Security
Headlines
HeadlinesLatestCVEs

Tag

#ubuntu

CVE-2023-24161: VulnerabilityProjectRecords/setWebWlanIdx.md at main · iceyjchen/VulnerabilityProjectRecords

TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the webWlanIdx parameter in the setWebWlanIdx function.

CVE
Open in Source
#vulnerability#web#ubuntu#linux#firefox
CVE-2023-24160: VulnerabilityProjectRecords/setPasswordCfg_admuser.md at main · iceyjchen/VulnerabilityProjectRecords

TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the admuser parameter in the setPasswordCfg function.

CVE-2023-24159: VulnerabilityProjectRecords/setPasswordCfg_admpass.md at main · iceyjchen/VulnerabilityProjectRecords

TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the admpass parameter in the setPasswordCfg function.

CVE-2023-0803: tiffcrop: heap-buffer-overflow in extractContigSamplesShifted16bits, tiffcrop.c:3516 (#501) · Issues · libtiff / libtiff · GitLab

LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3516, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.

Ubuntu Security Notice USN-5867-1

Ubuntu Security Notice 5867-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

Ubuntu Security Notice USN-5866-1

Ubuntu Security Notice 5866-1 - It was discovered that Nova did not properly manage data logged into the log file. An attacker with read access to the service's logs could exploit this issue and may obtain sensitive information. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. It was discovered that Nova did not properly handle attaching and reattaching the encrypted volume. An attacker could possibly use this issue to perform a denial of service attack. This issue only affected Ubuntu 16.04 ESM.

Ubuntu Security Notice USN-5865-1

Ubuntu Security Notice 5865-1 - It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Pawan Kumar Gupta, Alyssa Milburn, Amit Peled, Shani Rehana, Nir Shildan and Ariel Sabba discovered that some Intel processors with Enhanced Indirect Branch Restricted Speculation did not properly handle RET instructions after a VM exits. A local attacker could potentially use this to expose sensitive information.

Ubuntu Security Notice USN-5862-1

Ubuntu Security Notice 5862-1 - It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Pawan Kumar Gupta, Alyssa Milburn, Amit Peled, Shani Rehana, Nir Shildan and Ariel Sabba discovered that some Intel processors with Enhanced Indirect Branch Restricted Speculation did not properly handle RET instructions after a VM exits. A local attacker could potentially use this to expose sensitive information.