#ubuntu

PHP Melody version 3.0 suffers from a persistent Editor related cross site scripting vulnerability.

PHP Melody version 3.0 suffers from a remote SQL injection vulnerability.

PHP Melody version 3.0 suffers from multiple cross site scripting vulnerabilities.

SPA Cart CMS version 2021 suffers from a remote SQL injection vulnerability.

Ubuntu Security Notice 5122-2 - USN-5122-1 fixed a vulnerability in Apport. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that Apport could be tricked into writing core files as root into arbitrary directories in certain scenarios. A local attacker could possibly use this issue to escalate privileges. On Ubuntu 16.04 ESM This update will cause Apport to generate all core files in the /var/lib/apport/coredump directory. On Ubuntu 14.04 ESM, core file generation has been disabled by default. Various other issues were also addressed.

Red Hat Security Advisory 2021-3987-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass and use-after-free vulnerabilities.

Whitepaper called Analyzing Java Heap Dumps.

Ubuntu Security Notice 5124-1 - It was discovered that GNU binutils incorrectly handled certain hash lookups. An attacker could use this issue to cause GNU binutils to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that GNU binutils incorrectly handled certain corrupt DWARF debug sections. An attacker could possibly use this issue to cause GNU binutils to consume memory, resulting in a denial of service. Various other issues were also addressed.

BMW Online appears to allow script insertion that can get embedded into emails.

Mult-e-Cart Ultimate version 2.4 suffers from a remote SQL injection vulnerability.