This Metasploit module exploits an unauthenticated PHP command injection vulnerability in GLPI versions 10.0.2 and below to execute a command.
529159bd26d8ef9713fdda0560ec98c0fd7749d335736c9d27898c59fbf09efbZKTeco ZEM500-510-560-760, ZEM600-800, ZEM720, and ZMM suffer from a missing authentication vulnerability. Versions below 8.88 (ZEM500-510-560-760, ZEM600-800, ZEM720) and 15.00 (ZMM200-220-210) are potentially affected.
36be41250a5b1d5ca0a21529a027fb68c33b74c1ab119ab9738787f47f4bdc75Red Hat Security Advisory 2022-7087-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration.
fca50b816352284283719223772465fc844e46a838bb499c5771780fa7f2b2d4Red Hat Security Advisory 2022-7108-01 - SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server. Issues addressed include a null pointer vulnerability.
f3f780f06187a411b3e4210730f379ea1591d4f182e7e175fee1bf77eda04458Red Hat Security Advisory 2022-7111-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Issues addressed include an information leakage vulnerability.
820828b786b8169a369883b9ca17ad091636370e4113b40cca406c30a5afa23bRed Hat Security Advisory 2022-7137-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
99689913c1a06522ad3f0dc49aebbf27b850cc44a8e6389964f838fa78fec401Red Hat Security Advisory 2022-7110-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include code execution, information leakage, memory leak, privilege escalation, and use-after-free vulnerabilities.
7e26c2475110ff7340d7988275fa609b265fd44e6f52933eac803e2512ab54abRed Hat Security Advisory 2022-7129-01 - Git Large File Storage replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Issues addressed include a denial of service vulnerability.
271ab07056668c5b709d9b3ecb43837a541fcd7a85c6db2ee4599a1910871f51Red Hat Security Advisory 2022-7146-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.
8e7c5822c5699a4b37665a2fcbb99d8600774481ba94be9394f41389d31d9995Red Hat Security Advisory 2022-7089-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.
106964827c0c930a1b9b7091a6e43f428c01254b1f0b80258fbf4d8491615871Red Hat Security Advisory 2022-7090-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.
6e3e0fcfb56e0e3ded9ed56daccbe1f5ed533fb8fd434b9a7e2be29cee374c74Ubuntu Security Notice 5227-3 - USN-5227-1 fixed vulnerabilities in Pillow. It was discovered that the fix for CVE-2022-22817 was incomplete. This update fixes the problem. It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to hang, resulting in a denial of service. It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to crash, resulting in a denial of service. This issue ony affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.04. It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to crash, resulting in a denial of service. It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to crash, resulting in a denial of service, or possibly execute arbitrary code.
a6fab17d3bb3fe4daa99440220954cc7377bd994f44acb7e03af694b527800f5Ubuntu Security Notice 5696-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.31 in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. Ubuntu 18.04 LTS has been updated to MySQL 5.7.40. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.
b39e7c8482f2a0bb81953364570c9bed10ae72e4a2980e9d5de62426066533b9Red Hat Security Advisory 2022-7086-01 - The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System.
948a192d953c8aecee2d6d8876565efe259dd2a95e31ea43237fc6f2628c9015Red Hat Security Advisory 2022-7088-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.
858fe1a0626f566fb6334529ea78b89fa6807df1ed6740cf1481cd67daf15bba
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed