Critical Infrastructure

SecList ICS

Security Magazine

Case Studies

News

Exploits

Last 20 Website Defacements - Zone-h

    Advisories

    • Debian Security Advisory 5505-1 Tue, 26 Sep 2023 13:02:09 GMT
      Debian Linux Security Advisory 5505-1 - Matteo Memelli reported an out-of-bounds read flaw when parsing CDP addresses in lldpd, an implementation of the IEEE 802.1ab (LLDP) protocol. A remote attacker can take advantage of this flaw to cause a denial of service via a specially crafted CDP PDU packet.
    • Debian Security Advisory 5504-1 Mon, 25 Sep 2023 14:23:22 GMT
      Debian Linux Security Advisory 5504-1 - Several vulnerabilities were discovered in BIND, a DNS server implementation.
    • Apple Security Advisory 2023-09-21-7 Mon, 25 Sep 2023 14:22:23 GMT
      Apple Security Advisory 2023-09-21-7 - macOS Monterey 12.7 addresses a privilege escalation vulnerability.
    • Apple Security Advisory 2023-09-21-6 Mon, 25 Sep 2023 14:15:39 GMT
      Apple Security Advisory 2023-09-21-6 - macOS Ventura 13.6 addresses bypass vulnerabilities.
    • Apple Security Advisory 2023-09-21-5 Mon, 25 Sep 2023 14:15:24 GMT
      Apple Security Advisory 2023-09-21-5 - watchOS 9.6.3 addresses bypass vulnerabilities.
    • Ubuntu Security Notice USN-6190-2 Mon, 25 Sep 2023 14:15:01 GMT
      Ubuntu Security Notice 6190-2 - USN-6190-1 fixed a vulnerability in AccountsService. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Kevin Backhouse discovered that AccountsService incorrectly handled certain D-Bus messages. A local attacker could use this issue to cause AccountsService to crash, resulting in a denial of service, or possibly execute arbitrary code.
    • Ubuntu Security Notice USN-6365-2 Mon, 25 Sep 2023 14:14:44 GMT
      Ubuntu Security Notice 6365-2 - USN-6365-1 fixed a vulnerability in Open VM Tools. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that Open VM Tools incorrectly handled SAML tokens. A remote attacker could possibly use this issue to bypass SAML token signature verification and perform VMware Tools Guest Operations.
    • Apple Security Advisory 2023-09-21-4 Mon, 25 Sep 2023 14:10:44 GMT
      Apple Security Advisory 2023-09-21-4 - watchOS 10.0.1 addresses bypass vulnerabilities.
    • Apple Security Advisory 2023-09-21-3 Mon, 25 Sep 2023 14:08:28 GMT
      Apple Security Advisory 2023-09-21-3 - iOS 16.7 and iPadOS 16.7 addresses bypass vulnerabilities.
    • Apple Security Advisory 2023-09-21-2 Mon, 25 Sep 2023 14:03:59 GMT
      Apple Security Advisory 2023-09-21-2 - iOS 17.0.1 and iPadOS 17.0.1 addresses bypass vulnerabilities.
    • Apple Security Advisory 2023-09-21-1 Mon, 25 Sep 2023 13:53:22 GMT
      Apple Security Advisory 2023-09-21-1 - Safari 16.6.1 addresses a code execution vulnerability.
    • Ubuntu Security Notice USN-6394-1 Fri, 22 Sep 2023 17:38:27 GMT
      Ubuntu Security Notice 6394-1 - It was discovered that Python incorrectly handled certain scripts. An attacker could possibly use this issue to execute arbitrary code or cause a crash.
    • Ubuntu Security Notice USN-6395-1 Fri, 22 Sep 2023 17:38:15 GMT
      Ubuntu Security Notice 6395-1 - Mickael Karatekin discovered that GNOME Shell incorrectly allowed the screenshot tool to view open windows when a session was locked. A local attacker could possibly use this issue to obtain sensitive information.
    • Red Hat Security Advisory 2023-5337-01 Fri, 22 Sep 2023 17:37:54 GMT
      Red Hat Security Advisory 2023-5337-01 - A security update for Camel K 1.10.2 is now available. The purpose of this text-only errata is to inform you about the security issues fixed. Issues addressed include a bypass vulnerability.
    • Ubuntu Security Notice USN-6360-2 Fri, 22 Sep 2023 17:00:28 GMT
