Red Hat Security Advisory 2021-0038-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include XML injection and information leakage vulnerabilities.
8d4bd4ca738a439d561e06aa0a09dc0617d07985ce23498f0fc8bd8e00dd0de7Ubuntu Security Notice 4696-1 - It was discovered that HTMLDOC incorrectly handled certain HTML files. An attacker could possibly use this issue to cause a denial of service.
6e6c6ec64b0d30329f38a029369b020205387dd14450887a1fe7d42b118b95c8IBM Spectrum LSF versions 10.1 and 10.2 suffer from hardcoded eauth key and eauth key exposure vulnerabilities.
7b805922df0af9a8af46eb5021d5ad516d5d2b44e2d6fc8f4bd24f60749d3a03Red Hat Security Advisory 2021-0162-01 - XStream is a Java XML serialization library to serialize objects to and deserialize object from XML. Issues addressed include code execution and deserialization vulnerabilities.
b366e9e05e09ff35036b57f8b3cd40b6da1910782ce05c9ce113a213dee6f24dUbuntu Security Notice 4695-1 - Choongwoo Han discovered that icoutils incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. It was discovered that icoutils incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Jerzy Kramarz discovered that icoutils incorrectly handled certain files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. Various other issues were also addressed.
f59cdee7119a63e6267c98cb8436332e70f982c3e605747eb25581220a45a6f0Red Hat Security Advisory 2021-0164-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include bypass and improper authorization vulnerabilities.
eb8e1e6365635553d7141e57d96f70695631b1f37610081bbae039f06b0b9a33Red Hat Security Advisory 2021-0161-01 - PostgreSQL is an advanced object-relational database management system.
710caf5536ab97ac2ec7021fb158593b53341882c0f21e6a55443af15f04d63cRed Hat Security Advisory 2021-0163-01.tct - PostgreSQL is an advanced object-relational database management system. Issues addressed include an improper authorization vulnerability.
575df684c9edc18a6d05418493114b9a6583c3da5ebc93cf9854d5145aa0c61cUbuntu Security Notice 4693-1 - It was discovered that an SQL injection vulnerability exists in the Ampache search engine. Any user able to perform searches could dump any data contained in the database. An attacker could use this to disclose sensitive information. It was discovered that an XSS vulnerability in Ampache. An attacker could use this vulnerability to force an admin to create a new privileged user. Various other issues were also addressed.
18b1e4a4d6c0257b8902895a9fc6a7a7a30f0026ee8bb8bf12953f5aa9e36421Ubuntu Security Notice 4694-1 - It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data.
dd241470c5806e0713b82db027f143f31f3cb8056a7697760fcec42574886cacRed Hat Security Advisory 2021-0146-01 - Red Hat OpenShift Serverless 1.12.0 is a generally available release of the OpenShift Serverless Operator. This version of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform version 4.6, and includes security and bug fixes and enhancements. For more information, see the documentation listed in the References section. Issues addressed include code execution and cross site scripting vulnerabilities.
a86c00be6acf79cfc141fb047b2a8d856fd69b40c660eaa8ec6d9b8a5a91d313Red Hat Security Advisory 2021-0145-01 - Red Hat OpenShift Serverless Client kn CLI is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms. Red Hat OpenShift Serverless Client kn 1.12.0 provides a CLI to interact with Red Hat OpenShift Serverless 1.12.0, and includes security and bug fixes and enhancements. For more information, see the release notes listed in the References section. Issues addressed include code execution and cross site scripting vulnerabilities.
bd106d84adec1cf85267c4b189795d02345599e4effd3223907818a64a88382bRed Hat Security Advisory 2021-0136-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a denial of service vulnerability.
70ea21c82d53d705a59e08d0a6c1116c9c6420098350de5f97ba3331180d8937Ubuntu Security Notice 4692-1 - Chris Siebenmann discovered that tar incorrectly handled extracting files resized during extraction when invoked with the --sparse flag. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Daniel Axtens discovered that tar incorrectly handled certain malformed tar files. If a user or automated system were tricked into processing a specially crafted tar archive, a remote attacker could use this issue to cause tar to crash, resulting in a denial of service. Various other issues were also addressed.
9bed467c26667336b932ddeba1541600754872bc0120a0b322fee2ac338b5d12Red Hat Security Advisory 2021-0114-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 3.1.111 and .NET Core Runtime 3.1.11.
7380575aa02aabc182467506a2882cf735188d7bf79e56d1a76fa23626b3b193Red Hat Security Advisory 2021-0110-01 - This release of Red Hat Integration - Camel K - Tech-Preview 2 serves as a replacement for tech-preview 1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include an XML injection vulnerability.
0072214b8752c91826227c41bc21cb074fffe02b75be65b68b6fa1f4c88b26dcUbuntu Security Notice 4691-1 - Jonas Rudloff discovered that Open vSwitch incorrectly handled certain malformed LLDP packets. A remote attacker could use this issue to cause Open vSwitch to crash, resulting in a denial of service, or possibly execute arbitrary code.
522c33d4bfb2612643e27b3e5307fae4956cb875c0b7d34c19776365676cb382Red Hat Security Advisory 2021-0030-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
9b192408ceb808a4dc144a61810c26e5f746032f27e94d444fd2105e971b9596Red Hat Security Advisory 2021-0106-01 - Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model & Notation execution, and Business Optimizer for solving planning problems. It automates business decisions and makes that logic available to the entire business. This release of Red Hat Decision Manager 7.9.1 serves as an update to Red Hat Decision Manager 7.9.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and deserialization vulnerabilities.
bbdcc017d30440cfcba2abc8f04c029f5e2566c59cfbde27608a6b81045fb0edRed Hat Security Advisory 2021-0105-01 - Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services. This release of Red Hat Process Automation Manager 7.9.1 serves as an update to Red Hat Process Automation Manager 7.9.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and deserialization vulnerabilities.
43ccb66d8aa4ca719d5833479d04e7b2a52b58dc06a2d946510669c4304176bfUbuntu Security Notice 4690-1 - It was discovered that coTURN allowed peers to connect and relay packets to loopback addresses in the range of 127.x.x.x. A malicious user could use this vulnerability to insert packages into the loopback interface.
e5a6b608a261733f2ac478eebef781a73d720ced5c66448b8f123eac9fc56328Gentoo Linux Security Advisory 202101-10 - Multiple vulnerabilities have been found in Asterisk, the worst of which could result in a Denial of Service condition. Versions less than 13.38.1 are affected.
11d807e9cd4e114f1e2c4fda7361a73e56a538a84922c07e2278e40be8db2000Red Hat Security Advisory 2021-0095-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 3.1.111 and .NET Core Runtime 3.1.11.
6c953744092833a1e4f5d55b9a6f709e3117eecc95580fbdbf3f5d2d13f6705fRed Hat Security Advisory 2021-0094-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 5.0.102 and .NET Runtime 5.0.2.
4ef5433bc12908b3409ddbe3c0aec0291cd91731c74796314220f1b08ed9f9a9Gentoo Linux Security Advisory 202101-9 - Multiple vulnerabilities have been found in VirtualBox, the worst of which could allow an attacker to take control of VirtualBox. Versions prior to 6.1.12 are affected.
52f1427b6724027c64e1c0a43f6f10cd2738fb5d98601a21cb0095f7a4a9bbe6
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed