Debian Linux Security Advisory 5665-1 - Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine.
f71a2704a09d499ccfe3d1492004ddcb7f2429e9761b62b167df8ac3625763b8
Ubuntu Security Notice 6729-2 - USN-6729-1 fixed several vulnerabilities in Apache. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Orange Tsai discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly use this issue to perform HTTP request splitting attacks.
48e8f6ab38e454ffe37a65ae74aa96cb5b3942a28276a0cc0f3a974d4716ae83
Red Hat Security Advisory 2024-1883-03 - An update for shim is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include buffer overflow, bypass, integer overflow, and out of bounds read vulnerabilities.
c1ea6025a858fac3737458660132784a8297331282060c087e38da04b57eae15
Red Hat Security Advisory 2024-1881-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include null pointer and use-after-free vulnerabilities.
acea5cb9cd1b6c350fd4c7a2ed9b9beb19ec417f14f50e1f89fe7aea71333885
Red Hat Security Advisory 2024-1880-03 - An update for the nodejs:18 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include denial of service and privilege escalation vulnerabilities.
c8fe117dd2af0c7d9a581ef6df81d035e6d25838717225cebb9f207af4fe0fd0
Red Hat Security Advisory 2024-1878-03 - An updated version of Red Hat Update Infrastructure is now available. RHUI 4.8 fixes several security an operational bugs, adds some new features and upgrades the underlying Pulp to a newer version. Issues addressed include HTTP request smuggling, crlf injection, denial of service, and traversal vulnerabilities.
0f1192c341afdb783921348eba4c5db9df97bb2ab2e8a774605987966ace3052
Red Hat Security Advisory 2024-1877-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include denial of service, information leakage, null pointer, and use-after-free vulnerabilities.
3db2b9f4e0af541aa428e404d176897254826c7b0bc083b76e4ff77025a7d43a
Red Hat Security Advisory 2024-1876-03 - An update for shim is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include buffer overflow, bypass, integer overflow, and out of bounds read vulnerabilities.
095fcfe2786f921ea269a3adccddec285927136690dcbb2ceadf6c96325bee6b
Red Hat Security Advisory 2024-1873-03 - An update for shim is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, E4S Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Issues addressed include buffer overflow, bypass, integer overflow, and out of bounds read vulnerabilities.
95393662d6e78942c7b915094823359b064bd10b6270374022f6acd4df117a1c
Red Hat Security Advisory 2024-1867-03 - A bug update is now available for Red Hat build of Keycloak 22.0.10 images running on OpenShift Container Platform. This is an enhancement and security update with Moderate impact rating. Issues addressed include bypass, cross site scripting, denial of service, and traversal vulnerabilities.
1ac51b738eb7ec90f6df4fd1548d65c4d5fc884ed10359f9621a5aef5ca0c9b1
Red Hat Security Advisory 2024-1866-03 - A security update is now available for Red Hat Single Sign-On 7.6 from the Customer Portal. Issues addressed include bypass and denial of service vulnerabilities.
3811d51c665f793af0a0bd49c93d850a2925d9ddf279363ef18277c95f5e9129
Red Hat Security Advisory 2024-1864-03 - A new image is available for Red Hat Single Sign-On 7.6.8, running on OpenShift Container Platform 3.10 and 3.11, and 4.3. Issues addressed include bypass and denial of service vulnerabilities.
dfad1b618b90a9fa1c2985b604b77ff014660236803bb30093025b42acd062b9
Red Hat Security Advisory 2024-1862-03 - New Red Hat Single Sign-On 7.6.8 deliverables are now available for Red Hat Enterprise Linux 9. Issues addressed include bypass and denial of service vulnerabilities.
