Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.
8d9a028ca9fec7ad4a9e48a763e296052384cf402ea4cd371577bff183c27451Ubuntu Security Notice 5247-1 - It was discovered that vim incorrectly handled parsing of filenames in its search functionality. If a user was tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service. This issue only affected Ubuntu 21.10. It was discovered that vim incorrectly handled memory when opening and searching the contents of certain files. If a user was tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service, or possibly achieve code execution with user privileges. This issue only affected Ubuntu 20.04 LTS and Ubuntu 21.10.
0f31c723fcf492f4c599406b080fe0688ba5d8d947f3a76dd2aeb25ec43c83f6Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.
f427294ed674e37d34a1b756a2190de17937e046ef21abb3ae37bba018a760f1Gentoo Linux Security Advisory 202201-1 - A vulnerability in polkit could lead to local root privilege escalation. Versions less than 0.120-r2 are affected.
d11426713b556943aaabfa3a7507c7905257729200bd39fec54ff2e0f803eb1fSAP Enterprise Portal with ENGINEAPI versions 7.10, 7.30, 7.31, 7.40, and 7.50 suffers from an XSLT injection vulnerability.
da6ac9ab738f2080b02cc97608aef6a101c7d751b2f8886505ca291243379d5fRed Hat Security Advisory 2022-0181-05 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.54. Issues addressed include a code execution vulnerability.
73d36f9fbdaf2a788f122df40acc17a5801dd1fdfc2fd2a62a7fab55f3bdda30SAP CommonCryptoLib suffers from a null pointer dereference vulnerability. An unauthenticated attacker without specific knowledge of the system can send a specially crafted packet over a network which will trigger an internal error causing the system to crash and remain unavailable.
4e1a256c3f431f4168136d27f62d96f748180dc8bdcac0d78e7fd1c23eb39487SAP Enterprise Portal with EP-RUNTIME component versions 7.30, 7.31, 7.40, and 7.50 suffer from an open redirection vulnerability.
31e789c3fc612f938cd56d5fab9f4d359a5679a1c9bc3ae446b98afd67ad0c83Red Hat Security Advisory 2022-0303-02 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include a buffer overflow vulnerability.
102f97515e84e14f93a9cd7b93098bdf0b40749fe342b272ebee131d1de43286WordPress RegistrationMagic V plugin versions 5.0.1.5 and below suffer from a remote SQL injection vulnerability.
fc704ca5ead8ef607cb727b84f02e144261f21080490cda78592accedd147834Red Hat Security Advisory 2022-0288-02 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include a buffer overflow vulnerability.
27470758eb8ce85ae3e9bc8cc589cb75c5c5877711f79e2205b5d8a0b4aec167Red Hat Security Advisory 2022-0289-04 - Parfait is a Java performance monitoring library that collects metrics and exposes them through a variety of outputs. It provides APIs for extracting performance metrics from the JVM and other sources. It interfaces to Performance Co-Pilot using the Memory Mapped Value machinery for extremely lightweight instrumentation. Issues addressed include code execution, deserialization, and remote SQL injection vulnerabilities.
9931203266878ec8ee0138ce4ab9109c2e39e27123382c3d49f5ec1c89c67e73SAP Enterprise Portal with EP-RUNTIME component versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, and 7.50 suffer from a iviewCatcherEditor server-side request forgery vulnerability.
05b826d203ad0d9639e1eddd559c1655d47d3c184d59c75033d4f4a70566519dWordPress Modern Events Calendar plugin versions 6.1 and below suffer from an unauthenticated remote SQL injection vulnerability.
2a932ef31add8a8654da477a713636c2c7a4dce620d21c2f35410be6a9281339Red Hat Security Advisory 2022-0291-04 - Parfait is a Java performance monitoring library that collects metrics and exposes them through a variety of outputs. It provides APIs for extracting performance metrics from the JVM and other sources. It interfaces to Performance Co-Pilot using the Memory Mapped Value machinery for extremely lightweight instrumentation. Issues addressed include code execution, deserialization, and remote SQL injection vulnerabilities.
02ce2dbca92af00639ffd0a1459648d387e54641e74941836f669d57f9916b7dSAP Enterprise Portal with EP-RUNTIME component versions 7.30, 7.31, 7.40, and 7.50 suffer from a RunContentCreation cross site scripting vulnerability.
df15ae63bb5d2b8fdb14db62a9d66eaecfae3239f8b258e8b84c90806fe26742PolicyKit-1 version 0.105-31 pkexec local privilege escalation exploit.
e763628c9543e4357ba4d5a9b7e1c341b905fc2157029c0da5fa8c50dd7a3baeRed Hat Security Advisory 2022-0294-04 - Parfait is a Java performance monitoring library that collects metrics and exposes them through a variety of outputs. It provides APIs for extracting performance metrics from the JVM and other sources. It interfaces to Performance Co-Pilot using the Memory Mapped Value machinery for extremely lightweight instrumentation. Issues addressed include code execution, deserialization, and remote SQL injection vulnerabilities.
8e75915778ce7907c6f34b783320b348d93585f68aeae5b3c5f559dde068a203SAP Enterprise Portal with EP-RUNTIME component versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, and 7.50 suffer from a NavigationReporter cross site scripting vulnerability.
ee2d0a75bef9c35261f7c80c337b71a54f659bac383ea7ae746759f207a06a8cOracle WebLogic Server suffers from a local file inclusion vulnerability. Versions affected include 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0.
201c7442b864057fc71cc40d8602d6406f7fb6b3d115cde62d9c902068b08cfaRed Hat Security Advisory 2022-0290-06 - Parfait is a Java performance monitoring library that collects metrics and exposes them through a variety of outputs. It provides APIs for extracting performance metrics from the JVM and other sources. It interfaces to Performance Co-Pilot using the Memory Mapped Value machinery for extremely lightweight instrumentation. Issues addressed include code execution, deserialization, and remote SQL injection vulnerabilities.
d3a9b327c1f6a6ac05a0921a4108fd9f13b7467642217aa8fbad5007566759f3WordPress Mortgage Calculators WP plugin version 1.52 suffers from a persistent cross site scripting vulnerability.
474818bddeab1021d506b44b90761fa069e2d2dfb5abcb6e7835d3b35aa365eeRed Hat Security Advisory 2022-0296-03 - Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services. This release of Red Hat Process Automation Manager 7.12.0 serves as an update to Red Hat Process Automation Manager 7.11.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, denial of service, deserialization, and traversal vulnerabilities.
9fe5d56b67e4cb17b94b89a61187f0f0526832f9b202ea4e38ac4241e4d83532Red Hat Security Advisory 2022-0297-01 - Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model & Notation execution, and Business Optimizer for solving planning problems. It automates business decisions and makes that logic available to the entire business. This release of Red Hat Decision Manager 7.12.0 serves as an update to Red Hat Decision Manager 7.11.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, denial of service, deserialization, and traversal vulnerabilities.
76891c2b8e01ccf2bb0eee2577145d5f3199b6012d511db9fdec8ab423514580
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed