Universitat Politècnica De València (UPV) Security Vulnerabilities

Linux kernel (OEM) vulnerabilities

Releases Ubuntu 22.04 LTS Packages linux-oem-6.5 - Linux kernel for OEM systems Details Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to...

CVE-2024-36939 nfs: Handle error of rpc_proc_register() in nfs_net_init().

In the Linux kernel, the following vulnerability has been resolved: nfs: Handle error of rpc_proc_register() in nfs_net_init(). syzkaller reported a warning 0 triggered while destroying immature netns. rpc_proc_register() was called in init_nfs_fs(), but its error has been ignored since at least...

Ubuntu 20.04 LTS : Firefox regressions (USN-6779-2)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6779-2 advisory. USN-6779-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Original advisory details: ...

Debian DLA-1820-1 : thunderbird security update

Multiple security issues have been found in Thunderbird which may lead to the execution of arbitrary code if malformed email messages are read. For Debian 8 'Jessie', these problems have been fixed in version 1:60.7.1-1~deb8u1. We recommend that you upgrade your thunderbird packages. NOTE: Tenable....

CVE-2024-35870

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in smb2_reconnect_server() The UAF bug is due to smb2_reconnect_server() accessing a session that is already being teared down by another thread that is executing __cifs_put_smb_ses(). This can happen when...

CVE-2021-46933

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear. ffs_data_clear is indirectly called from both ffs_fs_kill_sb and ffs_ep0_release, so it ends up being called twice when userland closes ep0 and then unmounts f_fs. If...

pizza-taxi-24.de Cross Site Scripting vulnerability OBB-3829358

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

hfw1970.de Cross Site Scripting vulnerability OBB-3828229

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Contao SQL injection in the backend and listing module

Contao 3.0.0 to 3.5.30 and 4.0.0 to 4.4.7 contains an SQL injection vulnerability in the backend as well as in the listing...

Linux kernel vulnerabilities

Releases Ubuntu 22.04 LTS Ubuntu 20.04 LTS Packages linux - Linux kernel linux-azure - Linux kernel for Microsoft Azure Cloud systems linux-azure-5.15 - Linux kernel for Microsoft Azure cloud systems linux-azure-fde - Linux kernel for Microsoft Azure CVM cloud systems linux-azure-fde-5.15 -...

Ubuntu: Security Advisory (USN-6828-1)

The remote host is missing an update for...

AlmaLinux 9 : libreoffice (ALSA-2024:1427)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:1427 advisory. Improper Input Validation vulnerability in GStreamer integration of The Document Foundation LibreOffice allows an attacker to execute arbitrary...

pieces-de-theatre.fr Cross Site Scripting vulnerability OBB-3938414

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-6701-3)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6701-3 advisory. A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux...

boutique-calatrava-palma-de-mallorca.hotels-palmademallorca.com Cross Site Scripting vulnerability OBB-3829712

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

SUSE SLES12 Security Update : kernel (SUSE-SU-2024:0483-1)

The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0483-1 advisory. Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux (filesystem modules) allows Forced Integer...

Debian dsa-5690 : fonts-opensymbol - security update

The remote Debian 11 / 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5690 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5690-1 [email protected] ...

Ubuntu 14.04 LTS : Linux kernel (Azure) vulnerabilities (USN-6701-4)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6701-4 advisory. A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This...

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel (GCP) vulnerabilities (USN-6701-2)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6701-2 advisory. A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux...

CVE-2023-33964

mx-chain-go is an implementation of the MultiversX blockchain protocol written in the Go language. Metachain cannot process a cross-shard miniblock. Prior to version 1.4.16, an invalid transaction with the wrong username on metachain is not treated correctly on the metachain transaction processor.....

Medium: kernel

Issue Overview: 2024-05-23: CVE-2021-46909 was added to this advisory. 2024-05-23: CVE-2021-46974 was added to this advisory. 2024-03-13: CVE-2021-46905 was added to this advisory. 2024-03-13: CVE-2021-46904 was added to this advisory. 2024-03-13: CVE-2021-46915 was added to this advisory. An...

Contao SQL injection in the backend and listing module

Contao 3.0.0 to 3.5.30 and 4.0.0 to 4.4.7 contains an SQL injection vulnerability in the backend as well as in the listing...

CVE-2023-34458

mx-chain-go is the official implementation of the MultiversX blockchain protocol, written in golang. When executing a relayed transaction, if the inner transaction failed, it would have increased the inner transaction's sender account nonce. This could have contributed to a limited DoS attack on a....

chateau-de-rochecotte.com Cross Site Scripting vulnerability OBB-3938845

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Mageia: Security Advisory (MGASA-2024-0189)

The remote host is missing an update for...

Rocky Linux 8 : libreoffice (RLSA-2024:1514)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:1514 advisory. Improper Input Validation vulnerability in GStreamer integration of The Document Foundation LibreOffice allows an attacker to execute arbitrary...

cafila-apart-spa.hoteles-costa-atlantica-de-argentina.com Cross Site Scripting vulnerability OBB-3830192

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-6701-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6701-1 advisory. A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux...

