#perl

An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-4045: The Mozilla Foundation Security Advisory describes this flaw as: Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another s...

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: TEL-STER Sp. z o. o. Equipment: TelWin SCADA WebInterface Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to read files on the system. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS TEL-STER reports this vulnerability affects the following versions of TelWin SCADA WebInterface: TelWin SCADA WebInterface: versions 3.2 to 6.1 TelWin SCADA WebInterface: versions 7.0 to 7.1 TelWin SCADA WebInterface: versions 8.0 and 9.0 3.2 VULNERABILITY OVERVIEW 3.2.1 PATH TRAVERSAL CWE-35 External input could be used on TEL-STER TelWin SCADA WebInterface to construct paths to files and directories without properly neutralizing special elements within the pathname, which could allow an unauthenticated attacker to read files on the system. CVE-2023-0956 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been ...

Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be. This could lead to an XSS attack.

Ubuntu Security Notice 6267-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Max Vlasov discovered that Firefox Offscreen Canvas did not properly track cross-origin tainting. An attacker could potentially exploit this issue to access image data from another site in violation of same-origin policy.

CRM Education Akademik version 9.0 suffers from a directory traversal vulnerability.

Coupons CMS version 4.00 suffers from an open redirection vulnerability.

OXID eShop Enterprise Edition 6.5.0 – 6.5.2 before 6.5.3 allows uploading files with modified headers in the administration area. An attacker can upload a file with a modified header to create a HTTP Response Splitting attack.

Given the privileged position these devices occupy on the networks they serve, they are prime targets for attackers, so their security posture is of paramount importance.

The Bus Ticket Booking with Seat Reservation plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tab_date' and 'tab_date_r' parameters in versions up to, and including, 5.2.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

### Description According to the documentation, controllers are allowed to register new domains and extend the expiry of existing domains, but they cannot change the ownership or reduce the expiration time of existing domains. However, a preliminary analysis suggests that an attacker-controlled controller may be able to reduce the expiration time of existing domains due to an integer overflow in the renew function. The vulnerability resides in the following GitHub repository: https://github.com/ensdomains/ens-contracts/blob/master/contracts/ethregistrar/BaseRegistrarImplementation.sol#L171 The vulnerable line of code is: ``` require( expiries[id] + duration + GRACE_PERIOD > duration + GRACE_PERIOD ); // Prevent future overflow ``` In this code snippet, the `duration` variable is user-supplied, making it possible to provide a value that would cause an overflow on both sides of the '>' expression, ultimately rendering the condition true. Specifically, when the dur...