Red Hat Security Advisory 2024-2820-03 - An update for varnish is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a denial of service vulnerability.
7c390b54da0eca65e2b0663efdcf83e2ef3a714b13ba783f9605f2507f6564b5Red Hat Security Advisory 2024-2817-03 - An update is now available for Red Hat OpenShift GitOps v1.10.5 for Argo CD UI and Console Plugin. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section.
5fce456a49aae23326971a5dc5d1b6f6787c2fbe0337f175c0e28b439bce0a90Red Hat Security Advisory 2024-2816-03 - An update is now available for Red Hat OpenShift GitOps v1.12.2 for Argo CD UI and Console Plugin. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section.
2fa82a942dce95cbb513c3cf36904fe9b5c32c8666f3c99124b2530f409d5f89Red Hat Security Advisory 2024-2815-03 - An update is now available for Red Hat OpenShift GitOps v1.11.4 for Argo CD UI and Console Plugin. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section.
e257c2473fdc2c975650cc94f9b18c0bcf3f118ddcb9feb68d8d3ffb3342ec84In mmu_insert_pages_no_flush(), when a HUGE_HEAD page is mapped to a 2M aligned GPU address, this is done by creating an Address Translation Entry (ATE) at MIDGARD_MMU_LEVEL(2) (in other words, an ATE covering 2M of memory is created). This is wrong because it assumes that at least 2M of memory should be mapped. mmu_insert_pages_no_flush() can be called in cases where less than that should be mapped, for example when creating a short alias of a big native allocation. Later, when kbase_mmu_teardown_pgd_pages() tries to tear down this region, it will detect that unmapping a subsection of a 2M ATE is not possible and write a log message complaining about this, but then proceed as if everything was fine while leaving the ATE intact. This means the higher-level code will proceed to free the referenced physical memory while the ATE still points to it.
02b7002e9ef87f42111b8b994ec26a71eab28f5f71c23d3899c25a6cc7a85c92Ubuntu Security Notice 6770-1 - USN-6729-1 fixed vulnerabilities in Apache HTTP Server. The update lead to the discovery of a regression in Fossil with regards to the handling of POST requests that do not have a Content-Length field set. This update fixes the problem.
a4fb9bd60541be12414572b8883d63af81dffb2f970ccd3933000f3825d55d7bUbuntu Security Notice 6769-1 - Le Dinh Hai discovered that Spreadsheet::ParseXLSX did not properly manage memory during cell merge operations. An attacker could possibly use this issue to consume large amounts of memory, resulting in a denial of service condition. An Pham discovered that Spreadsheet::ParseXLSX allowed the processing of external entities in a default configuration. An attacker could possibly use this vulnerability to execute an XML External Entity injection attack.
b0c95273985fab3c02ea47c5dc841b05185880b65367e868f76f9f8ed2ee7baeRed Hat Security Advisory 2024-2799-03 - An update for glibc is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include buffer overflow, code execution, null pointer, and out of bounds write vulnerabilities.
d1c62205e31a19b6a06b2950581fef57fd88cb7a18a9adff63e8fa2093c023b3Red Hat Security Advisory 2024-2793-03 - An update for the nodejs:16 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a denial of service vulnerability.
a3c959cda2272d1b957b70f3bc3319c0303855717500a9af40b0d9341f22fe20Red Hat Security Advisory 2024-2705-03 - An update is now available for Red Hat build of Quarkus.
b619954fda9cdcb26ce1c35c364ce72e7484522c6f589c8c45b327d466ecd61eRed Hat Security Advisory 2024-2672-03 - Red Hat OpenShift Container Platform release 4.14.24 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include code execution and denial of service vulnerabilities.
5fa8457a19b5b243128fcb9743bf261c483b823073a0aa4ec2490d15f36b6ddcRed Hat Security Advisory 2024-2671-03 - Red Hat build of MicroShift release 4.14.24 is now available with updates to packages and images that fix several bugs. Issues addressed include a denial of service vulnerability.
f9b1c9755123a9386ffae9979f9008b7d0e9bd3ffc22bc7048e9d16b1002cef8Red Hat Security Advisory 2024-2669-03 - Red Hat OpenShift Container Platform release 4.15.12 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a code execution vulnerability.
ce85abc8301a0b2ee381b9b111a9cdcb5fc16cbeb823dc4ca6a996a4f5d1f0d3Red Hat Security Advisory 2024-2668-03 - Red Hat OpenShift Container Platform release 4.14.24 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.
d5f428537221e62d3d650d0f8c2479aec72d684d2d877cbfc3194e504613303bRed Hat Security Advisory 2024-2667-03 - Red Hat build of MicroShift release 4.15.12 is now available with updates to packages and images that include a security update.
98b5d207f7c39e2028391a82ecabfeec21dbba051445808302de34547798e61dRed Hat Security Advisory 2024-2666-03 - Red Hat OpenShift Container Platform release 4.14.24 is now available with updates to packages and images that fix several bugs.
9d512b27e95a2839adf3d29f7257ff3e047f9aa0776faca6349b1a779c583cdaRed Hat Security Advisory 2024-2664-03 - Red Hat OpenShift Container Platform release 4.15.12 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.
93de817f473214e77882293747f302b7ea59170cb97f70fee297cd46bcfb98bcOpenmediavault versions prior to 7.0.32 have a vulnerability that occurs when users in the web-admin group enter commands on the crontab by selecting the root shell. As a result of exploiting the vulnerability, authenticated web-admin users can run commands with root privileges and receive reverse shell connections.
f54e108c3e072e69c000f9759d386e86aae92493e17fbe4348a5bdd7b5278328RIOT versions 2024.01 and below suffers from multiple buffer overflows, ineffective size checks, and out-of-bounds memory access vulnerabilities.
43c245ca872e84173b6225084f324209f789f4e49b0b9c392d621feab1e1de58I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.
4bc7e59ee0036389a0f76fc76b2303eeae62bf6eaaf608c9939226febf9ddeaeThe Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. This is the cross platform package.
05d3932a1affb0ab7987664677134709982ca3837a0b0f0e16f9aeb391933341AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.
16662dc632d17e2c5630b801752f97912a8e22697c065ebde175f1cc37b83a60The Security Explorations team has come up with two attack scenarios that make it possible to extract private ECC keys used by a PlayReady client (Windows SW DRM scenario) for the communication with a license server and identity purposes. Proof of concept included.
c2dc2010ee36581d568d891c24ac2a0dfd8b8a87de8de3d72f1072bb1e38964aPanel Amadey.d.c malware suffers from cross site scripting vulnerabilities.
56d2e699a952bda76c68e9e01f6c3048db2c4af020ac1ac6adda3f4b9c409042Clinic Queuing System version 1.0 suffers from a remote code execution vulnerability.
23c5d126d6744f4ca5ca7cb92f2a3a88c17df81ab9f24fd93329abb2706e0378
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed