Red Hat Security Advisory 2021-0190-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. The compliance-operator image updates are now available for OpenShift Container Platform 4.6. Issues addressed include denial of service and integer overflow vulnerabilities.
96a38cbe71e29f1997771d559de00117Red Hat Security Advisory 2021-0187-01 - Red Hat OpenShift Virtualization release 2.5.3 is now available with updates to packages and images that fix several bugs and security issues. Issues addressed include denial of service and integer overflow vulnerabilities.
71e332f6b7aaa0f28e21d8007bda0622Red Hat Security Advisory 2021-0167-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include bypass and improper authorization vulnerabilities.
fc2fca1f9e82b5f8b63439452112f790Red Hat Security Advisory 2021-0166-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include buffer overflow, bypass, and improper authorization vulnerabilities.
bbae33c6b6094c01ebd773f54ffbb80bRed Hat Security Advisory 2021-0038-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include XML injection and information leakage vulnerabilities.
236c49bfa78dd588d2c15735481a44c7IBM Spectrum LSF versions 10.1 and 10.2 suffer from hardcoded eauth key and eauth key exposure vulnerabilities.
65c67bbfe71af2731bd4de95c90a4a57Red Hat Security Advisory 2021-0162-01 - XStream is a Java XML serialization library to serialize objects to and deserialize object from XML. Issues addressed include code execution and deserialization vulnerabilities.
d9296480dea43fdb2055da43de4742beRed Hat Security Advisory 2021-0164-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include bypass and improper authorization vulnerabilities.
5e70b2fefa51825ab0f354bc031e4ac1Red Hat Security Advisory 2021-0146-01 - Red Hat OpenShift Serverless 1.12.0 is a generally available release of the OpenShift Serverless Operator. This version of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform version 4.6, and includes security and bug fixes and enhancements. For more information, see the documentation listed in the References section. Issues addressed include code execution and cross site scripting vulnerabilities.
9dba7e8106d51a5107b866a1127bc064Online Hotel Reservation System version 1.0 suffers from multiple remote SQL injection vulnerabilities. Original discovery of SQL injection in this version was discovered by Richard Jones in January of 2021.
3aad311d35f1aea7bf29d2b04f9dd2a0Red Hat Security Advisory 2021-0145-01 - Red Hat OpenShift Serverless Client kn CLI is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms. Red Hat OpenShift Serverless Client kn 1.12.0 provides a CLI to interact with Red Hat OpenShift Serverless 1.12.0, and includes security and bug fixes and enhancements. For more information, see the release notes listed in the References section. Issues addressed include code execution and cross site scripting vulnerabilities.
84bd3c7609f304afda32dcf7e6933684Red Hat Security Advisory 2021-0106-01 - Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model & Notation execution, and Business Optimizer for solving planning problems. It automates business decisions and makes that logic available to the entire business. This release of Red Hat Decision Manager 7.9.1 serves as an update to Red Hat Decision Manager 7.9.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and deserialization vulnerabilities.
00cac4a6608b0577aae4612828d12d01Red Hat Security Advisory 2021-0105-01 - Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services. This release of Red Hat Process Automation Manager 7.9.1 serves as an update to Red Hat Process Automation Manager 7.9.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and deserialization vulnerabilities.
d181ff8a0b578471ad111710d32accbdGentoo Linux Security Advisory 202101-10 - Multiple vulnerabilities have been found in Asterisk, the worst of which could result in a Denial of Service condition. Versions less than 13.38.1 are affected.
b4165fb7207bb11390f126c273aec56aflatCore CMS versions prior to 2.0.0 build 139 suffer from cross site scripting, file disclosure, and remote SQL injection vulnerabilities.
1fa6af99aeb588403f58ee25830613f4Pepperl+Fuchs IO-Link Master Series with system version 1.36 and application version 1.5.28 suffers from command injection, cross site request forgery, cross site scripting, denial of service, and null pointer vulnerabilities.
aa2d5c40642dad8f8d6fe9a2f9666788Gentoo Linux Security Advisory 202101-9 - Multiple vulnerabilities have been found in VirtualBox, the worst of which could allow an attacker to take control of VirtualBox. Versions prior to 6.1.12 are affected.
252115a5279461dc614c738aefe07245FiberHome HG6245D routers suffer from bypass, hard-coded credentials, password disclosure, privilege escalation, denial of service, remote stack overflow, and additional vulnerabilities. suffers from bypass, cross site scripting, denial of service, and privilege escalation vulnerabilities.
64f5abcb1d25b607eec98356b1ed6c6eWhitepaper called Practical Insight into Injections. This document describes the meaning, working, implementation, and impact of injection vulnerabilities.
03c734fe0bc100e2234162e8efb3ea3bUbuntu Security Notice 4689-2 - USN-4689-1 fixed vulnerabilities in the NVIDIA graphics drivers. This update provides the corresponding updates for the NVIDIA Linux DKMS kernel modules. It was discovered that the NVIDIA GPU display driver for the Linux kernel contained a vulnerability that allowed user-mode clients to access legacy privileged APIs. A local attacker could use this to cause a denial of service or escalate privileges. Various other issues were also addressed.
5400659ba37710eaa6b249f1d24c9de7Ubuntu Security Notice 4649-2 - USN-4649-1 fixed vulnerabilities in xdg-utils. That update caused a regression by removing the --attach functionality in thunderbird and others applications. This update fix the problem by reverting these changes. Jens Mueller discovered that xdg-utils incorrectly handled certain URI. An attacker could possibly use this issue to expose sensitive information. Various other issues were also addressed.
e3181c84ebf88124fc8440988b2185acCemetery Mapping and Information System version 1.0 suffers from multiple remote SQL injection vulnerabilities.
13b51c2660d3b63bd96411a4b133e165Gentoo Linux Security Advisory 202101-8 - Multiple vulnerabilities have been found in Pillow, the worst of which could result in a Denial of Service condition. Versions less than 8.1.0 are affected.
10a03ba321505f8f440a2d98f3727dc4Gentoo Linux Security Advisory 202101-7 - Multiple vulnerabilities have been found in NodeJS, the worst of which could result in the arbitrary execution of code. Versions less than 15.5.1 are affected.
8b174981332595ec9347b63b26850dc4Red Hat Security Advisory 2021-0050-01 - This release of Red Hat Quay v3.3.3 includes: Security Update: quay: persistent XSS in repository notification display quay: email notifications authorization bypass. Issues addressed include bypass and cross site scripting vulnerabilities.
e773185f896a2e376e6f5315784e7699
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed