Red Hat Security Advisory 2022-5002-01 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include buffer overflow, integer overflow, and memory leak vulnerabilities.
2983ba7cf11771cc4240c259323e46ae436b2ab42afcb9b2c8ea0d827283614bRed Hat Security Advisory 2022-5003-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers the RPM packages for the release.
3e89f1b575c71b638c4fb2fb2ecb01028ffb26b3c3b4e8ddeef4458d8372083aUbuntu Security Notice 5477-1 - Hosein Askari discovered that ncurses was incorrectly performing memory management operations when dealing with long filenames while writing structures into the file system. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Chung-Yi Lin discovered that ncurses was incorrectly handling access to invalid memory areas when parsing terminfo or termcap entries where the use-name had invalid syntax. An attacker could possibly use this issue to cause a denial of service.
c875ea9f5728bc60c9bfeafd7fc67e19e834562f07e2806fd5a78bbedbb3d9b6JM-DATA ONU JF511-TV versions 1.0.67, 1.0.62, and 1.0.55 suffer from cross site request forgery, persistent cross site scripting, default credential, and open redirection vulnerabilities.
c51066c0cb9048b02b75497475a4a15013a17f7c6f79b27527c10c72ae1fc0c9Ubuntu Security Notice 5359-2 - USN-5359-1 fixed vulnerabilities in rsync. This update provides the corresponding updates for Ubuntu 16.04 ESM. Danilo Ramos discovered that rsync incorrectly handled memory when performing certain zlib deflating operations. An attacker could use this issue to cause rsync to crash, resulting in a denial of service, or possibly execute arbitrary code.
d598fe40f6e80822775af53ae652f3504feab33a774d0d23006ea4af72d76767Red Hat Security Advisory 2022-5006-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers the RPM packages for the release. Issues addressed include a traversal vulnerability.
6f6ba67471416e8a7e06343894cacbc3dcadc86799322067063a37ae1ba3d122Red Hat Security Advisory 2022-4943-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.18. Issues addressed include a memory exhaustion vulnerability.
5beb32e5d2b3fe3591e3b9ef969aaef64993ae76d0f7aa26624906b261f5a33dChurchCRM version 4.4.5 suffers from a remote SQL injection vulnerability.
c6734b9cfce832dff774c0d27700820ddbb3e687bf6c1a7e71caa63a84f2a804When analyzing the USB drive Verbatim Keypad Secure version 3.2 Gen 1 Drive, Matthias Deeg found out that the validation of the firmware for the USB-to-SATA bridge controller INIC-3637EN only consists of a simple CRC-16 check (XMODEM CRC-16). Thus, an attacker is able to store malicious firmware code for the INIC-3637EN with a correct checksum on the used SPI flash memory chip (XT25F01D), which then gets successfully executed by the USB-to-SATA bridge controller.
52c1bd34c6801f46e1bba55d25c92e6597c84cbd41ec64b03d514cd0fa54e98fWhen analyzing the USB drive Verbatim Keypad Secure version 3.2 Gen 1 Drive, Matthias Deeg found out it uses an insecure design which allows for offline brute-force attacks against the passcode.
3ed883a011f776ec342336cc3c9cfdade67dfbd44f04b20239f15f16a6dc912eVirtua Software Cobranca version 12S suffers from a remote SQL injection vulnerability.
451af05616adb2f4e7f6a071816004b939ceca036e52782e458abe982da70f3eWarehouse Management System 2022 suffers from a remote SQL injection vulnerability.
ba8d69338bfb98affcf9b2b826f5a13d10b10c889a8f1b0d03444c2d61650a68Ubuntu Security Notice 5475-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, spoof the browser UI, conduct cross-site scripting attacks, bypass content security policy restrictions, or execute arbitrary code.
bca38467c0fb77530533f649645a7dd5ce5d57ec086d37e4da86b8a23323098fRed Hat Security Advisory 2022-4991-01 - XZ Utils is an integrated collection of user-space file compression utilities based on the Lempel-Ziv-Markov chain algorithm, which performs lossless data compression. The algorithm provides a high compression ratio while keeping the decompression time short.
9d00225250128df40caf7c64569714950fc878a8c5925c5151590b4f810fae82Marval MSM version 14.19.0.12476 suffers from a cross site request forgery vulnerability.
aecc677dbeadf1e311ca918427b11abd363470e74f04e5d771a7638543fba47cKitty version 0.76.0.8 suffers from a buffer overflow vulnerability.
3e2bfa45aa4308b003d19647b041b8d31a6ee476ab638d84af244829934d5f7cRed Hat Security Advisory 2022-4992-01 - XZ Utils is an integrated collection of user-space file compression utilities based on the Lempel-Ziv-Markov chain algorithm, which performs lossless data compression. The algorithm provides a high compression ratio while keeping the decompression time short.
9e7b2e686f6cdd2ce38dd2b53ae2d3a5844eaf6b4e94ac90063f44bfc0fd485eRed Hat Security Advisory 2022-4993-01 - XZ Utils is an integrated collection of user-space file compression utilities based on the Lempel-Ziv-Markov chain algorithm, which performs lossless data compression. The algorithm provides a high compression ratio while keeping the decompression time short.
d573ed52571004ea746f160238da38d1e708692d8109edb632271ffd8f1c25e1Red Hat Security Advisory 2022-4994-01 - XZ Utils is an integrated collection of user-space file compression utilities based on the Lempel-Ziv-Markov chain algorithm, which performs lossless data compression. The algorithm provides a high compression ratio while keeping the decompression time short.
943cf0385edcffea57d49b8120ed323b70152d44ba6be1ff0e36f706b034bdc2Marval MSM version 14.19.0.12476 suffers from a remote code execution vulnerability.
24316b7779883d5d8d50e2cb1ecce4deee3f5d5a6946a039d5aca7dd24c9a076Red Hat Security Advisory 2022-5026-01 - This advisory contains the following OpenShift Virtualization 4.10.2 images: RHEL-8-CNV-4.10. Issues addressed include a denial of service vulnerability.
41b95bc371b6b9bc8ef2aa305c9a7bc03b087f8fa56631b33599071bd61b2e0fRed Hat Security Advisory 2022-4972-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.9.38. Issues addressed include a memory exhaustion vulnerability.
efa79bc1b49d73dd3e5955fb43db1f88e0145546785c570cf0a7e022abe2e5aeUbuntu Security Notice 5478-1 - Christian Moch and Michael Gruhn discovered that the libblkid library of util-linux did not properly manage memory under certain circumstances. A local attacker could possibly use this issue to cause denial of service by consuming all memory through a specially crafted MSDOS partition table.
5a54b6488a4e7a4756ee9c577a2f2d734c2a0ad86f68ecb35cba6166223e6d3bRed Hat Security Advisory 2022-5030-01 - This release of Red Hat Fuse 7.10.2.P1 serves as a replacement for Red Hat Fuse 7.10 and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References.
abcde1f3d36975f7f8bdfd4e6b4179cf61957dccaa808b87f720819da36699e1Infiray IRAY-A8Z3 thermal camera version 1.0.957 suffers from hardcoded web credential, authenticated remote code execution, buffer overflow, lack of password for root, and outdated software component vulnerabilities.
9d819d8481e8887a675b01f13926006193f4ee62a19071ae5db1494a8550bcb0
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed