This archive contains all of the 49 exploits added to Packet Storm in November, 2023.
4561d62960af2b314e517143d1dd7755f08be850b2ef73095e45ff6f8970e680Debian Linux Security Advisory 5569-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
d5d2209b119ae9264996f7c9c9bb3d93c4f147ce270625707943898e702df953Kopage Website Builder version 4.4.15 suffers from a persistent cross site scripting vulnerability.
fbd3eb9a6b1fa373e2b967ebba1f3a131fa434d38572c561c6273ce2e1c0683aUbuntu Security Notice 6502-4 - Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code. Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service.
80e570dc8559f7c743948b2659e5b45954e4ef183051320784503ce69438e9e4Ubuntu Security Notice 6496-2 - Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code. Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service.
ff4c804427ae5e3ed0edbacaa2797fb161dd9c5e4ae66c5b2f114beebd29332dUbuntu Security Notice 6495-2 - Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service. Manfred Rudigier discovered that the Intel PCI-Express Gigabit Ethernet driver in the Linux kernel did not properly validate received frames that are larger than the set MTU size, leading to a buffer overflow vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code.
84d6c0fba7b7ce39226621eb2ae128d51c090c81cff449f8466be7ea9785245cUbuntu Security Notice 6494-2 - Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service. Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service or possibly expose sensitive information.
f60fcecace1faaeb9fc2bd6e186bb143ebb3802e541e9c577ab37e5ad12177f5Red Hat Security Advisory 2023-7617-02 - Red Hat Build of Apache Camel for Quarkus 3.2.0 is now available.
b0eb559d37a45d9046b03d7e02bde85dce163b8bed1ee33099ddf4b37967b04bRed Hat Security Advisory 2023-7616-01 - An update for postgresql is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include integer overflow and remote SQL injection vulnerabilities.
f1a92a47c86537a6e4bb8a575856c91653cd9d712e509e980c664e1b69c5c4bfRed Hat Security Advisory 2023-7341-01 - An update is now available for Red Hat Quay 3.
f55aa5deb57499044501ca4f7d2d6a11d53e22111af0d638e4e639a3a0403a67WBCE CMS version 1.6.1 suffers from a remote shell upload vulnerability.
7695de4e35509e1c4db3c4076032af2a7d6631056618550d68d670c15cf66962
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed