Red Hat Security Advisory 2022-0199-02 - Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network.
cba116a8ccd05fea01368a369b31a845a85169c45f170a62a3ca4d23bfd14890Ubuntu Security Notice 5241-1 - It was discovered that QtSvg incorrectly handled certain malformed SVG images. If a user or automated system were tricked into opening a specially crafted image file, a remote attacker could use this issue to cause QtSvg to crash, resulting in a denial of service, or possibly execute arbitrary code.
32d6d60a122670053f2e460a06106159ff6aabe1544ead509400874e9613b9daUbuntu Security Notice 5240-1 - William Liu and Jamie Hill-Daniel discovered that the file system context functionality in the Linux kernel contained an integer underflow vulnerability, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service or execute arbitrary code.
f38197d468b0ac1b459114cface6fdb664c54f6bfdf6561758bfbe79ee4a41e0Red Hat Security Advisory 2022-0190-04 - Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments. Issues addressed include an information leakage vulnerability.
a16be12348f952b69b8aea47b4cfeef33e3288ed755b47ac8b32100e8c944fc5Red Hat Security Advisory 2022-0188-07 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a heap overflow vulnerability.
9285d1161496f0d2f04d09373979faf3ed79e7a3f31a711af8ec8c440d65e0ceRed Hat Security Advisory 2022-0114-04 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.7.41.
ed8e6ee8e1359e5ec6d149d048c3e6cee2c5658382a303084a7c82eada049519Red Hat Security Advisory 2022-0186-07 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include heap overflow and privilege escalation vulnerabilities.
255bbad280ff777117f481929995d0e8be22db96c27a7cbab200dab6e85e611dRed Hat Security Advisory 2022-0187-04 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include heap overflow and privilege escalation vulnerabilities.
027360ba53dd866197d83e94c2fa0af7a9631774a89b45f9aad23660f6067bd1Ransomware Builder Babuk malware suffers from an insecure permissions vulnerability.
3c941a72449b7c9a59a6744e375bc03e286f20d54c74ae9d72164f9f4476462dBackdoor.Win32.Wisell malware suffers from a remote command execution vulnerability.
d788e12d5fc335dcab156c5b42c5ec815c3405ef856f2d8fa7ab30724fd44a2eThe panel for Collector Stealer malware version 2.0.0 suffers from a man-in-the-middle vulnerability.
530b7fff79c0308c2dfbddc914b42f69273c6f896ae3e5d1ecfe9cdf21c21ed8The panel for Collector Stealer malware version 2.0.0 stores the login credentials in plaintext in its MySQL database. Third-party attackers who gain access to the system can read the database username passwords without having to crack them offline.
15ab8b91cfbc6055ea9d50390faa4c8e2e74bc44b945b727a94048903bc96a58VulturiBuilder malware suffers from an insecure permissions vulnerability.
38f471c5bd75a04936af223dacbbd6a7ae5f292fae4b611b56d8fe99804decc5Ubuntu Security Notice 5233-2 - USN-5233-1 fixed a vulnerability in ClamAV. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that ClamAV incorrectly handled memory when the CL_SCAN_GENERAL_COLLECT_METADATA scan option was enabled. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service.
8a4e6bd5262a081210485f76a46b89ea421de2fd31fa6998b00fd33f840768faRed Hat Security Advisory 2022-0161-03 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Issues addressed include deserialization and integer overflow vulnerabilities.
f412aec4928a8b7ed47140e7d77e8f209f4a77da1330528fba5744d638c26670Red Hat Security Advisory 2022-0184-02 - GEGL is a graph-based image processing framework.
5419397635187631c7cc5b9582b6912adcea2088eee40391e988bed3f41940dcRed Hat Security Advisory 2022-0176-06 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a heap overflow vulnerability.
3a8d39b382e67ddc84b361946493d6691df59cc769794212d341668be76b83b5Red Hat Security Advisory 2022-0178-02 - GEGL is a graph-based image processing framework.
3b2178f06c6a121ea6e6aaa4e5fff07973a8eaaa7e7aef97a31d0313d2a78e42Red Hat Security Advisory 2022-0177-02 - GEGL is a graph-based image processing framework.
83d5ce49525c37fea2caec65c17cbaff99420821bb3cb827715031f1bcf5eb63Ubuntu Security Notice 5234-1 - Sander Bos discovered that Byobu incorrectly handled certain Apport data. An attacker could possibly use this issue to expose sensitive information.
968f6c4cc630740db02fd71e516068f07d67262c2706149c1c2aeac31d5af98eUbuntu Security Notice 5235-1 - It was discovered that Ruby incorrectly handled certain HTML files. An attacker could possibly use this issue to cause a crash. This issue only affected Ubuntu 20.04 LTS, Ubuntu 21.04, and Ubuntu 21.10. It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a regular expression denial of service.
a6359db1c94f5fd218ffeb0030ff14aadcb0e1fa663d178749a56f56c3ad47c9Red Hat Security Advisory 2022-0163-01 - The RHEL-8 based Cryostat container images have been updated with a security fix for "CVE-2021-44716 golang: net/http: limit growth of header canonicalization cache". Users of RHEL-8 based Cryostat container images are advised to upgrade to these updated images, which contain backported patches to correct this security issue. Users of these images are also encouraged to rebuild all container images that depend on these images. You can find images updated by this advisory in Red Hat Ecosystem Catalog.
7118b2b2689f6eefb1b744c04b387a5f1b3a1a39a25ba507fc74bc6d87d5d81bRed Hat Security Advisory 2022-0164-03 - Red Hat Single Sign-On is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Hat Single Sign-On for OpenShift image provides an authentication server that you can use to log in centrally, log out, and register. You can also manage user accounts for web applications, mobile applications, and RESTful web services. This erratum releases a new image for Red Hat Single Sign-On 7.5.1 for use within the OpenShift Container Platform 3.10, OpenShift Container Platform 3.11, and within the OpenShift Container Platform 4.9 cloud computing Platform-as-a-Service for on-premise or private cloud deployments, aligning with the standalone product release. Issues addressed include bypass and information leakage vulnerabilities.
3a8bbc1780dd6f365c4b4e8fe93df715d40afa62fb70641a0bf5d979e9c1b912WordPress Email Template Designer – WP HTML Mail plugin versions 3.0.9 and below suffer from a cross site scripting vulnerability.
2daac954d0f1c688550129f35862a338821ee9c20becb99aa75ebc8c3fabb72eWhitepaper that explains a misconfiguration based flaw about Local Administrator Password Solution.
afd186867562453b4d7f00ad96270e7a4c5c6b2facd655ef9e4e3c6d602fb576
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed