Eclipse ThreadX versions prior to 6.4.0 suffers from a missing array size check causing a memory overwrite, missing parameter checks leading to integer wraparound, under allocations, heap buffer overflows, and more.
fe024c1aec7da8d2d51940b04a8a3ca30381ec05224812e3d1fffd2e3661ce4c
Ubuntu Security Notice 6793-1 - It was discovered that Git incorrectly handled certain submodules. An attacker could possibly use this issue to execute arbitrary code. This issue was fixed in Ubuntu 22.04 LTS, Ubuntu 23.10 and Ubuntu 24.04 LTS. It was discovered that Git incorrectly handled certain cloned repositories. An attacker could possibly use this issue to execute arbitrary code.
6663dccf730f5142c551541e6d40fa74ee358fffac9030c6af11f18cc01bddd8
Ubuntu Security Notice 6791-1 - It was discovered that Unbound could take part in a denial of service amplification attack known as DNSBomb. This update introduces certain resource limits to make the impact from Unbound significantly lower.
b6f4100277c1198256eac0747ee033452ff1ec26d329a21f1883c2637a3ec7f9
HAWKI version 1.0.0-beta.1 before commit 146967f suffers from cross site scripting, arbitrary file overwrite, and session fixation vulnerabilities.
dfca73f84c2fb3bf8edc1b2f48f75be2dbaaae19ce18c9d800d8ca4a7c98f67a
Siemens CP-XXXX Series (CP-2014, CP-2016, CP-2017, CP-2019, CP-5014) expose serial shells on multiple PLCs. A serial interface can be accessed with physical access to the PCB. After connecting to the interface, access to a shell with various debug functions as well as a login prompt is possible. The hardware is no longer produced nor offered to the market.
440f519186700c01806ac2012a5bbe75033e8be274d7314185fa93b11e2ef29b
Ubuntu Security Notice 6790-1 - It was discovered that amavisd-new incorrectly handled certain MIME email messages with multiple boundary parameters. A remote attacker could possibly use this issue to bypass checks for banned files or malware.
f6bfecdfd490d397dc6037b380e5c626ef468fcc779a334be787377b4eec25f9
Ubuntu Security Notice 6789-1 - Amel Bouziane-Leblond discovered that LibreOffice incorrectly handled graphic on-click bindings. If a user were tricked into clicking a graphic in a specially crafted document, a remote attacker could possibly run arbitrary script.
d3e5b1bd2a39a191a7aebd1d63fd550596fa47d0e63011152637be56aa8bb80b
Ubuntu Security Notice 6788-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
2ba9114499615625ceec3aef13282d48432167a8d10e47afc3ee65f19e05d3e3
Ubuntu Security Notice 6786-1 - It was discovered that Netatalk did not properly protect an SMB and AFP default configuration. A remote attacker could possibly use this issue to execute arbitrary code.
72fad2b781f8ff2082e13d1a516f5bafad0d167afddfbdab03910defffb10881
Ubuntu Security Notice 6673-3 - USN-6673-1 provided a security update for python-cryptography. This update provides the corresponding update for Ubuntu 24.04 LTS. It was discovered that python-cryptography incorrectly handled memory operations when processing mismatched PKCS#12 keys. A remote attacker could possibly use this issue to cause python-cryptography to crash, leading to a denial of service. This issue only affected Ubuntu 23.10.
fae6e3df5e57be08d838136e5bf26a4b931c04ece1afafb337e7383996700614
Red Hat Security Advisory 2024-3369-03 - An update is now available for Red Hat OpenShift GitOps v1.10.6 to address the CVE-2024-31989, Unprivileged pod in a different namespace on the same cluster could connect to the Redis server on port 6379. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section.
8ebdf9fc0993fc577e9846ec2f7d0bdac5e3dcc7fbd90bd50c310f28fd46e00f
Red Hat Security Advisory 2024-3368-03 - An update is now available for Red Hat OpenShift GitOps v1.12.3 to address the CVE-2024-31989, Unprivileged pod in a different namespace on the same cluster could connect to the Redis server on port 6379. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section.
385d3ce943f1c580c9566f115a45f5d0a573823e0194f7a7bf0cf287eb5461b1