Packet Storm

Debian Linux Security Advisory 5754-1 - Martin Kaesberger discovered a vulnerability which affects multiple images may result in the disclosure of arbitrary files.

Debian Linux Security Advisory 5753-1 - An integer overflow was discovered in aom, the AV1 Video Codec Library, which could potentially result in the execution of arbitrary code if a malformed media file is processed.

Debian Linux Security Advisory 5752-1 - Two vulnerabilities have been discovered in the IMAP implementation of large headers can result in high CPU usage, leading to denial of service.

Ubuntu Security Notice 6965-1 - It was discovered that vim incorrectly handled parsing of filenames in its search functionality. If a user was tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service. It was discovered that vim incorrectly handled memory when opening and searching the contents of certain files. If a user was tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service, or possibly achieve code execution with user privileges.

Ubuntu Security Notice 6966-2 - USN-6966-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. It was discovered that Firefox did not properly manage certain memory operations when processing graphics shared memory. An attacker could potentially exploit this issue to escape the sandbox. Nan Wang discovered that Firefox did not properly handle type check in WebAssembly. An attacker could potentially exploit this issue to execute arbitrary code. Irvan Kurniawan discovered that Firefox did not properly check an attribute value in the editor component, leading to an out-of-bounds read vulnerability. An attacker could possibly use this issue to cause a denial of service ...

Ubuntu Security Notice 6944-2 - USN-6944-1 fixed CVE-2024-7264 for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 24.04 LTS. This update provides the corresponding fix for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. Dov Murik discovered that curl incorrectly handled parsing ASN.1 Generalized Time fields. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly obtain sensitive memory contents.

Online Diagnostic Lab Management System version 1.0 suffers from an arbitrary file upload vulnerability.

Online Banking System version 1.0 suffers from a cross site request forgery vulnerability.

Music Gallery Site version 1.0 suffers from a cross site request forgery vulnerability.

Multi-Vendor Online Groceries Management System version 1.0 suffers from a cross site request forgery vulnerability.