Packet Storm

elearning-SES version 1.0 suffers from a remote SQL injection vulnerability.

RentEquip Multipurpose Rental version 1.0 suffers from a cross site scripting vulnerability.

Polycom BToE Connector version 4.4.0.0 suffers from remote buffer overflow and man-in-the-middle vulnerabilities.

TP-Link Archer version AX10(EU)_V1.2_230220 suffers from a buffer overflow vulnerability.

QuickJob Portal version 6.1 suffers from a cross site scripting vulnerability.

Quicklancer Freelance Marketplace version 2.4 suffers from a cross site scripting vulnerability.

QuickHomes Real Estate CMS version 1.3 suffers from a cross site scripting vulnerability.

Debian Linux Security Advisory 5431-1 - Xu Biang discovered that missing input sanitizing in Sofia-SIP, a SIP User-Agent library could result in denial of service.

Ubuntu Security Notice 6156-2 - USN-6156-1 fixed a vulnerability in SSSD. In certain environments, not all packages ended up being upgraded at the same time, resulting in authentication failures when the PAM module was being used. This update fixes the problem. It was discovered that SSSD incorrectly sanitized certificate data used in LDAP filters. When using this issue in combination with FreeIPA, a remote attacker could possibly use this issue to escalate privileges.

Debian Linux Security Advisory 5430-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service, information disclosure or bypass of sandbox restrictions.