Packet Storm

Hesk Rtl CMS version 1 suffers from a cross site scripting vulnerability.

Hasan MWB version 1 suffers from a cross site scripting vulnerability.

haraj version 1.1 suffers from an add administrator vulnerability.

HaasCMS version 1.0 suffers from a cross site scripting vulnerability.

Gusto Recipes Management version 1.5.1 suffers from a cross site scripting vulnerability.

Global Domains International version 2.0 suffers from a cross site scripting vulnerability.

FlightPath LMS version 5.0-rc2 suffers from a cross site scripting vulnerability.

Ubuntu Security Notice 6307-1 - It was discovered that JOSE for C/C++ AES GCM decryption routine incorrectly uses the Tag length from the actual Authentication Tag provided in the JWE. An attacker could use this to cause a denial of service or might expose sensitive information.

Ubuntu Security Notice 6306-1 - It was discovered that Fast DDS incorrectly handled certain inputs. A remote attacker could possibly use this issue to cause a denial of service and information exposure. This issue only affected Ubuntu 22.04 LTS. It was discovered that Fast DDS incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash.

Debian Linux Security Advisory 5482-1 - Edbo and Cedric Krier discovered that the Tryton application server does enforce record rules when only reading fields without an SQL type.