VLC < 3.0.8 Multiple Vulnerabilities

The version of VLC media player installed on the remote Windows host is prior to 3.0.8. It is, therefore, affected by multiple vulnerabilities: An integer underflow condition exists in the modules/demux/mp4/mp4.c component of VLC Player. An unauthenticated, remote attacker can exploit this,...

Gambio Online Webshop unauthenticated PHP Deserialization Vulnerability

A Remote Code Execution vulnerability in Gambio online webshop version 4.9.2.0 and lower allows remote attackers to run arbitrary commands via unauthenticated HTTP POST request. The identified vulnerability within Gambio pertains to an insecure deserialization flaw, which ultimately allows an...

De-risk the Software Supply Chain by Expanding Unparalleled Detection Coverage With Qualys VMDR and Software Composition Analysis

QIDs/CVEs When it comes to cybersecurity, speed is key in getting an edge over attackers. But when you consider that vulnerabilities weaponize 24 days faster than then they are remediated on average, cybersecurity stakeholders have a lot of catching up to do. While there are many ways defenders...

CVE-2023-39533

go-libp2p is the Go implementation of the libp2p Networking Stack. Prior to versions 0.27.8, 0.28.2, and 0.29.1 malicious peer can use large RSA keys to run a resource exhaustion attack & force a node to spend time doing signature verification of the large key. This vulnerability is present in the....

Debian DSA-4464-1 : thunderbird - security update

Multiple security issues have been found in Thunderbird which may lead to the execution of arbitrary code if malformed email messages are...

Service Detection with 'GET' Request

This plugin performs service...

CVE-2024-38390

In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails Calling a6xx_destroy() before adreno_gpu_init() leads to a null pointer dereference on: msm_gpu_cleanup() : platform_set_drvdata(gpu-&gt;pdev, NULL); as gpu-&gt;...

CVE-2024-31372

Cross-Site Request Forgery (CSRF) vulnerability in Arnan de Gans No-Bot Registration.This issue affects No-Bot Registration: from n/a through...

Unbreakable Enterprise kernel-container security update

[5.4.17-2136.331.7.el7] - Revert 'tracing/trigger: Fix to return error if failed to alloc snapshot' (Siddh Raman Pant) - Revert 'selftests: mm: fix map_hugetlb failure on 64K page size systems' (Harshit Mogalapalli) [Orabug: 36584568] - Revert 'net/mlx5: Enable SW-defined RoCEv2 UDP source port'...

Unbreakable Enterprise kernel security update

[5.4.17-2136.331.7] - Revert 'tracing/trigger: Fix to return error if failed to alloc snapshot' (Siddh Raman Pant) - Revert 'selftests: mm: fix map_hugetlb failure on 64K page size systems' (Harshit Mogalapalli) [Orabug: 36584568] - Revert 'net/mlx5: Enable SW-defined RoCEv2 UDP source port'...

Above - Invisible Network Protocol Sniffer

Invisible protocol sniffer for finding vulnerabilities in the network. Designed for pentesters and security engineers. Above: Invisible network protocol sniffer Designed for pentesters and security engineers Author: Magama Bazarov, &lt;[email protected]&gt; Pseudonym: Caster Version: 2.6 ...

Update 23.7 for Microsoft Dynamics 365 Business Central (on-premises) 2023 Release Wave 2 (Application Build 23.7.18957, Platform Build 23.0.18933)

Update 23.7 for Microsoft Dynamics 365 Business Central (on-premises) 2023 Release Wave 2 (Application Build 23.7.18957, Platform Build 23.0.18933) Overview This update replaces previously released updates. You should always install the latest update. This update also fixes vulnerabilities. For...

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : Thunderbird vulnerabilities (USN-6750-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6750-1 advisory. GetBoundName could return the wrong version of an object when JIT optimizations were applied. This vulnerability affects Firefox...

Debian dla-3815 : firefox-esr - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3815 advisory. A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects...

Debian dla-3818 : apache2 - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3818 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3818-1 [email protected] ...

Service Detection with 'HELP' Request'

This plugin performs service...

Debian DSA-2699-1 : iceweasel - several vulnerabilities

Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, missing input sanitising vulnerabilities, use-after-free vulnerabilities, buffer overflows and other programming errors may lead to the execution of arbitrary.....

Ubuntu 22.04 LTS : Linux kernel (Intel IoTG) vulnerabilities (USN-6795-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6795-1 advisory. Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use-...

SUSE SLED12 / SLES12 Security Update : libreoffice (SUSE-SU-2023:4984-1)

The remote SUSE Linux SLED12 / SLED_SAP12 / SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4984-1 advisory. Improper Input Validation vulnerability in GStreamer integration of The Document Foundation LibreOffice ...

openSUSE Security Update : LibreOffice and dependency libraries (openSUSE-2019-912)

This update for LibreOffice, libepubgen, liblangtag, libmwaw, libnumbertext, libstaroffice, libwps, myspell-dictionaries, xmlsec1 fixes the following issues : LibreOffice was updated to 6.1.3.2 (fate#326624) and contains new features and lots of bugfixes : The full changelog can be found on :...

CVE-2022-30190

A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs,...

Oracle Linux 9 : mod_http2 (ELSA-2024-2368)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-2368 advisory. When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed...