Zabbix Agent and Zabbix Agent 2 versions 6.2.7 and below suffer from an issue where it does not secure the permissions on a non-default installation directory, allowing an attacker to place a malicious executable to escalate privileges.
e9a0850cde5d06c71ea30e979fa758f59d41573ad537d6d49864922de3563ffbRed Hat Security Advisory 2023-0728-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.3.
7b3ea466b7e032dc6e7137b1118f12fe92ff5b2ac2904ed501fbf465d97b9389Debian Linux Security Advisory 5351-1 - An anonymous researcher discovered that processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
51c629dee01a9c9d64f65b1650d86c9e02cc1b037408c471f53481115444c9f4Red Hat Security Advisory 2023-0727-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.12.3.
25ce2b083f16878cd687f232a8e658adba8a31c1d4672704003c27d03de63fb2Red Hat Security Advisory 2023-0577-01 - This release of Red Hat build of Eclipse Vert.x 4.3.7 GA includes security updates. For more information, see the release notes listed in the References section. Issues addressed include a denial of service vulnerability.
6b850ce17c053221d0c851961fa6b1129ce818851011a744654ab835d442a941Demanzo Matrimony version 1.5 suffers from a cross site request forgery vulnerability.
c2a33509f8883dcf1f2ae08d42ca66d38206eab01de95c4a70d09567f1f9a8c8Argon Dashboard version 1.1.2 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
41ac7244afbc07f2bdb745bacbb7538460b258fae825f0a9603eab69ca731aecUbuntu Security Notice 5879-1 - Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
46a1d05bd627a0c52a047b461aeac8ecd3fd54aa2c39e2976eea7e3dd05405ecUbuntu Security Notice 5878-1 - It was discovered that the Bluetooth HCI implementation in the Linux kernel did not properly deallocate memory in some situations. An attacker could possibly use this cause a denial of service. It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform bounds checking in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service or possibly execute arbitrary code.
384afda04827d52900d14bf80b4c4a2ee7bfd0452c20b884f2f53db9688ff932Ubuntu Security Notice 5778-2 - USN-5778-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Jan-Niklas Sohn discovered that X.Org X Server extensions contained multiple security issues. An attacker could possibly use these issues to cause the X Server to crash, execute arbitrary code, or escalate privileges.
e7ba5ef83a008cc8bccee7f12c84a4c8a116777a1cd83f5f98694a7c068efe9eUbuntu Security Notice 5873-1 - It was discovered that Go Text incorrectly handled certain encodings. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. It was discovered that Go Text incorrectly handled certain BCP 47 language tags. An attacker could possibly use this issue to cause a denial of service. CVE-2020-28851, CVE-2020-28852, and CVE-2021-38561 affected only Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
3ae52f8c8eeaf1c15d2f6b8350abdc0b916787aac75c18c7126b2a401ff03055Red Hat Security Advisory 2023-0795-01 - Submariner 0.13.3 packages that fix various bugs and add various enhancements that are now available for Red Hat Advanced Cluster Management for Kubernetes version 2.6.
d0df3d60edf0f020e30b5d8cc99b6c21c32506dcb40c5b31b57b746030e0fb43Red Hat Security Advisory 2023-0794-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.4 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs.
b3f7dff17d2c1b34b87e26fcbdb2d8609daa0dcdc11f67cc5739af9ecf40a1e6Ubuntu Security Notice 5877-1 - Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
60a168e72bbcb1ae61635c658a3f3c2f300ae26432cfabaec68e0b15e8a78a6bUbuntu Security Notice 5874-1 - It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform bounds checking in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service or possibly execute arbitrary code. It was discovered that a use-after-free vulnerability existed in the Bluetooth stack in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
6d9f1fe0deb01df63942e808c4bb1eba061aca23dfd2703c1120d4fe167df272Ubuntu Security Notice 5876-1 - It was discovered that a memory leak existed in the Unix domain socket implementation of the Linux kernel. A local attacker could use this to cause a denial of service. It was discovered that the Bluetooth HCI implementation in the Linux kernel did not properly deallocate memory in some situations. An attacker could possibly use this cause a denial of service.
760562465c198277a92ead486e6afad6b65783f51e912a299c15763afe0b30f3Ubuntu Security Notice 5875-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
5144aea7e759431b262bdae7951064a9252ab627cb36ca751f44cd28c8f90188Debian Linux Security Advisory 5350-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure or spoofing.
c3d354e3e29299851841adde233b8f00835b92a77d8a6d93936ca8c508194f28Red Hat Security Advisory 2023-0698-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.52.
c0dd513b503649e92498d15dcdfb12b1a95f94bbc68a63f30f82f0a0cdfdc6d6Red Hat Security Advisory 2023-0697-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.52. Issues addressed include code execution and deserialization vulnerabilities.
df5b4cc4ac35dbe42baecb8d5d001dac55e6bc34de336d28c49c28f68ec05f9bRed Hat Security Advisory 2023-0633-01 - Logging Subsystem 5.5.7 - Red Hat OpenShift.
361215b358f498b51d78ba1a21fe78b246e95380b533e350a0ddf3f5d09e49f2Red Hat Security Advisory 2023-0786-01 - Network observability is an OpenShift operator that provides a monitoring pipeline to collect and enrich network flows that are produced by the Network observability eBPF agent. The operator provides dashboards, metrics, and keeps flows accessible in a queryable log store, Grafana Loki. When a FlowCollector is deployed, new dashboards are available in the Console.
013e0d112d12163306ab5fd48c064c86a91e50c0e5cba35318befef6de74f4c3Atrocore version 1.5.25 suffers from a remote shell upload vulnerability.
1e120e6e4db83718cdc98419e2f3e0b8b3116132deeeaf1795649de6a0137546Debian Linux Security Advisory 5349-1 - Hubert Kario discovered a timing side channel in the RSA decryption implementation of the GNU TLS library.
529cabf89a74ffee339c76aaa209fcc4e84d4aa2cdcce805499cec41c0385567B&R Systems Diagnostics Manager versions above or equal to 3.00 and below or equal to C4.93 suffer from a cross site scripting vulnerability.
73c092297c794cf9f02f7442ef627100dbeb5b3e8758091b6d6bf2c262200495
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed