Red Hat Security Advisory 2022-7968-01 - The virt-v2v package provides a tool for converting virtual machines to use the KVM hypervisor or Red Hat Enterprise Virtualization. The tool modifies both the virtual machine image and its associated libvirt metadata. Also, virt-v2v can configure a guest to use VirtIO drivers if possible. Issues addressed include buffer overflow and denial of service vulnerabilities.
b7cd001e5f7b083db5a469bed276d85dfc4d2550a9b0e96ca6295a6178e1e8d0Red Hat Security Advisory 2022-8317-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Issues addressed include information leakage and null pointer vulnerabilities.
cd1bc6027226f05da07f40a32ff1908d1c9ee1aec1a503fd557af6396135efd0Red Hat Security Advisory 2022-8263-01 - The dpdk packages provide the Data Plane Development Kit, which is a set of libraries and drivers for fast packet processing in the user space. Issues addressed include denial of service and out of bounds read vulnerabilities.
44970a98181296f192961bdf444c43e4624958dfda3724d4b107b3bf9523b0c1Red Hat Security Advisory 2022-8252-01 - Yet Another JSON Library is a small event-driven JSON parser written in ANSI C, and a small validating JSON generator. Issues addressed include buffer overflow and integer overflow vulnerabilities.
0bcdfb92846cfcf77814dcf4f9061a96ce811bab3fe1108eed358c6a62810300Debian Linux Security Advisory 5279-1 - Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform SQL injection, create open redirects, bypass authorization access, or perform Cross-Site Request Forgery (CSRF) or Cross-Site Scripting (XSS) attacks.
341ee59a0eda06f9f4d0a55d3d0dcfde3def67460f959fbb244cede42273627dSimmeth System GmbH Supplier Manager (Lieferantenmanager) versions prior to 5.6 suffer from authentication bypass, code execution, cross site scripting, information leakage, remote SQL injection, and various other vulnerabilities.
6eddce047a1f5ab31ff59fc32cdd934d9a0dbd6474090fe26968d79a7d77daf2Apple Security Advisory 2022-11-09-2 - macOS Ventura 13.0.1 addresses code execution and integer overflow vulnerabilities.
10c454d0b0b5904ed0e2f71ab984574a625e84a942a9a8406aa6c1ec8f046856Apple Security Advisory 2022-11-09-1 - iOS 16.1.1 and iPadOS 16.1.1 addresses code execution and integer overflow vulnerabilities.
991b1f0f1c1f623df67f682fb82885b28002056c66e1c73a9fcc14f5d20a12adRed Hat Security Advisory 2022-7959-01 - guestfs-tools is a set of tools that can be used to make batch configuration changes to guests, get disk used/free statistics, perform backups and guest clones, change registry/UUID/hostname info, build guests from scratch, and much more. Issues addressed include buffer overflow and denial of service vulnerabilities.
84f717188daaafb47b18fa949c32a7a99c52fdbbdf226cfa0825865958b6de45Red Hat Security Advisory 2022-7933-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include code execution, denial of service, double free, information leakage, null pointer, out of bounds access, out of bounds write, privilege escalation, and use-after-free vulnerabilities.
c7306cb3e2d21e76d1cf923d8e8152b52d296914c9dd94bd60e420cd01196ce6Red Hat Security Advisory 2022-7967-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include buffer overflow, bypass, null pointer, and use-after-free vulnerabilities.
e5b756fa88106520e91abca563e807d16bb838880fef65956bfd26e61dc8090aRed Hat Security Advisory 2022-8067-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include buffer overflow, denial of service, information leakage, and out of bounds read vulnerabilities.
2f618becfdbbdda2556b415befb2c2a04d6da08d80af82b7ba968654a528f6ebRed Hat Security Advisory 2022-8057-01 - Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Issues addressed include cross site request forgery, cross site scripting, denial of service, information leakage, and privilege escalation vulnerabilities.
3ee16e49a8baf9378c63381be5115444e228ecd6a3b4ae465fcf1331c83fb783Red Hat Security Advisory 2022-7978-01 - The GIMP is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. Issues addressed include buffer overflow and denial of service vulnerabilities.
0cad81a9b47443baa13c3b5e3f9bfec69f48f60f6c5914d4c05fd446d550e73bRed Hat Security Advisory 2022-8353-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include information leakage and open redirection vulnerabilities.
625ea5260bb99c4f63602364f0a05f4244de78b2f36f0c62be4b3fe80c971b0aRed Hat Security Advisory 2022-7927-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.
7384ac3b3b5d832368e91e5dd923b8a0880dc37fd564939c9df7d8452b48fa06Ubuntu Security Notice 5709-2 - USN-5709-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. It was discovered that Firefox saved usernames to a plaintext file. A local user could potentially exploit this to obtain sensitive information.
78a1782c9b02a2022d8dfc81b40f7f4ee6fd0c0698f8deb2716e192bad53d89cThe Windows kernel suffers from multiple memory corruption vulnerabilities when operating on very long registry paths.
98287a2f682dd844bcaa8bbc51f70cb0d694e997a42fcb83f27b010fb379d61dRed Hat Security Advisory 2022-7885-01 - The kpatch management tool provides a kernel patching infrastructure which allows you to patch a running kernel without rebooting or restarting any processes. Issues addressed include privilege escalation and use-after-free vulnerabilities.
aef1695871f9f258a003e2fba336a94aebd79101e648bbf3f15cace94f86a2f2Red Hat Security Advisory 2022-7457-01 - The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Issues addressed include information leakage and memory exhaustion vulnerabilities.
72c93ef5fad8294ebe3afa3b48f3853ab0bb3fb7dd60c2174498a5cadd63ae36Red Hat Security Advisory 2022-7830-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling and bypass vulnerabilities.
521e03457dbbddaa7a91532e37ddb7f212b176aabf6c09459f5e9f6fcf378b3fRed Hat Security Advisory 2022-7585-01 - The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Issues addressed include buffer overflow, denial of service, and out of bounds read vulnerabilities.
25f6d94f3b4fc5b534d5f2160de4177e6502b7deab41b95ad495a93eacbfc296Red Hat Security Advisory 2022-7811-01 - Expat is a C library for parsing XML documents. The mingw-expat packages provide a port of the Expat library for MinGW. Issues addressed include code execution and integer overflow vulnerabilities.
40e1bd82a4029a9b397c129156f6c862515c76db9d799f06c1e3ed5dd189a0fbRed Hat Security Advisory 2022-7643-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include denial of service and memory leak vulnerabilities.
01fdfd6a4cd4658b392e7e4a20915942c048929da9e55173dbe65de94ce6943aRed Hat Security Advisory 2022-7529-01 - The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Issues addressed include denial of service and memory exhaustion vulnerabilities.
86d402cba3309d240b303fd054f614420e400a922614407e5d24ebed38d6c057
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed