Debian Linux Security Advisory 5665-1 - Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine.
f71a2704a09d499ccfe3d1492004ddcb7f2429e9761b62b167df8ac3625763b8Ubuntu Security Notice 6729-2 - USN-6729-1 fixed several vulnerabilities in Apache. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Orange Tsai discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly use this issue to perform HTTP request splitting attacks.
48e8f6ab38e454ffe37a65ae74aa96cb5b3942a28276a0cc0f3a974d4716ae83Red Hat Security Advisory 2024-1883-03 - An update for shim is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include buffer overflow, bypass, integer overflow, and out of bounds read vulnerabilities.
c1ea6025a858fac3737458660132784a8297331282060c087e38da04b57eae15Red Hat Security Advisory 2024-1881-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include null pointer and use-after-free vulnerabilities.
acea5cb9cd1b6c350fd4c7a2ed9b9beb19ec417f14f50e1f89fe7aea71333885Red Hat Security Advisory 2024-1880-03 - An update for the nodejs:18 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include denial of service and privilege escalation vulnerabilities.
c8fe117dd2af0c7d9a581ef6df81d035e6d25838717225cebb9f207af4fe0fd0Red Hat Security Advisory 2024-1878-03 - An updated version of Red Hat Update Infrastructure is now available. RHUI 4.8 fixes several security an operational bugs, adds some new features and upgrades the underlying Pulp to a newer version. Issues addressed include HTTP request smuggling, crlf injection, denial of service, and traversal vulnerabilities.
0f1192c341afdb783921348eba4c5db9df97bb2ab2e8a774605987966ace3052Red Hat Security Advisory 2024-1877-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include denial of service, information leakage, null pointer, and use-after-free vulnerabilities.
3db2b9f4e0af541aa428e404d176897254826c7b0bc083b76e4ff77025a7d43aRed Hat Security Advisory 2024-1876-03 - An update for shim is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include buffer overflow, bypass, integer overflow, and out of bounds read vulnerabilities.
095fcfe2786f921ea269a3adccddec285927136690dcbb2ceadf6c96325bee6bRed Hat Security Advisory 2024-1873-03 - An update for shim is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, E4S Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Issues addressed include buffer overflow, bypass, integer overflow, and out of bounds read vulnerabilities.
95393662d6e78942c7b915094823359b064bd10b6270374022f6acd4df117a1cRed Hat Security Advisory 2024-1867-03 - A bug update is now available for Red Hat build of Keycloak 22.0.10 images running on OpenShift Container Platform. This is an enhancement and security update with Moderate impact rating. Issues addressed include bypass, cross site scripting, denial of service, and traversal vulnerabilities.
1ac51b738eb7ec90f6df4fd1548d65c4d5fc884ed10359f9621a5aef5ca0c9b1Red Hat Security Advisory 2024-1866-03 - A security update is now available for Red Hat Single Sign-On 7.6 from the Customer Portal. Issues addressed include bypass and denial of service vulnerabilities.
3811d51c665f793af0a0bd49c93d850a2925d9ddf279363ef18277c95f5e9129Red Hat Security Advisory 2024-1864-03 - A new image is available for Red Hat Single Sign-On 7.6.8, running on OpenShift Container Platform 3.10 and 3.11, and 4.3. Issues addressed include bypass and denial of service vulnerabilities.
dfad1b618b90a9fa1c2985b604b77ff014660236803bb30093025b42acd062b9Red Hat Security Advisory 2024-1862-03 - New Red Hat Single Sign-On 7.6.8 deliverables are now available for Red Hat Enterprise Linux 9. Issues addressed include bypass and denial of service vulnerabilities.
281b404658ccbb28f5b88e7fabebcb10222606d11f0075109fa2c550480fe766Red Hat Security Advisory 2024-1861-03 - New Red Hat Single Sign-On 7.6.8 deliverables are now available for Red Hat Enterprise Linux 8. Issues addressed include bypass and denial of service vulnerabilities.
ed72fce7980b140544b6335762fe923fae76a9c4c296478b447c50120ce377ebRed Hat Security Advisory 2024-1860-03 - New Red Hat Single Sign-On 7.6.8 deliverables are now available for Red Hat Enterprise Linux 7. Issues addressed include bypass and denial of service vulnerabilities.
fa737b83ba1d7122fbf729bffd0d612e9aa2227a54a36d5ecd0c70f96127de8cDebian Linux Security Advisory 5662-1 - Multiple vulnerabilities have been discovered in the Apache HTTP server, which may result in HTTP response splitting or denial of service.
91dd197c5a6d8baaed2ebca649cbbb006dfaa18a448d23acca955357225d36ebRed Hat Security Advisory 2024-1868-03 - An update is now available for Red Hat build of Keycloak. Issues addressed include bypass, cross site scripting, and denial of service vulnerabilities.
30aed3acd3e4f969cf77c6d68e2564174f4c8f0552b53be6fe4b1db2999dc60eRed Hat Security Advisory 2024-1835-03 - An update for shim is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include buffer overflow, bypass, integer overflow, and out of bounds read vulnerabilities.
bcc6d07da755900b374e9e5999f533940b17e639cb85c56c2c0ad7c71f890246Red Hat Security Advisory 2024-1834-03 - An update for shim is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.2 Telecommunications Update Service. Issues addressed include buffer overflow, bypass, integer overflow, and out of bounds read vulnerabilities.
6bea09ed785098d089b673e4999ce967a32853ca4cefc2dd346c8eeb079465eaRed Hat Security Advisory 2024-1831-03 - An update for kernel is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support. Issues addressed include out of bounds write and use-after-free vulnerabilities.
fc3a413f57dbe50448729e85069f6848993af45d296ea170081bb919fd1cdd1aThe password of database connections in AWS Glue is loaded into the website when a connection's edit page is requested. Principals with appropriate permissions can read the password. This behavior also increases the risk that database passwords will be intercepted by an attacker during transmission in the server response. Many types of vulnerabilities, such as broken access controls, cross site scripting and weaknesses in session handling, could enable an attacker to leverage this behavior to retrieve the passwords.
70e6691798348933f72079d525b978bc0517e5c1f2d9ac8b96813c23d1234685Debian Linux Security Advisory 5658-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
37cefcc8693691a29ddc63f10ee46f6f0724bf622031a4c9c4bfc376d40acaaeDebian Linux Security Advisory 5657-1 - Several vulnerabilities were discovered in the Xorg X server, which may result in privilege escalation if the X server is running privileged or denial of service.
28ab9735e5a87ff285676269d50c238ee979e4049765f3ebddfb327aa4a63eefRed Hat Security Advisory 2024-1812-03 - Custom Metrics Autoscaler Operator for Red Hat OpenShift including security updates. Issues addressed include denial of service and memory leak vulnerabilities.
b61dccacdb7ea0362167c7c5ba016b286a5a61e0de39f1d9b9408d4c69a810a8Ubuntu Security Notice 6727-2 - USN-6727-1 fixed vulnerabilities in NSS. The update introduced a regression when trying to load security modules on Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. This update fixes the problem. It was discovered that NSS incorrectly handled padding when checking PKCS#1 certificates. A remote attacker could possibly use this issue to perform Bleichenbacher-like attacks and recover private data. This issue only affected Ubuntu 20.04 LTS. It was discovered that NSS had a timing side-channel when performing RSA decryption. A remote attacker could possibly use this issue to recover private data. It was discovered that NSS had a timing side-channel when using certain NIST curves. A remote attacker could possibly use this issue to recover private data. The NSS package contained outdated CA certificates. This update refreshes the NSS package to version 3.98 which includes the latest CA certificate bundle and other security improvements.
98f7aae4d30d1b37976aae71c2f8f3d1c09fb49865d4abec3139169342e9663a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed