Red Hat Security Advisory 2021-1389-01 - OpenLDAP is an open-source suite of Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols used to access and maintain distributed directory information services over an IP network. Issues addressed include a null pointer vulnerability.
63d7bd955c0c0b5f897fedb062b27d303ea02234b1da57fbadca0405295a212eUbuntu Security Notice 4926-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, bypass security restrictions, trick the user into disclosing confidential information, or execute arbitrary code. Various other issues were also addressed.
f55c2332782fe26e72bd86b4970020318554061cc3558a83e9597678bbf3463cRed Hat Security Advisory 2021-1384-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Issues addressed include a denial of service vulnerability.
b9384c51fa1cd1c88848153f7efda1460bd918ed9f161b7e522e2b0b07d65081Kimai version 1.14 suffers from a CSV injection vulnerability.
afb42232708cf7c479a931df88973a1686f1c2e59c5995bf6636cc24c9b50abfRed Hat Security Advisory 2021-1230-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include code execution and deserialization vulnerabilities.
c7d10448a5d29916548625e02af2286811c91fe3d47e52579e3a45663d570cc4This Metasploit module exploits a pre-auth server-side request forgery (CVE-2021-21975) and post-auth file write (CVE-2021-21983) in VMware vRealize Operations Manager to leak admin creds and write/execute a JSP payload. CVE-2021-21975 affects the /casa/nodes/thumbprints endpoint, and CVE-2021-21983 affects the /casa/private/config/slice/ha/certificate endpoint. Code execution occurs as the "admin" Unix user.
8fb3fd3d2660db09b165a788ebbd4aab98bfde09593d01e190121efb5d69716dRed Hat Security Advisory 2021-1401-01 - This release of Red Hat Fuse 7.8.1 serves as a patch to Red Hat Fuse on Karaf and Red Hat Fuse on Spring Boot 2, and includes security fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include a bypass vulnerability.
6a37dcbd49aff0b17f539cf95e73580a679208b239007b0e3fe04e49131db793WordPress WPGraphQL plugin version 1.3.5 suffers from a denial of service vulnerability.
fd8100cf3908043374f8ea4c72265eeed0145c4053e6b5d3a90a8ffba4670eddRed Hat Security Advisory 2021-1376-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, out of bounds read, and use-after-free vulnerabilities.
240032e93bcb7b4ed0735232f82e3b09c775facff14f3a3bea7b130dd3b6a555Apache Druid includes the ability to execute user-provided JavaScript code embedded in various types of requests; however, that feature is disabled by default. In Druid versions prior to 0.20.1, an authenticated user can send a specially-crafted request that both enables the JavaScript code-execution feature and executes the supplied code all at once, allowing for code execution on the server with the privileges of the Druid Server process. More critically, authentication is not enabled in Apache Druid by default.
b298c899e38be69b54163c4da54bb4be979f3abb34cca3c04ac527f6a5c92905Red Hat Security Advisory 2021-1377-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include buffer overflow and out of bounds read vulnerabilities.
ef5f189198155a80dd82a4c1ff695427a03a5f6126ff823378ccca72f3fa0f42Red Hat Security Advisory 2021-1379-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues addressed include buffer overflow, denial of service, out of bounds read, and use-after-free vulnerabilities.
39ae052b6e94164d686c089d8de36b2b2bbf67921f14194ffe304415461aaf6aMontiorr version 1.7.6m suffers from a cross site scripting vulnerability via a file upload.
5e6dcee09ca3a6208dca09fa733156105f960720d70334ae602f8f337f70aaa0Red Hat Security Advisory 2021-1373-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow and out of bounds read vulnerabilities.
1f4d9d0e249812a79e1d8846ca1ee2bd1ed40eb3dd88b4c6ea3ae28227ac7239
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed