what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 12 of 12 RSS Feed

Files Date: 2022-11-09 to 2022-11-10

Red Hat Security Advisory 2022-6882-01
Posted Nov 9, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6882-01 - Openshift Logging 5.3.13 security and bug fix release.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-35525, CVE-2020-35527, CVE-2022-0494, CVE-2022-1353, CVE-2022-21618, CVE-2022-21619, CVE-2022-21624, CVE-2022-21626, CVE-2022-21628, CVE-2022-23816, CVE-2022-23825, CVE-2022-2509, CVE-2022-2588, CVE-2022-29900
SHA-256 | 7e65b18002978caefe3c4db2dc816316d156cfdc8df48304228fbb8fa76dbb4f
Red Hat Security Advisory 2022-7896-01
Posted Nov 9, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-7896-01 - Debezium is a distributed platform that turns your existing databases into event streams, so applications can see and respond immediately to each row-level change in the databases. Debezium is built on top of Apache Kafka and provides Kafka Connect compatible connectors that monitor specific database management systems. Debezium records the history of data changes in Kafka logs, from where your application consumes them. This makes it possible for your application to easily consume all of the events correctly and completely. Even if your application stops unexpectedly, it will not miss anything: when the application restarts, it will resume consuming the events where it left off. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2021-22569, CVE-2022-3171
SHA-256 | db48f95aa0be218cb430ca44501b8df6989e3b6fd7d6d84a74789c8d047837ed
Ubuntu Security Notice USN-5719-1
Posted Nov 9, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5719-1 - It was discovered that OpenJDK incorrectly handled long client hostnames. An attacker could possibly use this issue to cause the corruption of sensitive information. It was discovered that OpenJDK incorrectly randomized DNS port numbers. A remote attacker could possibly use this issue to perform spoofing attacks. It was discovered that OpenJDK did not limit the number of connections accepted from HTTP clients. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, remote, web, denial of service, spoof
systems | linux, ubuntu
advisories | CVE-2022-21618, CVE-2022-21619, CVE-2022-21624, CVE-2022-21626, CVE-2022-21628, CVE-2022-39399
SHA-256 | ab9280f314ac81de4a3ed054866e30b013b2d1631d6819d87f2ce15b72e94064
Ubuntu Security Notice USN-5720-1
Posted Nov 9, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5720-1 - It was discovered that Zstandard was not properly managing file permissions when generating output files. A local attacker could possibly use this issue to cause a race condition and gain unauthorized access to sensitive data.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2021-24031
SHA-256 | 873c2b5b031557838c402199683cc5d5a312d2061658d759241fbaca1ed492f8
WordPress Blog2Social 6.9.11 Missing Authorization
Posted Nov 9, 2022
Authored by Marco Wotschka | Site wordfence.com

WordPress Blog2Social versions 6.9.11 and below suffer from a missing authorization vulnerability.

tags | exploit, bypass
advisories | CVE-2022-3622
SHA-256 | e4e4ef726eb4dfee57096334068cfb2be2046a925d766a2bf97f2cb25de827ab
Red Hat Security Advisory 2022-7885-01
Posted Nov 9, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-7885-01 - The kpatch management tool provides a kernel patching infrastructure which allows you to patch a running kernel without rebooting or restarting any processes. Issues addressed include privilege escalation and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2022-2588
SHA-256 | aef1695871f9f258a003e2fba336a94aebd79101e648bbf3f15cace94f86a2f2
Red Hat Security Advisory 2022-7887-01
Posted Nov 9, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-7887-01 - The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2020-12321
SHA-256 | 89f479d890629cfc93b11dc9592dface0f071b36b5b070c8f10b7d7517222c4e
Ubuntu Security Notice USN-5717-1
Posted Nov 9, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5717-1 - It was discovered that PHP incorrectly handled certain gzip files. An attacker could possibly use this issue to cause a denial of service. It was discovered that PHP incorrectly handled certain cookies. An attacker could possibly use this issue to compromise the data It was discovered that PHP incorrectly handled certain image fonts. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.10, and Ubuntu 22.04 LTS.

tags | advisory, denial of service, php
systems | linux, ubuntu
advisories | CVE-2022-31628, CVE-2022-31629, CVE-2022-31630, CVE-2022-37454
SHA-256 | 5d9c5fa429c56df30e64215e02fbcce857d17b47d4d6b19014cc6d97a3a22070
Debian Security Advisory 5274-1
Posted Nov 9, 2022
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5274-1 - Jihwan Kim and Dohyun Lee discovered that visiting a malicious website may lead to user interface spoofing. Dohyun Lee discovered that processing maliciously crafted web content may lead to arbitrary code execution. Abdulrahman Alqabandi, Ryan Shin and Dohyun Lee discovered that processing maliciously crafted web content may disclose sensitive user information.

tags | advisory, web, arbitrary, spoof, code execution
systems | linux, debian
advisories | CVE-2022-42799, CVE-2022-42823, CVE-2022-42824
SHA-256 | b2cd03cb3cd51e835828566f26955b1a24433b4d4ee8969dda2279eab675c38f
Debian Security Advisory 5273-1
Posted Nov 9, 2022
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5273-1 - Jihwan Kim and Dohyun Lee discovered that visiting a malicious website may lead to user interface spoofing. Dohyun Lee discovered that processing maliciously crafted web content may lead to arbitrary code execution. Abdulrahman Alqabandi, Ryan Shin and Dohyun Lee discovered that processing maliciously crafted web content may disclose sensitive user information.

tags | advisory, web, arbitrary, spoof, code execution
systems | linux, debian
advisories | CVE-2022-42799, CVE-2022-42823, CVE-2022-42824
SHA-256 | 6bbe81d2c9efe6e21d1f0e9b955cd92bda11b610558952c581bfaa7120f0b2df
Ubuntu Security Notice USN-5718-1
Posted Nov 9, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5718-1 - Maddie Stone discovered that pixman incorrectly handled certain memory operations. A remote attacker could use this issue to cause pixman to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-44638
SHA-256 | 26aee9fb135153fdfbff6deab0356b64de323ddc9993b99f914d5645310e05ad
Zeek 5.0.3
Posted Nov 9, 2022
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: Fixed an issue where a specially-crafted FTP packet can cause Zeek to spend large amounts of time attempting to search for valid commands in the data stream. Fixed a possible overflow in the Zeek dictionary code that may lead to a memory leak. Fixed an issue where a specially-crafted packet can cause Zeek to spend large amounts of time reporting analyzer violations. Fixed a possible assert and crash in the HTTP analyzer when receiving a specially-crafted packet. Fixed an issue where a specially-crafted HTTP or SMTP packet can cause Zeek to spend a large amount of time attempting to search for filenames within the packet data. Fixed two separate possible crashes when converting processed IP headers for logging via the raw_packet event handlers. Various other bug fixes.
tags | tool, intrusion detection
systems | unix
SHA-256 | 8f16ed6b51f63f7efaca506c4ee0396b0fd03e83cb6358dbd9ea6ffe5fd0b657
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close