SAP NetWeaver JAVA suffers from a denial of service vulnerability.
4632f9be44ccaa2efca82c98f86d41ea94dd06ef2c9411c43995ace0d230acca
SAP Web Dispatcher suffers from an HTTP request smuggling vulnerability.
13d3e2b23a840dab61234f2b6d3787259a7efde984a35e90339e0cdc4c879d9a
Red Planet Laundry Management System version 1.0 suffers from a remote SQL injection vulnerability.
fb9ca577051e583a14d2a46cbefa9a6c1b563f29cdf20a68500709adaf8dd589
Ubuntu Security Notice 5395-2 - USN-5395-1 fixed vulnerabilities in networkd-dispatcher. Unfortunately that update was incomplete and could introduce a regression. This update fixes the problem. It was discovered that networkd-dispatcher incorrectly handled internal scripts. A local attacker could possibly use this issue to cause a race condition, escalate privileges and execute arbitrary code.
58fe6e09901d65da7bbfb1aa330e18a95af76b41553f7b19884769fb5ddd04cf
Red Hat Security Advisory 2022-1703-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.9.0 ESR. Issues addressed include a bypass vulnerability.
230ff02f7936f3f77f79f17fd25cd6d07f6a93173fe70e7f6a333b5528de873f
Ubuntu Security Notice 5401-1 - Wenxiang Qian discovered that DPDK incorrectly checked certain payloads. An attacker could use this issue to cause DPDK to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that DPDK incorrectly handled inflight type messages. An attacker could possibly use this issue to cause DPDK to consume resources, leading to a denial of service.
0c60a1f895a3ce054f03d56b5bce1371c5b1df054e25a3d1589b048b89fe829f
Ubuntu Security Notice 5402-1 - Elison Niven discovered that OpenSSL incorrectly handled the c_rehash script. A local attacker could possibly use this issue to execute arbitrary commands when c_rehash is run. Raul Metsma discovered that OpenSSL incorrectly verified certain response signing certificates. A remote attacker could possibly use this issue to spoof certain response signing certificates. This issue only affected Ubuntu 22.04 LTS.
9f908328ff337686f5d5cffc66667d81dbd3b4ce35629e2bd3050e7444f1fd8b
Red Hat Security Advisory 2022-1701-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.9.0 ESR. Issues addressed include a bypass vulnerability.
aad502cd0feac0eb4e5d7ac124154faa33a8c8a8cfbfa5268f1045d39c7ebc86
Red Hat Security Advisory 2022-1708-01 - Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments.
e1b34880dffb776e78d1e49efd19ad513c2b6f025d948204677d58d0bfa6da1e
Red Hat Security Advisory 2022-1705-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.9.0 ESR. Issues addressed include a bypass vulnerability.
aa9f0f924bdac14b1c47f73b18e83ecb26fffb9f2b986c0081a7680af70c15d1
Red Hat Security Advisory 2022-1709-01 - Red Hat Single Sign-On 7.5 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.5.2 serves as a replacement for Red Hat Single Sign-On 7.5.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a privilege escalation vulnerability.
79f5afdb9bcc7fcd0cf132f14b43aa98963346c428221f07fd67a2e6419c195f
Red Hat Security Advisory 2022-1622-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.57.
c6bbb6c8c7f4807bed808b409a1979c9c7ff636de3be398e6d437bf3aaece474
Red Hat Security Advisory 2022-1702-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.9.0 ESR. Issues addressed include a bypass vulnerability.
3982174c71d30f0db5bb7f7d3ef83158b4804bc28a358964575e2dbcaddd5772
Red Hat Security Advisory 2022-1704-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.9.0 ESR. Issues addressed include a bypass vulnerability.
bce6087615565bbf4671d8ed8038a00992d0a52f6a2637888b47f4b8d7a4e9ae
Red Hat Security Advisory 2022-1712-01 - Red Hat Single Sign-On 7.5 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.5.2 on RHEL 8 serves as a security patch for Red Hat Single Sign-On 7.5.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a privilege escalation vulnerability.
aa792fb01f5da492d5013bdcc3ab246a6de690b5285abe31adaa4d6fafd69ddd
Red Hat Security Advisory 2022-1711-01 - Red Hat Single Sign-On 7.5 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.5.2 on RHEL 7 serves as a security patch for Red Hat Single Sign-On 7.5.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a privilege escalation vulnerability.