281b404658ccbb28f5b88e7fabebcb10222606d11f0075109fa2c550480fe766
Red Hat Security Advisory 2024-1861-03 - New Red Hat Single Sign-On 7.6.8 deliverables are now available for Red Hat Enterprise Linux 8. Issues addressed include bypass and denial of service vulnerabilities.
ed72fce7980b140544b6335762fe923fae76a9c4c296478b447c50120ce377eb
Red Hat Security Advisory 2024-1860-03 - New Red Hat Single Sign-On 7.6.8 deliverables are now available for Red Hat Enterprise Linux 7. Issues addressed include bypass and denial of service vulnerabilities.
fa737b83ba1d7122fbf729bffd0d612e9aa2227a54a36d5ecd0c70f96127de8c
Debian Linux Security Advisory 5662-1 - Multiple vulnerabilities have been discovered in the Apache HTTP server, which may result in HTTP response splitting or denial of service.
91dd197c5a6d8baaed2ebca649cbbb006dfaa18a448d23acca955357225d36eb
Red Hat Security Advisory 2024-1868-03 - An update is now available for Red Hat build of Keycloak. Issues addressed include bypass, cross site scripting, and denial of service vulnerabilities.
30aed3acd3e4f969cf77c6d68e2564174f4c8f0552b53be6fe4b1db2999dc60e
Red Hat Security Advisory 2024-1835-03 - An update for shim is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include buffer overflow, bypass, integer overflow, and out of bounds read vulnerabilities.
bcc6d07da755900b374e9e5999f533940b17e639cb85c56c2c0ad7c71f890246
Red Hat Security Advisory 2024-1834-03 - An update for shim is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.2 Telecommunications Update Service. Issues addressed include buffer overflow, bypass, integer overflow, and out of bounds read vulnerabilities.
6bea09ed785098d089b673e4999ce967a32853ca4cefc2dd346c8eeb079465ea
Red Hat Security Advisory 2024-1831-03 - An update for kernel is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support. Issues addressed include out of bounds write and use-after-free vulnerabilities.
fc3a413f57dbe50448729e85069f6848993af45d296ea170081bb919fd1cdd1a
The password of database connections in AWS Glue is loaded into the website when a connection's edit page is requested. Principals with appropriate permissions can read the password. This behavior also increases the risk that database passwords will be intercepted by an attacker during transmission in the server response. Many types of vulnerabilities, such as broken access controls, cross site scripting and weaknesses in session handling, could enable an attacker to leverage this behavior to retrieve the passwords.
70e6691798348933f72079d525b978bc0517e5c1f2d9ac8b96813c23d1234685
Debian Linux Security Advisory 5658-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
37cefcc8693691a29ddc63f10ee46f6f0724bf622031a4c9c4bfc376d40acaae
Debian Linux Security Advisory 5657-1 - Several vulnerabilities were discovered in the Xorg X server, which may result in privilege escalation if the X server is running privileged or denial of service.
28ab9735e5a87ff285676269d50c238ee979e4049765f3ebddfb327aa4a63eef
Red Hat Security Advisory 2024-1812-03 - Custom Metrics Autoscaler Operator for Red Hat OpenShift including security updates. Issues addressed include denial of service and memory leak vulnerabilities.
b61dccacdb7ea0362167c7c5ba016b286a5a61e0de39f1d9b9408d4c69a810a8
Ubuntu Security Notice 6727-2 - USN-6727-1 fixed vulnerabilities in NSS. The update introduced a regression when trying to load security modules on Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. This update fixes the problem. It was discovered that NSS incorrectly handled padding when checking PKCS#1 certificates. A remote attacker could possibly use this issue to perform Bleichenbacher-like attacks and recover private data. This issue only affected Ubuntu 20.04 LTS. It was discovered that NSS had a timing side-channel when performing RSA decryption. A remote attacker could possibly use this issue to recover private data. It was discovered that NSS had a timing side-channel when using certain NIST curves. A remote attacker could possibly use this issue to recover private data. The NSS package contained outdated CA certificates. This update refreshes the NSS package to version 3.98 which includes the latest CA certificate bundle and other security improvements.
98f7aae4d30d1b37976aae71c2f8f3d1c09fb49865d4abec3139169342e9663a