Red Hat Security Advisory 2020-2366-01 - Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of Red Hat support for Spring Boot 2.1.12 serves as a replacement for Red Hat support for Spring Boot 2.1.6, and includes security and bug fixes and enhancements. Issues addressed include bypass, cross site request forgery, and denial of service vulnerabilities.
354667e4cac1cdbe056ab77c3d622d7bb555695ab87c9226010ab61e85d7455b
Red Hat Security Advisory 2020-2067-01 - This release of Red Hat build of Thorntail 2.5.1 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section. Issues addressed include HTTP request smuggling, bypass, cross site request forgery, cross site scripting, denial of service, and out of bounds read vulnerabilities.
4f6b06242c907c4bb9882a9c0dd20ae51f06eb541c38e1084bc175618d6a5cbd
Red Hat Security Advisory 2020-1878-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information.
b758726fc3dce1df9cf3678855e1f4627e7cead9fa6c32ac4e71014542d6e216
Red Hat Security Advisory 2020-1269-01 - TODO: add package description. Issues addressed include a denial of service vulnerability.
8f880ea3f4637b9f6250c9931362acae2cf07f148106a82f415190ec50b76005
Red Hat Security Advisory 2020-1084-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information.
7659b09d14aa50b4555dd269f0fcd7b7a94baa59c950ce2148deab5166d174e9
Gentoo Linux Security Advisory 202003-52 - Multiple vulnerabilities have been found in Samba, the worst of which could lead to remote code execution. Versions less than 4.11.6 are affected.
78ecd3bc02b0f10129021084736ee7cc0c9408898c589745d90193370efe75aa
Red Hat Security Advisory 2020-0378-01 - Red Hat Identity Management is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Issues addressed include a denial of service vulnerability.
e325a135b7467b9227486cb20387420c5511728dac11b4ac7498178c225e7891
Red Hat Security Advisory 2019-4023-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and various information. A share path definition escape condition has been addressed.
05540db2f48f296be8518b7b7fcf4fc7c941f7d85d17ec063c2c28d5e4c99442
Red Hat Security Advisory 2019-3253-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and various information.
e618919ed776649dfce281b1c564622323d2d94f2b50f4885029fcdb324b1c6d
Red Hat Security Advisory 2019-3172-01 - Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Issues addressed include bypass, denial of service, and information leakage vulnerabilities.
0d1a7f3e91df6df87aebdd58b89f12efd814a2be22f9232bceca09c5693fa8c4
Debian Linux Security Advisory 4513-1 - Stefan Metzmacher discovered a flaw in Samba, a SMB/CIFS file, print, and login server for Unix. Specific combinations of parameters and permissions can allow user to escape from the share path definition and see the complete '/' filesystem. Unix permission checks in the kernel are still enforced.
d93482db03d7a4dd749d0d95b6c61e6de2e46af0866bd55857054ba3b2b6b6f5
Ubuntu Security Notice 4121-1 - Stefan Metzmacher discovered that the Samba SMB server did not properly prevent clients from escaping outside the share root directory in some situations. An attacker could use this to gain access to files outside of the Samba share, where allowed by the permissions of the underlying filesystem.
1367c76bd694c824968013e80840ec4423f8c145a8687f47480c0f08138b555d
Red Hat Security Advisory 2019-2628-01 - Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log. Issues addressed include a buffer overflow vulnerability.
106b1f1b5e56f5698a42594260a21f70b42ea234ffb8221bb183f78969c74396
Red Hat Security Advisory 2019-2630-01 - Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log. Issues addressed include a buffer overflow vulnerability.
622a6ee42399aa8c9113df81ba4a22f49cf8aca260f06ca6cc599516f5e9871f
Red Hat Security Advisory 2019-2621-01 - Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log. Issues addressed include a buffer overflow vulnerability.
9eb568a780b889c7e7d3bc91f1456a926fbecbd04250250e2a87fb8a4cbc82fc
Red Hat Security Advisory 2019-2508-01 - Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log. Issues addressed include a buffer overflow vulnerability.
b3afc2fde596990a85bb498006b8212697f6d4f1394dd5194724f2a0c957c745
Red Hat Security Advisory 2019-2506-01 - Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log. Issues addressed include a buffer overflow vulnerability.
7f4d6a292c65865bbd24165451fd9643644fcfd9f80d77fcf316e2784021601e
Red Hat Security Advisory 2019-2499-01 - The ovirt-engine-metrics package is used to collect and enrich metrics and logs from the Red Hat Virtualization Manager, hosts, and virtual machines. It includes Ansible scripts that configure Collectd and Fluentd on the Red Hat Virtualization Manager and hosts. It also stores remote metrics parameters. A password disclosure issue was addressed.
927e8c045ab29cef9cbedcf6b115a53c867d9897d78f654253a6c9062e01534f
Red Hat Security Advisory 2019-2483-01 - Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.3.3 serves as a replacement for Red Hat Single Sign-On 7.3.2, and includes bug fixes and enhancements, which are documented in the Release Notes, linked to in the References section. Issues addressed include a cross site request forgery vulnerability.
c6ff53237a68fdf7466c222c062588f3334ee54d9f145891d67c7eea4dc09a47
Gentoo Linux Security Advisory 201908-4 - Multiple vulnerabilities have been found in Redis, the worst of which may allow execution of arbitrary code. Versions less than 4.0.14 are affected.
8735d88ad71ceef1f22d1712a9b1e072fddd93a6272c38c7843ff192a5018b17
Red Hat Security Advisory 2019-2002-01 - Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log. Issues addressed include a buffer overflow vulnerability.
a78e39b8347f82c5deda449c03eef68970092376c58c9981e797979baea0b685
Red Hat Security Advisory 2019-1860-01 - Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log. Issues addressed include buffer overflow and code execution vulnerabilities.
92cb9170061d200be1f9a585a697be5ef625c327ae3d702c2440eeabc521f848
Red Hat Security Advisory 2019-1819-01 - Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log. Issues addressed include a buffer overflow vulnerability.
068033d7e9edf14c5097a42fbafb515202c54c98af6038f7bed416e8f3220b05
Ubuntu Security Notice 4061-1 - It was discovered that Redis incorrectly handled the hyperloglog data structure. An attacker could use this issue to cause Redis to crash, resulting in a denial of service, or possibly execute arbitrary code.
e6d62200dcc3583ff8990bfabdcea64710cac89e9b14e1053e57ec6615532b05
Microsoft Windows suffers from an HTTP to SMB NTLM reflection that leads to a privilege escalation.
9c438d49a171f163f1fef4b8312a6ae876fbc9dbe34a835fb20edf950b89e9d0