Red Hat Security Advisory 2022-0199-02 - Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network.
cba116a8ccd05fea01368a369b31a845a85169c45f170a62a3ca4d23bfd14890
Ubuntu Security Notice 5241-1 - It was discovered that QtSvg incorrectly handled certain malformed SVG images. If a user or automated system were tricked into opening a specially crafted image file, a remote attacker could use this issue to cause QtSvg to crash, resulting in a denial of service, or possibly execute arbitrary code.
32d6d60a122670053f2e460a06106159ff6aabe1544ead509400874e9613b9da
Ubuntu Security Notice 5240-1 - William Liu and Jamie Hill-Daniel discovered that the file system context functionality in the Linux kernel contained an integer underflow vulnerability, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service or execute arbitrary code.
f38197d468b0ac1b459114cface6fdb664c54f6bfdf6561758bfbe79ee4a41e0
Red Hat Security Advisory 2022-0190-04 - Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments. Issues addressed include an information leakage vulnerability.
a16be12348f952b69b8aea47b4cfeef33e3288ed755b47ac8b32100e8c944fc5
Red Hat Security Advisory 2022-0188-07 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a heap overflow vulnerability.
9285d1161496f0d2f04d09373979faf3ed79e7a3f31a711af8ec8c440d65e0ce
Red Hat Security Advisory 2022-0114-04 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.7.41.
ed8e6ee8e1359e5ec6d149d048c3e6cee2c5658382a303084a7c82eada049519
Red Hat Security Advisory 2022-0186-07 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include heap overflow and privilege escalation vulnerabilities.
255bbad280ff777117f481929995d0e8be22db96c27a7cbab200dab6e85e611d
Red Hat Security Advisory 2022-0187-04 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include heap overflow and privilege escalation vulnerabilities.
027360ba53dd866197d83e94c2fa0af7a9631774a89b45f9aad23660f6067bd1
Ransomware Builder Babuk malware suffers from an insecure permissions vulnerability.
3c941a72449b7c9a59a6744e375bc03e286f20d54c74ae9d72164f9f4476462d
Backdoor.Win32.Wisell malware suffers from a remote command execution vulnerability.
d788e12d5fc335dcab156c5b42c5ec815c3405ef856f2d8fa7ab30724fd44a2e
The panel for Collector Stealer malware version 2.0.0 suffers from a man-in-the-middle vulnerability.
530b7fff79c0308c2dfbddc914b42f69273c6f896ae3e5d1ecfe9cdf21c21ed8
The panel for Collector Stealer malware version 2.0.0 stores the login credentials in plaintext in its MySQL database. Third-party attackers who gain access to the system can read the database username passwords without having to crack them offline.
15ab8b91cfbc6055ea9d50390faa4c8e2e74bc44b945b727a94048903bc96a58
VulturiBuilder malware suffers from an insecure permissions vulnerability.
38f471c5bd75a04936af223dacbbd6a7ae5f292fae4b611b56d8fe99804decc5
Ubuntu Security Notice 5233-2 - USN-5233-1 fixed a vulnerability in ClamAV. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that ClamAV incorrectly handled memory when the CL_SCAN_GENERAL_COLLECT_METADATA scan option was enabled. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service.
8a4e6bd5262a081210485f76a46b89ea421de2fd31fa6998b00fd33f840768fa
Red Hat Security Advisory 2022-0161-03 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Issues addressed include deserialization and integer overflow vulnerabilities.
f412aec4928a8b7ed47140e7d77e8f209f4a77da1330528fba5744d638c26670
Red Hat Security Advisory 2022-0184-02 - GEGL is a graph-based image processing framework.
5419397635187631c7cc5b9582b6912adcea2088eee40391e988bed3f41940dc
Red Hat Security Advisory 2022-0176-06 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a heap overflow vulnerability.
3a8d39b382e67ddc84b361946493d6691df59cc769794212d341668be76b83b5
Red Hat Security Advisory 2022-0178-02 - GEGL is a graph-based image processing framework.
3b2178f06c6a121ea6e6aaa4e5fff07973a8eaaa7e7aef97a31d0313d2a78e42
Red Hat Security Advisory 2022-0177-02 - GEGL is a graph-based image processing framework.
83d5ce49525c37fea2caec65c17cbaff99420821bb3cb827715031f1bcf5eb63
Ubuntu Security Notice 5234-1 - Sander Bos discovered that Byobu incorrectly handled certain Apport data. An attacker could possibly use this issue to expose sensitive information.
968f6c4cc630740db02fd71e516068f07d67262c2706149c1c2aeac31d5af98e
Ubuntu Security Notice 5235-1 - It was discovered that Ruby incorrectly handled certain HTML files. An attacker could possibly use this issue to cause a crash. This issue only affected Ubuntu 20.04 LTS, Ubuntu 21.04, and Ubuntu 21.10. It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a regular expression denial of service.
a6359db1c94f5fd218ffeb0030ff14aadcb0e1fa663d178749a56f56c3ad47c9
Red Hat Security Advisory 2022-0163-01 - The RHEL-8 based Cryostat container images have been updated with a security fix for "CVE-2021-44716 golang: net/http: limit growth of header canonicalization cache". Users of RHEL-8 based Cryostat container images are advised to upgrade to these updated images, which contain backported patches to correct this security issue. Users of these images are also encouraged to rebuild all container images that depend on these images. You can find images updated by this advisory in Red Hat Ecosystem Catalog.
7118b2b2689f6eefb1b744c04b387a5f1b3a1a39a25ba507fc74bc6d87d5d81b
Red Hat Security Advisory 2022-0164-03 - Red Hat Single Sign-On is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Hat Single Sign-On for OpenShift image provides an authentication server that you can use to log in centrally, log out, and register. You can also manage user accounts for web applications, mobile applications, and RESTful web services. This erratum releases a new image for Red Hat Single Sign-On 7.5.1 for use within the OpenShift Container Platform 3.10, OpenShift Container Platform 3.11, and within the OpenShift Container Platform 4.9 cloud computing Platform-as-a-Service for on-premise or private cloud deployments, aligning with the standalone product release. Issues addressed include bypass and information leakage vulnerabilities.
3a8bbc1780dd6f365c4b4e8fe93df715d40afa62fb70641a0bf5d979e9c1b912
WordPress Email Template Designer – WP HTML Mail plugin versions 3.0.9 and below suffer from a cross site scripting vulnerability.
2daac954d0f1c688550129f35862a338821ee9c20becb99aa75ebc8c3fabb72e
Whitepaper that explains a misconfiguration based flaw about Local Administrator Password Solution.
afd186867562453b4d7f00ad96270e7a4c5c6b2facd655ef9e4e3c6d602fb576