Debian Linux Security Advisory 5270-1 - Yuchen Zeng and Eduardo Vela discovered a buffer overflow in NTFS-3G, a read-write NTFS driver for FUSE, due to incorrect validation of some of the NTFS metadata. A local user can take advantage of this flaw for local root privilege escalation.
ca2f94088e74deaaa1112fe1dc761f03ded0dd6cfeb76363f112ada72eae8fb4Red Hat Security Advisory 2022-7410-01 - Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.6.1 on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.6.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP request smuggling, code execution, cross site scripting, and denial of service vulnerabilities.
20de8cac035eb0328ec9dcb7ce2f968147a87e30dacad7dfd94b929d9ff397daRed Hat Security Advisory 2022-7409-01 - Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.6.1 on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.6.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP request smuggling, code execution, cross site scripting, and denial of service vulnerabilities.
c920db1dec3b041d6c286f4114456a9165972f7534a40725c37eb60214d02198Red Hat Security Advisory 2022-7417-01 - Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.6.1 serves as a replacement for Red Hat Single Sign-On 7.6.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP request smuggling, code execution, cross site scripting, and denial of service vulnerabilities.
66e7c910cb690290044b2d3be37ff70715adf821991f2d81a1677e4efb1eff1dRed Hat Security Advisory 2022-7407-01 - Service Binding Operator 1.3.1 is now available for OpenShift Developer Tools and Services for OCP 4.9 +.
012e227d425066acf1cddd9d946b3a26f80b7130b2626aa0f33187b388d2dd22Red Hat Security Advisory 2022-7411-01 - Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.6.1 on RHEL 9 serves as a replacement for Red Hat Single Sign-On 7.6.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP request smuggling, code execution, cross site scripting, and denial of service vulnerabilities.
783a2b010e945a3b187cff896274ec22adcdcf88ca22b7e1c6c7a3ebc2cc25ecUbuntu Security Notice 5712-1 - It was discovered that SQLite did not properly handle large string inputs in certain circumstances. An attacker could possibly use this issue to cause a denial of service or arbitrary code execution.
ce65c00028a01e0df3948e6640148ec8ae4f817b436b3dc3359958f0f796e12dUbuntu Security Notice 5713-1 - Devin Jeanpierre discovered that Python incorrectly handled sockets when the multiprocessing module was being used. A local attacker could possibly use this issue to execute arbitrary code and escalate privileges.
519b87950edc14d86138f6d60cc3d5418b913135e7e909f8cc810d2a861e5aeeUbuntu Security Notice 5711-2 - USN-5711-1 fixed a vulnerability in NTFS-3G. This update provides the corresponding update for Ubuntu 14.04 ESM Ubuntu 16.04 ESM. Yuchen Zeng and Eduardo Vela discovered that NTFS-3G incorrectly validated certain NTFS metadata. A local attacker could possibly use this issue to gain privileges.
d861ce17fd95a1bdcfcda3b91e6930270e3652aa952f3265793cc0b68464bfc4WebKit suffers from an HTMLSelectElement use-after-free vulnerability.
f919800224aa99b055b40b0996b148ca88778d53438f1227fbb9b98b78728a09Senayan Library Management System version 9.5.0 suffers from a remote SQL injection vulnerability.
5b98654c16fb65927d8c0c10149267d90cf2f36678335ed7163311ea33ba96d1
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed