Critical Infrastructure

SecList ICS

Security Magazine

Case Studies

News

Exploits

Last 20 Website Defacements - Zone-h

Advisories

  • Ubuntu Security Notice USN-5432-1 Mon, 23 May 2022 14:24:19 GMT
    Ubuntu Security Notice 5432-1 - It was discovered that libpng incorrectly handled memory when parsing certain PNG files. If a user or automated system were tricked into opening a specially crafted PNG file, an attacker could use this issue to cause libpng to crash, resulting in a denial of service, or possible execute arbitrary code. Zhengxiong Luo discovered that libpng incorrectly handled memory when parsing certain PNG files. If a user or automated system were tricked into opening a specially crafted PNG file, an attacker could use this issue to cause libpng to crash, resulting in a denial of service, or possible execute arbitrary code.
  • Ubuntu Security Notice USN-5424-2 Fri, 20 May 2022 15:31:21 GMT
    Ubuntu Security Notice 5424-2 - USN-5424-1 fixed a vulnerability in OpenLDAP. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that OpenLDAP incorrectly handled certain SQL statements within LDAP queries in the experimental back-sql backend. A remote attacker could possibly use this issue to perform an SQL injection attack and alter the database.
  • Red Hat Security Advisory 2022-4668-01 Thu, 19 May 2022 15:53:21 GMT
    Red Hat Security Advisory 2022-4668-01 - Red Hat OpenShift Virtualization release 4.10.1 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.
  • Red Hat Security Advisory 2022-4690-01 Thu, 19 May 2022 15:53:12 GMT
    Red Hat Security Advisory 2022-4690-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include a spoofing vulnerability.
  • Red Hat Security Advisory 2022-4692-01 Thu, 19 May 2022 15:53:03 GMT
    Red Hat Security Advisory 2022-4692-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include a spoofing vulnerability.
  • Red Hat Security Advisory 2022-4691-01 Thu, 19 May 2022 15:52:51 GMT
    Red Hat Security Advisory 2022-4691-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include a spoofing vulnerability.
  • Red Hat Security Advisory 2022-4623-01 Thu, 19 May 2022 15:52:41 GMT
    Red Hat Security Advisory 2022-4623-01 - This release of Red Hat build of Quarkus 2.7.5 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section. Issues addressed include HTTP request smuggling, cross site scripting, denial of service, information leakage, and privilege escalation vulnerabilities.
  • Red Hat Security Advisory 2022-4644-01 Thu, 19 May 2022 15:52:32 GMT
    Red Hat Security Advisory 2022-4644-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a privilege escalation vulnerability.
  • Red Hat Security Advisory 2022-2205-01 Thu, 19 May 2022 15:52:21 GMT
    Red Hat Security Advisory 2022-2205-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.9.33. Issues addressed include a cross site scripting vulnerability.
  • Red Hat Security Advisory 2022-4661-01 Thu, 19 May 2022 15:52:09 GMT
    Red Hat Security Advisory 2022-4661-01 - The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Issues addressed include a traversal vulnerability.
  • Red Hat Security Advisory 2022-4655-01 Thu, 19 May 2022 15:52:01 GMT
    Red Hat Security Advisory 2022-4655-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a privilege escalation vulnerability.
  • Red Hat Security Advisory 2022-4642-01 Thu, 19 May 2022 15:51:52 GMT
    Red Hat Security Advisory 2022-4642-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include null pointer and privilege escalation vulnerabilities.
  • Red Hat Security Advisory 2022-4667-01 Thu, 19 May 2022 15:51:44 GMT
    Red Hat Security Advisory 2022-4667-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.10.1 RPMs. Issues addressed include a denial of service vulnerability.
  • Red Hat Security Advisory 2022-4651-01 Thu, 19 May 2022 15:51:29 GMT
    Red Hat Security Advisory 2022-4651-01 - The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Issues addressed include a privilege escalation vulnerability.
  • Ubuntu Security Notice USN-5429-1 Thu, 19 May 2022 15:51:19 GMT
    Ubuntu Security Notice 5429-1 - Thomas Amgarten discovered that Bind incorrectly handled certain TLS connections being destroyed. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service.
  • Ubuntu Security Notice USN-5430-1 Thu, 19 May 2022 15:51:11 GMT
    Ubuntu Security Notice 5430-1 - It was discovered that GNOME Settings incorrectly handled the remote desktop sharing configuration. When turning off desktop sharing, it may be turned on again after rebooting, contrary to expectations.
  • Ubuntu Security Notice USN-5428-1 Wed, 18 May 2022 16:36:48 GMT
    Ubuntu Security Notice 5428-1 - Tobias Stoeckmann discovered that libXrandr incorrectly handled certain responses. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code.
  • Ubuntu Security Notice USN-5423-2 Wed, 18 May 2022 16:36:26 GMT
    Ubuntu Security Notice 5423-2 - USN-5423-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM. Michał Dardas discovered that ClamAV incorrectly handled parsing CHM files. A remote attacker could possibly use this issue to cause ClamAV to stop responding, resulting in a denial of service.
  • Jupiter / JupiterX Theme Privilege Escalation / LFI / DoS / Access Control Issues Wed, 18 May 2022 16:30:22 GMT
    Jupiter Theme versions 6.10.1 and below as well as JupiterX Core plugin versions 2.0.7 and below suffer from privilege escalation and post deletion vulnerabilities. JupiterX Theme versions 2.0.6 and below as well as JupiterX Core versions 2.0.6 and below suffer from plugin deactivation and setting modification flaws. JupiterX Theme versions 2.0.6 and below as well as Jupiter Theme versions 6.10.1 and below suffer from path traversal and local file inclusion vulnerabilities. Jupiter Theme versions 6.10.1 and below suffer from an arbitrary plugin deletion vulnerability. JupiterX Core plugin versions 2.0.6 and below suffer from information disclosure, modification, and denial of service vulnerabilities.
  • Ubuntu Security Notice USN-5427-1 Tue, 17 May 2022 17:25:51 GMT
    Ubuntu Security Notice 5427-1 - Muqing Liu and neoni discovered that Apport incorrectly handled detecting if an executable was replaced after a crash. A local attacker could possibly use this issue to execute arbitrary code as the root user. Gerrit Venema discovered that Apport incorrectly handled connections to Apport sockets inside containers. A local attacker could possibly use this issue to connect to arbitrary sockets as the root user.
  • Ubuntu Security Notice USN-5426-1 Tue, 17 May 2022 17:25:44 GMT
    Ubuntu Security Notice 5426-1 - Jakub Wilk discovered that needrestart incorrectly used some regular expressions. A local attacker could possibly use this issue to execute arbitrary code.
  • Ubuntu Security Notice USN-5425-1 Tue, 17 May 2022 17:25:20 GMT
    Ubuntu Security Notice 5425-1 - Yunho Kim discovered that PCRE incorrectly handled memory when handling certain regular expressions. An attacker could possibly use this issue to cause applications using PCRE to expose sensitive information. This issue only affects Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 21.10 and Ubuntu 22.04 LTS. It was discovered that PCRE incorrectly handled memory when handling certain regular expressions. An attacker could possibly use this issue to cause applications using PCRE to have unexpected behavior. This issue only affects Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
  • Apple Security Advisory 2022-05-16-8 Tue, 17 May 2022 17:18:31 GMT
    Apple Security Advisory 2022-05-16-8 - Xcode 13.4 addresses a logic issue and a privilege escalation issue.
  • Ubuntu Security Notice USN-5424-1 Tue, 17 May 2022 17:14:57 GMT
    Ubuntu Security Notice 5424-1 - It was discovered that OpenLDAP incorrectly handled certain SQL statements within LDAP queries in the experimental back-sql backend. A remote attacker could possibly use this issue to perform an SQL injection attack and alter the database.
  • Ubuntu Security Notice USN-5423-1 Tue, 17 May 2022 17:12:26 GMT
    Ubuntu Security Notice 5423-1 - Michał Dardas discovered that ClamAV incorrectly handled parsing CHM files. A remote attacker could possibly use this issue to cause ClamAV to stop responding, resulting in a denial of service. Michał Dardas discovered that ClamAV incorrectly handled parsing TIFF files. A remote attacker could possibly use this issue to cause ClamAV to stop responding, resulting in a denial of service. Michał Dardas discovered that ClamAV incorrectly handled parsing HTML files. A remote attacker could possibly use this issue to cause ClamAV to consume resources, resulting in a denial of service.