      Ubuntu Security Notice 6360-2 - USN-6360-1 fixed a vulnerability in FLAC. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. It was discovered that FLAC incorrectly handled encoding certain files. A remote attacker could use this issue to cause FLAC to crash, resulting in a denial of service, or possibly execute arbitrary code.
    • Ubuntu Security Notice USN-6393-1 Thu, 21 Sep 2023 16:23:50 GMT
      Ubuntu Security Notice 6393-1 - It was discovered that ImageMagick did not properly handle memory when processing the -help option. An attacker could potentially use this issue to cause a crash.
    • Debian Security Advisory 5503-1 Thu, 21 Sep 2023 16:23:34 GMT
      Debian Linux Security Advisory 5503-1 - Multiple security issues were discovered in Netatalk, an implementation of the Apple Filing Protocol (AFP) for offering file service (mainly) to macOS clients, which may result in the execution of arbitrary code or information disclosure.
    • Red Hat Security Advisory 2023-5309-01 Thu, 21 Sep 2023 16:23:21 GMT
      Red Hat Security Advisory 2023-5309-01 - The libwebp packages provide a library and tools for the WebP graphics format. WebP is an image format with a lossy compression of digital photographic images. WebP consists of a codec based on the VP8 format, and a container based on the Resource Interchange File Format. Webmasters, web developers and browser developers can use WebP to compress, archive, and distribute digital images more efficiently. Issues addressed include a buffer overflow vulnerability.
    • Ubuntu Security Notice USN-6391-2 Thu, 21 Sep 2023 16:20:39 GMT
      Ubuntu Security Notice 6391-2 - USN-6391-1 fixed a vulnerability in CUPS. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that CUPS incorrectly parsed certain Postscript objects. If a user or automated system were tricked into printing a specially crafted document, a remote attacker could use this issue to cause CUPS to crash, resulting in a denial of service, or possibly execute arbitrary code.
    • Ubuntu Security Notice USN-6392-1 Thu, 21 Sep 2023 16:20:23 GMT
      Ubuntu Security Notice 6392-1 - It was discovered that libppd incorrectly parsed certain Postscript objects. If a user or automated system were tricked into printing a specially crafted document, a remote attacker could use this issue to cause libppd to crash, resulting in a denial of service, or possibly execute arbitrary code.
    • Red Hat Security Advisory 2023-5314-01 Thu, 21 Sep 2023 16:20:10 GMT
      Red Hat Security Advisory 2023-5314-01 - OpenShift API for Data Protection enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes. Issues addressed include a denial of service vulnerability.
    • Ubuntu Security Notice USN-6391-1 Thu, 21 Sep 2023 16:18:48 GMT
      Ubuntu Security Notice 6391-1 - It was discovered that CUPS incorrectly parsed certain Postscript objects. If a user or automated system were tricked into printing a specially crafted document, a remote attacker could use this issue to cause CUPS to crash, resulting in a denial of service, or possibly execute arbitrary code.
    • Ubuntu Security Notice USN-6390-1 Thu, 21 Sep 2023 16:18:32 GMT
      Ubuntu Security Notice 6390-1 - It was discovered that Bind incorrectly handled certain control channel messages. A remote attacker with access to the control channel could possibly use this issue to cause Bind to crash, resulting in a denial of service. Robert Story discovered that Bind incorrectly handled certain DNS-over-TLS queries. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04.
    • Red Hat Security Advisory 2023-5313-01 Thu, 21 Sep 2023 16:18:22 GMT
      Red Hat Security Advisory 2023-5313-01 - The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines. Issues addressed include a bypass vulnerability.
    • Red Hat Security Advisory 2023-5312-01 Thu, 21 Sep 2023 16:18:09 GMT
      Red Hat Security Advisory 2023-5312-01 - The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines. Issues addressed include a bypass vulnerability.