Ubuntu Security Notice 5614-2 - USN-5614-1 fixed a vulnerability in Wayland. This update provides the corresponding update for Ubuntu 16.04 ESM. It was discovered that Wayland incorrectly handled reference counting certain objects. An attacker could use this issue to cause Wayland to crash, resulting in a denial of service, or possibly execute arbitrary code.
10e730b3dc2565c7df75f5b8c7912171f93bac717141d6b3dac8f64898adb02f
WordPress WPvivid Backup plugin versions prior to 0.9.76 suffer from a path traversal vulnerability.
fb090fe06b8107185b5b73bdfac52e984a5bd3987e4e8a14397734095d06addf
WordPress Elementor plugin versions 3.6.0 through 3.6.2 suffer from a remote shell upload vulnerability. This is achieved by sending a request to install Elementor Pro from a user supplied zip file. Any user with Subscriber or more permissions is able to execute this.
0537a61d8c7e168ee93f25ae88cc62b13741cb186c02291ebc2f946f834cd81f
Ubuntu Security Notice 5651-2 - USN-5651-1 fixed a vulnerability in strongSwan. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Lahav Schlesinger discovered that strongSwan incorrectly handled certain OCSP URIs and and CRL distribution points in certificates. A remote attacker could possibly use this issue to initiate IKE_SAs and send crafted certificates that contain URIs pointing to servers under their control, which can lead to a denial-of-service attack.
759a27511c8f487803c7aa104783c2c246c6fddf62edc3b8d14f204cff8a093e
Red Hat Security Advisory 2022-6763-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a memory leak vulnerability.
90a7db70273f1bcf3f0dddfd37788d5e9c87a1b7559b29fdcbb1e860a02410b1
Ubuntu Security Notice 5651-1 - Lahav Schlesinger discovered that strongSwan incorrectly handled certain OCSP URIs and and CRL distribution points in certificates. A remote attacker could possibly use this issue to initiate IKE_SAs and send crafted certificates that contain URIs pointing to servers under their control, which can lead to a denial-of-service attack.
307727d9f9df8f35a12cad1acef25cb191f668ed5401e4156a8ff7369ecdc831
Joomla RAXO All-Mode PRO extension version 2.01 suffers from a cross site scripting vulnerability.
b184da1d06132aed982ee2549a07da0dfa94c6d57c4ca741a10f65c4a73eec7a
Red Hat Security Advisory 2022-6764-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a memory leak vulnerability.
98299df0e775091d0cd425d53583bd53c962a02b6a59be2d5445c8a7d756d4e6
Ubuntu Security Notice 5653-1 - Benjamin Balder Bach discovered that Django incorrectly handled certain internationalized URLs. A remote attacker could possibly use this issue to cause Django to crash, resulting in a denial of service.
9243a60f7904a4b165533d79fb778a5eaf28db2dcb1af8c5196198b7945e326e
Canteen Management version 1.0-2022 suffers from a remote SQL injection vulnerability.
2d4328d6484fdeed0350fcb19dc9fe4f3d5499e3bb9f44d105865efdc3315733
Ubuntu Security Notice 5652-1 - It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Domingo Dirutigliano and Nicola Guerrera discovered that the netfilter subsystem in the Linux kernel did not properly handle rules that truncated packets below the packet header size. When such rules are in place, a remote attacker could possibly use this to cause a denial of service.
da237cf0c69ad0299d2d45386e0353a125c52434eb9c8e1c7b9ba1d5a9cfa13a
Joomla Solidres extension version 2.12.9 suffers from a cross site scripting vulnerability.
4d0ea072e4c8b6fdd75003b025df09b5ced3c45e3082d7cfe1352f4dfe683076
Red Hat Security Advisory 2022-6765-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a memory leak vulnerability.
c4fc34a4dbce658a7d6f43a15de99e7c144eb84230b265c294a7594060f9a520
Red Hat Security Advisory 2022-6766-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include denial of service, information leakage, and open redirection vulnerabilities.
47a2ab29057f9acc5a00ccedf39008056db417722a5523acfc41053f138f98b6
This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
19f85009c7e3e23787f0236fbb1578392ab4d4bf9f8ec5fe6bc1cd7e8bfdd288