Red Hat Security Advisory 2021-0872-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.6 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include bypass and information leakage vulnerabilities.
092c2a41d2ff22c35f89bfa7f90744bf559cc3a1e3087742fb8107a9906c0fffRed Hat Security Advisory 2021-0856-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, denial of service, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
848127b0ce6b0e3e3f3e313979c52ece03f0429de6169b74b851dff3a01ddcdaRed Hat Security Advisory 2021-0874-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.6 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include bypass and information leakage vulnerabilities.
7057f1aa47b78a2be4ceae5d05985366a1ffbdc077ba39f988cbf10582eb6a40Red Hat Security Advisory 2021-0862-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.
688615d8f7804efc14b56620f418150b23675228da2b445c0a1ffdcbe74b0769Red Hat Security Advisory 2021-0885-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.6 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include bypass and information leakage vulnerabilities.
fa8005447bcf4f68bf4adcf5cf81b2249271d8d87d161e0ec0e9495ea67aadc8Red Hat Security Advisory 2021-0871-01 - MongoDB is a higly-scalable document database. The Debezium MongoDB connector includes Java driver to access a MongoDB database.
7639de83e85b757570e0c4bf38efcc0fecb18a15173dbde2296253195f79c108Ubuntu Security Notice 4880-1 - It was discovered that OpenJPEG incorrectly handled certain image data. An attacker could use this issue to cause OpenJPEG to crash, leading to a denial of service, or possibly execute arbitrary code.
da23875d59947776698a5721625f3bfbf56d82cafbf129c1314d5d2a6a59f4e0Ubuntu Security Notice 4879-1 - It was discovered that the Marvell WiFi-Ex device driver in the Linux kernel did not properly validate ad-hoc SSIDs. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Loris Reiff discovered that the BPF implementation in the Linux kernel did not properly validate attributes in the getsockopt BPF hook. A local attacker could possibly use this to cause a denial of service. Various other issues were also addressed.
11133301a24779f9f00fc76f4d8a427a2f942a2664c2099bd2170fa27ce298d7Ubuntu Security Notice 4878-1 - It was discovered that the Marvell WiFi-Ex device driver in the Linux kernel did not properly validate ad-hoc SSIDs. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Ryota Shiga discovered that the sockopt BPF hooks in the Linux kernel could allow a user space program to probe for valid kernel addresses. A local attacker could use this to ease exploitation of another kernel vulnerability. Various other issues were also addressed.
df5ccf6b30eb1254c2f01c301d72cd7482fb7ffb88f401f19a6a70416eccfa20Red Hat Security Advisory 2021-0848-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.
7b4e1980cc8b9f9ac466017ab7b8a6f25685984c2b3e167d5e889a9160d6119eUbuntu Security Notice 4877-1 - It was discovered that the Marvell WiFi-Ex device driver in the Linux kernel did not properly validate ad-hoc SSIDs. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. 吴异 discovered that the NFS implementation in the Linux kernel did not properly prevent access outside of an NFS export that is a subdirectory of a file system. An attacker could possibly use this to bypass NFS access restrictions. Various other issues were also addressed.
bf702878d4fedd9a8fe918e548160de8ead68fc9d18a9edf1f4136790883d8f3Ubuntu Security Notice 4876-1 - Olivier Benjamin and Pawel Wieczorkiewicz discovered a race condition the Xen paravirt block backend in the Linux kernel, leading to a use-after-free vulnerability. An attacker in a guest VM could use this to cause a denial of service in the host OS. It was discovered that the Marvell WiFi-Ex device driver in the Linux kernel did not properly validate ad-hoc SSIDs. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
b36c8cff2593853a43cf7d61e021f4d82031dfd7518050e64ed110490d8735e4SolarWinds TFTP Server version 11.0.4.101 suffers from a remote unauthenticated reconfiguration vulnerability that could result in code execution.
875755fa3670a1f2faa0470381eb4d5fe1671e54c578c762aea9a129387550d8Ubuntu Security Notice 4764-1 - It was discovered that GLib incorrectly handled certain symlinks when replacing files. If a user or automated system were tricked into extracting a specially crafted file with File Roller, a remote attacker could possibly create files outside of the intended directory.
b0ccfade8f7e573c633257ecf3509299a30824c5a44eca29c99428787a74ddadRed Hat Security Advisory 2021-0831-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and resource exhaustion vulnerabilities.
25d3e57d2845cf5488b4703b2b853c820eb07cf58ec4ce84a009df10dfab0482Red Hat Security Advisory 2021-0830-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and resource exhaustion vulnerabilities.
27d899951c6c14385d19692ac6e48d9c4933fa240c1a19dfa60300ad5ab53730Red Hat Security Advisory 2021-0827-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and resource exhaustion vulnerabilities.
f0ff3d98decc47c338c1b5dfa65168492b861a779911836e4fb4507459f154d6Red Hat Security Advisory 2021-0835-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include denial of service and memory leak vulnerabilities.
304970ae256724244361ab4dc611cc2b38bc271d4307722cf8f07919b3e8ebe8Red Hat Security Advisory 2021-0837-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include denial of service and memory leak vulnerabilities.
b5c6b91d0c637851865f865ab0ca94947144cf03edf73377b5861526d1b52e75Red Hat Security Advisory 2021-0834-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include denial of service and memory leak vulnerabilities.
d36505e7937c648ec63520c804d19eb9a78a730a831faea43ad730a967acb547Red Hat Security Advisory 2021-0819-01 - The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System. Issues addressed include a cross site scripting vulnerability.
3a6df49c606e8008277cfea73c1b1c3c519b1785cc498b544feed6c0bc29fdabRed Hat Security Advisory 2021-0818-01 - The wpa_supplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2, and various EAP authentication methods. They implement key negotiation with a WPA Authenticator for client stations and controls the roaming and IEEE 802.11 authentication and association of the WLAN driver. Issues addressed include a use-after-free vulnerability.
c30e5aa277c9f105258170b5d51379fd45c1f94d513a6a11a19c7e5567ed1676Red Hat Security Advisory 2021-0816-01 - The wpa_supplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2, and various EAP authentication methods. They implement key negotiation with a WPA Authenticator for client stations and controls the roaming and IEEE 802.11 authentication and association of the WLAN driver. Issues addressed include a use-after-free vulnerability.
5c28ad699b1c198f038027677bd426acdac446f81d836ed8b9e26a2687ece362Ubuntu Security Notice 4754-3 - USN-4754-1 fixed vulnerabilities in Python. This update provides the corresponding updates for Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. In the case of Python 2.7 for 20.04 ESM, these additional fixes are included: It was discovered that Python allowed remote attackers to cause a denial of service via a ZIP bomb. It was discovered that Python had potentially misleading information about whether sorting occurs. This fix updates the documentation about it. Various other issues were also addressed.
6c0e7ce6beab30b21a9bdb915fb21f53cfb96f785e275b6012bfe9f6b58e015fRed Hat Security Advisory 2021-0811-01 - This release of Red Hat Integration - Camel K - Tech-Preview 3 serves as a replacement for tech-preview 2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include XML injection and man-in-the-middle vulnerabilities.
c28667fc0da99f8d9f7d95ddffa82106e756d05bf694491cc1ef1780fba154b5
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed