Critical Infrastructure

SecList ICS

Security Magazine

Case Studies

News

Exploits

Last 20 Website Defacements - Zone-h

Advisories

  • Red Hat Security Advisory 2023-1392-01 Wed, 29 Mar 2023 10:16:39 GMT
    Red Hat Security Advisory 2023-1392-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.55.
  • Red Hat Security Advisory 2023-1393-01 Wed, 29 Mar 2023 10:16:19 GMT
    Red Hat Security Advisory 2023-1393-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.55.
  • Ubuntu Security Notice USN-5981-1 Wed, 29 Mar 2023 10:16:09 GMT
    Ubuntu Security Notice 5981-1 - It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service. It was discovered that a use-after-free vulnerability existed in the SGI GRU driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service or possibly execute arbitrary code.
  • Ubuntu Security Notice USN-5982-1 Wed, 29 Mar 2023 10:15:54 GMT
    Ubuntu Security Notice 5982-1 - It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs. It was discovered that a use-after-free vulnerability existed in the SGI GRU driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service or possibly execute arbitrary code.
  • Ubuntu Security Notice USN-5980-1 Wed, 29 Mar 2023 10:15:31 GMT
    Ubuntu Security Notice 5980-1 - It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service. It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs.
  • Ubuntu Security Notice USN-5686-4 Wed, 29 Mar 2023 10:13:26 GMT
    Ubuntu Security Notice 5686-4 - USN-5686-1 fixed several vulnerabilities in Git. This update provides the corresponding fix for CVE-2022-39253 on Ubuntu 16.04 ESM. Cory Snider discovered that Git incorrectly handled certain symbolic links. An attacker could possibly use this issue to cause an unexpected behaviour.
  • Ubuntu Security Notice USN-5979-1 Wed, 29 Mar 2023 10:13:10 GMT
    Ubuntu Security Notice 5979-1 - It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs. It was discovered that a race condition existed in the Xen network backend driver in the Linux kernel when handling dropped packets in certain circumstances. An attacker could use this to cause a denial of service.
  • Debian Security Advisory 5379-1 Tue, 28 Mar 2023 15:19:55 GMT
    Debian Linux Security Advisory 5379-1 - Kim Alvefur discovered that insufficient message sender validation in dino-im, a modern XMPP/Jabber client, may result in manipulation of entries in the personal bookmark store without user interaction via a specially crafted message. Additionally an attacker can take advantage of this flaw to change how group chats are displayed or force a user to join or leave an attacker-selected groupchat.
  • Ubuntu Security Notice USN-5978-1 Tue, 28 Mar 2023 15:16:58 GMT
    Ubuntu Security Notice 5978-1 - It was discovered that the network queuing discipline implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs.
  • Apple Security Advisory 2023-03-27-9 Tue, 28 Mar 2023 15:12:10 GMT
    Apple Security Advisory 2023-03-27-9 - Studio Display Firmware Update 16.4 addresses a code execution vulnerability.
  • Red Hat Security Advisory 2023-1486-01 Tue, 28 Mar 2023 15:11:53 GMT
    Red Hat Security Advisory 2023-1486-01 - Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP request smuggling, code execution, and denial of service vulnerabilities.
  • Red Hat Security Advisory 2023-1409-01 Tue, 28 Mar 2023 15:08:11 GMT
    Red Hat Security Advisory 2023-1409-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.9.
  • Apple Security Advisory 2023-03-27-8 Tue, 28 Mar 2023 15:07:53 GMT
    Apple Security Advisory 2023-03-27-8 - Safari 16.4 addresses bypass vulnerabilities.
  • Apple Security Advisory 2023-03-27-7 Tue, 28 Mar 2023 15:01:41 GMT
    Apple Security Advisory 2023-03-27-7 - watchOS 9.4 addresses bypass, code execution, integer overflow, out of bounds read, and use-after-free vulnerabilities.
  • Apple Security Advisory 2023-03-27-6 Tue, 28 Mar 2023 15:01:17 GMT
    Apple Security Advisory 2023-03-27-6 - tvOS 16.4 addresses bypass, code execution, integer overflow, out of bounds read, and use-after-free vulnerabilities.
  • Ubuntu Security Notice USN-5977-1 Tue, 28 Mar 2023 14:59:15 GMT
    Ubuntu Security Notice 5977-1 - It was discovered that the network queuing discipline implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs.
  • Apple Security Advisory 2023-03-27-5 Tue, 28 Mar 2023 14:57:46 GMT
    Apple Security Advisory 2023-03-27-5 - macOS Big Sur 11.7.5 addresses bypass, code execution, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
  • Ubuntu Security Notice USN-5976-1 Tue, 28 Mar 2023 14:46:20 GMT
    Ubuntu Security Notice 5976-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs.
  • Apple Security Advisory 2023-03-27-4 Tue, 28 Mar 2023 14:41:46 GMT
    Apple Security Advisory 2023-03-27-4 - macOS Monterey 12.6.4 addresses bypass, code execution, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
  • Red Hat Security Advisory 2023-1479-01 Tue, 28 Mar 2023 14:41:26 GMT
    Red Hat Security Advisory 2023-1479-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.9.0 ESR.
  • Apple Security Advisory 2023-03-27-3 Tue, 28 Mar 2023 14:39:03 GMT
    Apple Security Advisory 2023-03-27-3 - macOS Ventura 13.3 addresses buffer overflow, bypass, code execution, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
  • Apple Security Advisory 2023-03-27-2 Tue, 28 Mar 2023 14:36:32 GMT
    Apple Security Advisory 2023-03-27-2 - iOS 15.7.4 and iPadOS 15.7.4 addresses code execution, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
  • Ubuntu Security Notice USN-5975-1 Tue, 28 Mar 2023 14:36:07 GMT
    Ubuntu Security Notice 5975-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service.
  • Ubuntu Security Notice USN-5974-1 Tue, 28 Mar 2023 14:33:13 GMT
    Ubuntu Security Notice 5974-1 - It was discovered that GraphicsMagick was not properly performing bounds checks when processing TGA image files, which could lead to a heap buffer overflow. If a user or automated system were tricked into processing a specially crafted TGA image file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that GraphicsMagick was not properly validating bits per pixel data when processing DIB image files. If a user or automated system were tricked into processing a specially crafted DIB image file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
  • Red Hat Security Advisory 2023-1408-01 Tue, 28 Mar 2023 14:31:48 GMT
    Red Hat Security Advisory 2023-1408-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.12.9. Issues addressed include an out of bounds read vulnerability.