Red Hat Security Advisory 2023-7820-03 - Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.12.10 on Red Hat Enterprise Linux 8 from Red Hat Container Registry.
99893907174d10183620ce9ea66c7d20b572c84c04b7d1143b5deb9438e60cfa
Red Hat Security Advisory 2023-7792-03 - An update for gstreamer1-plugins-bad-free is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include buffer overflow and use-after-free vulnerabilities.
30159793468ee83045515773e96a42ef477b3d36eb62b37375b02f98238d125f
Red Hat Security Advisory 2023-7791-03 - An update for gstreamer1-plugins-bad-free is now available for Red Hat Enterprise Linux 9. Issues addressed include buffer overflow and use-after-free vulnerabilities.
35a7603f9112b6b81cf0d62395910f0a51b04ae7662d418e0019677aa26ecd0c
Red Hat Security Advisory 2023-7790-03 - An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 8. Issues addressed include an integer overflow vulnerability.
a26f3bdb9837c1e7da37cf59080735271069e59b99520739d861903c2b4255dd
Red Hat Security Advisory 2023-7789-03 - An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include an integer overflow vulnerability.
387fb0ebec56e236af7f81e56ec1252e17f7015ddbe1977cd70801e72814a6ad
Red Hat Security Advisory 2023-7788-03 - An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include an integer overflow vulnerability.
b242b655f42a1ae3bc1b5e699b1a51000093c5df31d61f5b35757a978e78d123
Red Hat Security Advisory 2023-7786-03 - An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include an integer overflow vulnerability.
0fbdee050c8a5655a1c5fca0b042612d10f9e9cddacb6352bb689be20ecd7617
Red Hat Security Advisory 2023-7785-03 - An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 9. Issues addressed include integer overflow and remote SQL injection vulnerabilities.
fd224759d5871662f48127697379d92b5f89e521c74205be98613db0c81f7c73
Red Hat Security Advisory 2023-7784-03 - An update for postgresql is now available for Red Hat Enterprise Linux 9. Issues addressed include integer overflow and remote SQL injection vulnerabilities.
91f1698b4b85e0e8cc4b5f8c58ec1528b72264225f5f844df0a1bff98419dcb0
Red Hat Security Advisory 2023-7783-03 - An update for postgresql is now available for Red Hat Enterprise Linux 7. Issues addressed include an integer overflow vulnerability.
039e3e24fcb541e6ed64e793f6ef119f751b6dcc0eded1249bf425b4a52ab596
Red Hat Security Advisory 2023-7782-03 - An update for linux-firmware is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support. Issues addressed include an information leakage vulnerability.
83eddbc394ef4a5281e91dcdb603e46604864a86e73aba1967ff7989fe51c06f
Red Hat Security Advisory 2023-7778-03 - An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Issues addressed include an integer overflow vulnerability.
eef77b51344762d501e75d6d01ddc25ae1e8827920b5105f4169c74c9a0d7c72
Red Hat Security Advisory 2023-7720-03 - An update is now available for RHOL-5.8-RHEL-9. Issues addressed include a file disclosure vulnerability.
401f1162137dbb0a7ffbce061a025152764d87b7bf9f5d8603653b008df94cc2
Red Hat Security Advisory 2023-7691-03 - Red Hat OpenShift Container Platform release 4.11.55 is now available with updates to packages and images that fix several bugs and add enhancements.
e3052bcc3795f17b1f3b573dc1125d5a16fee0bd1d2e9ef2ae0b01feac0c4c23
Red Hat Security Advisory 2023-7690-03 - Red Hat OpenShift Container Platform release 4.11.55 is now available with updates to packages and images that fix several bugs and add enhancements.
f94fcb6da8acca58b1764c13cd51b1b32df0aae7743905cc4eff74b9063c8738
Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
c86b107d52957be8d1db2d23617afb792307282d5164cf7d89fce10fcfc99454
Debian Linux Security Advisory 5577-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
c5ff8727b2a35a81281356fbaac0341a385b77c155b5b3bcff91bf3678d631d9
Ubuntu Security Notice 6555-2 - USN-6555-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled XKB button actions. An attacker could possibly use this issue to cause the X Server to crash, execute arbitrary code, or escalate privileges.
47dd680a597c860005fcb5faa12fa286b608ad37685f4dcde9e7e3d72589df43
Ubuntu Security Notice 6555-1 - Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled XKB button actions. An attacker could possibly use this issue to cause the X Server to crash, execute arbitrary code, or escalate privileges. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the RRChangeOutputProperty and RRChangeProviderProperty APIs. An attacker could possibly use this issue to cause the X Server to crash, or obtain sensitive information.
863c07bd808ab957e6fd16cdd167d2b0776d0a5422b1772f41e19758588b5ead
Proof of concept exploit for a new technique to escape from the Chrome V8 sandbox.
b533a0e53256fe5313af052c54741bea5b40ff4a27c155aca589938f876681db
Proof of concept exploit for CVE-2023-3079 that leverages a type confusion in V8 in Google Chrome versions prior to 114.0.5735.110. This issue allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This variant of the exploit applies a new technique to escape the sandbox.
07a757d77758a5b7ba1152485d4c44678d2993d2b1ba08c1da2c0301b12a31d5
Chrome V8 proof of concept exploit for CVE-2021-21220. The specific flaw exists within the implementation of XOR operation when executed within JIT compiled code.
4a0c5ace29bab9077fd3cb6f30e1b337ebb1207166906d4dc66f459257476092
Proof of concept exploit for CVE-2023-3079 that leverages a type confusion in V8 in Google Chrome versions prior to 114.0.5735.110. This issue allows a remote attacker to potentially exploit heap corruption via a crafted HTML page.
c7ac9c003e88739db826c7b7f01e6f701dd02bd677b93702334ae6f89f6455d0
The Microsoft Windows Kernel has an issue with bad locking in registry virtualization that can result in race conditions.
8cf51c7afd8e880ffabc644d09f791fed4bac36689d7102f629eb746b2c13124