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Synchronize devfreq_monitor_[start/stop] There is a chance if a frequent switch of the governor done in a loop result in timer list corruption where timer cancel being done from two place one from...

Photon OS 1.0: Wget PHSA-2017-0023

An update of the wget package has been...

Photon OS 2.0: Libjpeg PHSA-2017-2.0-0007

An update of the libjpeg package has been...

Photon OS 1.0: Curl PHSA-2017-0044

An update of the curl package has been...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-5567-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5567-1 advisory. It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a...

Fedora: Security Advisory for suricata (FEDORA-2024-34eba1b1a6)

The remote host is missing an update for...

Fedora: Security Advisory for suricata (FEDORA-2024-4aef1d6ece)

The remote host is missing an update for...

Fedora: Security Advisory for gnutls (FEDORA-2024-af55471f75)

The remote host is missing an update for...

Ubuntu 18.10 : linux-azure vulnerabilities (USN-3878-2)

It was discovered that a race condition existed in the vsock address family implementation of the Linux kernel that could lead to a use-after-free condition. A local attacker in a guest virtual machine could use this to expose sensitive information (host machine kernel memory). (CVE-2018-14625)...

Debian DSA-4368-1 : zeromq3 - security update

Guido Vranken discovered that an incorrect bounds check in ZeroMQ, a lightweight messaging kernel, could result in the execution of arbitrary...

Dell Client BIOS Incorrect Authorization (DSA-2024-122)

Dell Client Platform contains an incorrect authorization vulnerability. An attacker with physical access to the system could potentially exploit this vulnerability by bypassing BIOS authorization to modify settings in the BIOS. Note that Nessus has not tested for this issue but has instead relied.....

Ubuntu 14.04 LTS : SQLite vulnerability (USN-5615-3)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5615-3 advisory. USN-5615-1 fixed several vulnerabilities in SQLite. This update provides the corresponding fix for CVE-2020-35525 for Ubuntu 14.04 LTS. Original advisory...

JVN#15637138: EC-Orange vulnerable to authorization bypass

EC-Orange provided by S-cubism Inc. is an e-commerce website building system package based on an open source software EC-CUBE. EC-Orange contains an authorization bypass vulnerability (CWE-639). This is the same issue as JVN#51770585 (EC-CUBE vulnerable to authorization bypass). ## Impact A user...

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : Netplan vulnerabilities (USN-6851-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6851-1 advisory. Andreas Hasenack discovered that netplan incorrectly handled the permissions for netdev files containing wireguard...

Ubuntu 16.04 LTS / 18.04 LTS : Squid vulnerabilities (USN-6857-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6857-1 advisory. Joshua Rogers discovered that Squid incorrectly handled requests with the urn: scheme. A remote attacker could possibly use this issue to...

Photon OS 1.0: Binutils PHSA-2017-0010

An update of the binutils package has been...

Slackware 14.1 / 14.2 : mariadb (SSA:2019-032-01)

New mariadb packages are available for Slackware 14.1 and 14.2 to fix security...

[SECURITY] Fedora 38 Update: suricata-6.0.17-1.fc38

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...

CVE-2024-2501

The Hubbub Lite – Fast, Reliable Social Sharing Buttons plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.33.1 via deserialization of untrusted input via the 'dpsp_maybe_unserialize' function. This makes it possible for authenticated attackers, with....

[SECURITY] Fedora 39 Update: suricata-6.0.17-1.fc39

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...

Photon OS 2.0: Gettext PHSA-2018-2.0-0116

An update of the gettext package has been...

Photon OS 2.0: Libtiff PHSA-2018-2.0-0016

An update of the libtiff package has been...

Photon OS 2.0: Wget PHSA-2017-2.0-0008

An update of the wget package has been...

Photon OS 1.0: Binutils PHSA-2018-1.0-0112

An update of the binutils package has been...

Photon OS 2.0: Librelp PHSA-2018-2.0-0039

An update of the librelp package has been...

Photon OS 2.0: Perl PHSA-2018-2.0-0084

An update of the perl package has been...

Photon OS 2.0: Freetype2 PHSA-2018-2.0-0058

An update of the freetype2 package has been...

Photon OS 1.0: Shadow PHSA-2018-1.0-0171

An update of the shadow package has been...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-5565-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5565-1 advisory. It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a...

[SECURITY] Fedora 40 Update: suricata-7.0.4-1.fc40

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...

Debian DSA-4365-1 : tmpreaper - security update

Stephen Roettger discovered a race condition in tmpreaper, a program that cleans up files in directories based on their age, which could result in local privilege...

Debian DSA-4364-1 : ruby-loofah - security update

It was discovered that ruby-loofah, a general library for manipulating and transforming HTML/XML documents and fragments, performed insufficient sanitising of SVG...

Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6497-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6497-1 advisory. A flaw was found in KVM. An improper check in svm_set_x2apic_msr_interception() may allow direct access to host x2apic msrs when the guest resets...