Packet Storm

News247 News Magazine version 1.0 suffers from a persistent cross site scripting vulnerability.

This Metasploit module exploits the Git fetch command in Gitea repository migration process that leads to a remote command execution on the system. This vulnerability affects Gitea versions prior to 1.16.7.

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Ubuntu Security Notice 5611-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

Ubuntu Security Notice 5610-1 - Addison Crump discovered that rust-regex did not properly limit the complexity of the regular expressions it parses. An attacker could possibly use this issue to cause a denial of service.

Ubuntu Security Notice 5583-2 - USN-5583-1 fixed vulnerabilities in systemd. Unfortunately this caused a regression by introducing networking problems for some users. This update fixes the problem. It was discovered that systemd incorrectly handled certain DNS requests, which leads to user-after-free vulnerability. An attacker could possibly use this issue to cause a crash or execute arbitrary code.

Red Hat Security Advisory 2022-6504-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2022-6507-01 - Red Hat Advanced Cluster Management for Kubernetes 2.5.2 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2022-6503-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2022-6502-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a denial of service vulnerability.