91b07833db9016ac32090462252eeb393f506eccde76fd372a59df62abb448ca
Ubuntu Security Notice 5400-2 - USN-5400-1 fixed several vulnerabilities in MySQL. This update provides the corresponding update for Ubuntu 16.04 ESM. Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated in Ubuntu 16.04 ESM to MySQL 5.7.38.
aa67ee1390075ee2c2ef4117f3225361db8c27f250f5f174a46605ab20e0d51c
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
270203a54c458049db54fcd93683ff5b2db19151f363c48e82cecefdde2b35d4
Ubuntu Security Notice 5390-2 - David Bouman discovered that the netfilter subsystem in the Linux kernel did not properly validate passed user register indices. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. David Bouman discovered that the netfilter subsystem in the Linux kernel did not initialize memory in some situations. A local attacker could use this to expose sensitive information.
360e866dc51e067344a3c2f5e702ffdd692299bf8bc29ec6c987ef25420ab7d1
Red Hat Security Advisory 2022-1681-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.4 General Availability release images. This update provides security fixes, bug fixes, and updates container images. Issues addressed include bypass and traversal vulnerabilities.
1bee26055b1d06a4bc9715b98ed40f38564faecb40aaae8083d0ca2eed4c2283
WannaCry ransomware looks for and executes DLLs in its current directory. Therefore, we can hijack a DLL to execute our own code in order to control and terminate the malware pre-encryption. The exploit DLL checks if the current directory is "C:\Windows\System32" and if not we grab our process ID and terminate. We do not need to rely on hash signatures or third-party products, the malware vulnerability does the work for us. Endpoint protection systems and or antivirus can potentially be killed prior to executing malware, but this method cannot as there is nothing to kill the DLL that just lives on disk waiting. From a defensive perspective you can add the DLLs to a specific network share containing important data as a layered approach. All basic tests were conducted successfully in a virtual machine environment.
75c864ef881d1530855d950ce35620da320dafb0cebe2d176ad34757f23f3194
REvil ransomware looks for and executes DLLs in its current directory. Therefore, we can potentially hijack a DLL to execute our own code in order to control and terminate the malware pre-encryption. The exploit dll will check if the current directory is "C:\Windows\System32" and if not we grab our process ID and terminate. We do not need to rely on hash signature or third-party products as the malware vulnerability will do the work for us. Endpoint protection systems and or antivirus can potentially be killed prior to executing malware, but this method cannot as there is nothing to kill the DLL that just lives on disk waiting. From a defensive perspective you can add the DLLs to a specific network share containing important data as a layered approach. All basic tests were conducted successfully in a virtual machine environment.
07f3d9e3cb24992e24316fe7f8e41fc64fee499196a59b0f4d1594fec2186777
Conti ransomware looks for and executes DLLs in its current directory. Therefore, we can potentially hijack a DLL to execute our own code to control and terminate the malware pre-encryption. The exploit dll will check if the current directory is "C:\Windows\System32". If not, we grab our process ID and terminate. We do not need to rely on hash signature or third-party products, the malware vulnerability will do the work for us. Endpoint protection systems and or antivirus can potentially be killed prior to executing malware, but this method cannot as there is nothing to kill the DLL that just lives on disk waiting. From a defensive perspective you can add the DLLs to a specific network share containing important data as a layered approach. All basic tests were conducted successfully in a virtual machine environment.
9cc7ba098e7d73f1ba5a406536afb6daff209000bfc578d3f4921cd931a7e23f
Conti ransomware looks for and loads a DLL named "wow64log.dll" in Windows\System32. Therefore, we can drop our own DLL to intercept and terminate the malware pre-encryption. The exploit DLL will simply display a Win32API message box and call exit(). Our Conti.Ransom exploit DLL must export the "InterlockedExchange" function or it fails with an error. We do not need to rely on hash signature or third-party products, the malware vulnerability will do the work for us. Endpoint protection systems and or antivirus can potentially be killed prior to executing malware, but this method cannot as there is nothing to kill the DLL that just lives on disk waiting. From a defensive perspective you can add the DLLs to a specific network share containing important data as a layered approach. All basic tests were conducted successfully in a virtual machine environment.
aa9ce885d596135e2fe0d53ecbaf0150134e9b1069abbd9201051712bdcaffad