DiCal-RED version 4009 makes use of unmaintained third party components with their own vulnerabilities.
ac46a5297fc9b5ee7331f8918ab83a70fa899f2cf27a29ac3f89865c35bbf946Red Hat Security Advisory 2020-0983-01 - This release of Red Hat Fuse 7.6.0 serves as a replacement for Red Hat Fuse 7.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, cross site scripting, denial of service, deserialization, and information leakage vulnerabilities.
c2b2bece438c10e903155ade04dc8eb70bbee2e9169a4e812ce54e8f4eebf85aRed Hat Security Advisory 2019-3297-01 - Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services. This release of Red Hat Process Automation Manager 7.5.0 serves as an update to Red Hat Process Automation Manager 7.4.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and deserialization vulnerabilities.
482b49e13a101d713d5e44514944c4d9887eff8dd52e0581070afd49e0b6efafRed Hat Security Advisory 2019-3292-01 - Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model & Notation execution, and Business Optimizer for solving planning problems. It automates business decisions and makes that logic available to the entire business. This release of Red Hat Decision Manager 7.5.0 serves as an update to Red Hat Decision Manager 7.4.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and deserialization vulnerabilities.
e0caaf13aa781312edf2cfad999a61a2c76e5c4a9bf9bdd4050235eda030f6f1Red Hat Security Advisory 2019-3149-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains an update for jackson-databind in the logging-elasticsearch5 container image for Red Hat OpenShift Container Platform 3.11.153. Issues addressed include code execution, denial of service, and deserialization vulnerabilities.
5b5749c71d52c3690eb137ec23b207f4283a94baacb4c994ead4402f6eddba76Red Hat Security Advisory 2019-3050-01 - Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.3.4 serves as a replacement for Red Hat Single Sign-On 7.2.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass and code execution vulnerabilities.
74c31beb9387ce733882cb7dd37d5042f66b5f7eaf20f14bda92d947ec6064bbRed Hat Security Advisory 2019-3046-01 - Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.3.4 on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.3.3, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass and code execution vulnerabilities.
1c5ce3a2e792c484a35bbfedebb9faf09707919d52c7b94ffb2efd2574f350b1Red Hat Security Advisory 2019-3045-01 - Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.3.4 on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.3.3, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass and code execution vulnerabilities.
25a7f97bad8da82c50f08211d3c95b7f64aad5e4fc389d225ac6778b8760a341Red Hat Security Advisory 2019-3044-01 - Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.3.4 on RHEL 6 serves as a replacement for Red Hat Single Sign-On 7.3.3, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass and code execution vulnerabilities.
28fdd249e638c3fd71315c752051e3df9e19e8c9b9a7fa59bc5e6d80541cecbeRed Hat Security Advisory 2019-2937-01 - This release of Red Hat JBoss Enterprise Application Platform 7.2.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.3, and includes bug fixes and enhancements. Issues addressed include code execution and deserialization vulnerabilities.
5f4c10bf60a2205b3c8139df130cae0483f440473f688358aad9d72ef0e1057dRed Hat Security Advisory 2019-2935-01 - This release of Red Hat JBoss Enterprise Application Platform 7.2.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.3, and includes bug fixes and enhancements. Issues addressed include code execution and deserialization vulnerabilities.
bbfa25c18a57820dd84de8d958a691d58a85d37bfe4a28716cbbed23d14cc8e8Red Hat Security Advisory 2019-2938-01 - This release of Red Hat JBoss Enterprise Application Platform 7.2.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.3, and includes bug fixes and enhancements. Issues addressed include code execution and deserialization vulnerabilities.
65bbb6a006e948e75afcd6c5cd865e7a774b5b4821d664638ffcc817f5d6acaeRed Hat Security Advisory 2019-2936-01 - This release of Red Hat JBoss Enterprise Application Platform 7.2.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.3, and includes bug fixes and enhancements. Issues addressed include code execution and deserialization vulnerabilities.
4486148b0fd55b319692605a867b8b783325dfc28a3e3b3d6d1b2a9d6d621b94Red Hat Security Advisory 2019-2858-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains an update for both jackson-databind and guava in the logging-elasticsearch5 container image for Red Hat OpenShift Container Platform 4.1.18. Issues addressed include code execution, denial of service, and deserialization vulnerabilities.
a85ed2e06864386321cea11d7342ff644000cb72324d0fc21bf798a437bb758eRed Hat Security Advisory 2019-2703-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, bypass, denial of service, heap overflow, and use-after-free vulnerabilities.
6aacbcf84bb45ef802cdd0185418df3143d468b0ab80ee560822676b92380c24It was discovered that the USB video device class implementation in the Linux kernel did not properly validate control bits, resulting in an out of bounds buffer read. A local attacker could use this to possibly expose sensitive information (kernel memory). It was discovered that the Marvell Wireless LAN device driver in the Linux kernel did not properly validate the BSS descriptor. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. Various other vulnerabilities have also been addressed.
3bf6f3467455c33428751c5faf437aa7d6c64fe01342c90cc65e1d94808e2336Gentoo Linux Security Advisory 201908-16 - A vulnerability in ProFTPD could result in the arbitrary execution of code. Versions less than 1.3.6-r5 are affected.
0705eaa787d0511740f81c91ca5ee888e400029e41311c4dac2324cc6f6feeb1Gentoo Linux Security Advisory 201908-15 - A vulnerability in ZNC allows users to escalate privileges. Versions less than 1.7.4_rc1 are affected.
b8bd2b67303beb9f310a100e58c4fd04f651e997fe20ebf33c665ae5d1b72dccUbuntu Security Notice 4094-1 - It was discovered that the alarmtimer implementation in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly track inode validations. An attacker could use this to construct a malicious XFS image that, when mounted, could cause a denial of service. Various other issues were also addressed.
057991c54bda99e36e45617061b5319a3d5749216d070d59b5d605ff61ea7dccDebian Linux Security Advisory 4495-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
c9cffe5ad30be525cc930f197d8f2f4324ebd95c48fa3bbf6a68ef2df2511752Debian Linux Security Advisory 4491-1 - Tobias Maedel discovered that the mod_copy module of ProFTPD, a FTP/SFTP/FTPS server, performed incomplete permission validation for the CPFR/CPTO commands.
172bd5940ff91d454bf01ec17520021f22a09955366c6f11b9fd5d677cd6cea8Ubuntu Security Notice 4044-1 - znc could be made to crash or run programs as an administrator if it opened a specially crafted file.
79ff5505b9d51d847ff47f23bbdd66ee8fe7e5860b5d987d8a9b54a52dab0c5bUbuntu Security Notice 4031-1 - It was discovered that the Linux kernel did not properly separate certain memory mappings when creating new userspace processes on 64-bit Power systems. A local attacker could use this to access memory contents or cause memory corruption of other processes on the system.
c29a8b0fea956d911595a73c3f67d6fdbc5407536f94826edbbc54f9d5c4a7daDebian Linux Security Advisory 4463-1 - Two vulnerabilities were discovered in the ZNC IRC bouncer which could result in remote code execution (CVE-2019-12816) or denial of service via invalid encoding (CVE-2019-9917).
23dede2ae1981e5c5a5f41d34d05367a9d031dbc77b7f01c8842623769831714
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed