Security Pop Quiz! q267.mp3

News

Packet Storm Security

Security Affairs Looking Glass Cyber
    securingtomorrow.mcafee.com
      Quick Heal Threat Post Naked Security ESET CIS Malware Patrol SecList MySonicWall

      Critical Infrastructure

      Case Studies

      Tools

      Exploits

      Last 20 Website Defacements - Zone-h

        Press Play to hear the answer!

        Advisories

        • Ubuntu Security Notice USN-6393-1 Thu, 21 Sep 2023 16:23:50 GMT
          Ubuntu Security Notice 6393-1 - It was discovered that ImageMagick did not properly handle memory when processing the -help option. An attacker could potentially use this issue to cause a crash.
        • Debian Security Advisory 5503-1 Thu, 21 Sep 2023 16:23:34 GMT
          Debian Linux Security Advisory 5503-1 - Multiple security issues were discovered in Netatalk, an implementation of the Apple Filing Protocol (AFP) for offering file service (mainly) to macOS clients, which may result in the execution of arbitrary code or information disclosure.
        • Red Hat Security Advisory 2023-5309-01 Thu, 21 Sep 2023 16:23:21 GMT
          Red Hat Security Advisory 2023-5309-01 - The libwebp packages provide a library and tools for the WebP graphics format. WebP is an image format with a lossy compression of digital photographic images. WebP consists of a codec based on the VP8 format, and a container based on the Resource Interchange File Format. Webmasters, web developers and browser developers can use WebP to compress, archive, and distribute digital images more efficiently. Issues addressed include a buffer overflow vulnerability.
        • Ubuntu Security Notice USN-6391-2 Thu, 21 Sep 2023 16:20:39 GMT
          Ubuntu Security Notice 6391-2 - USN-6391-1 fixed a vulnerability in CUPS. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that CUPS incorrectly parsed certain Postscript objects. If a user or automated system were tricked into printing a specially crafted document, a remote attacker could use this issue to cause CUPS to crash, resulting in a denial of service, or possibly execute arbitrary code.
        • Ubuntu Security Notice USN-6392-1 Thu, 21 Sep 2023 16:20:23 GMT
          Ubuntu Security Notice 6392-1 - It was discovered that libppd incorrectly parsed certain Postscript objects. If a user or automated system were tricked into printing a specially crafted document, a remote attacker could use this issue to cause libppd to crash, resulting in a denial of service, or possibly execute arbitrary code.
        • Red Hat Security Advisory 2023-5314-01 Thu, 21 Sep 2023 16:20:10 GMT
          Red Hat Security Advisory 2023-5314-01 - OpenShift API for Data Protection enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes. Issues addressed include a denial of service vulnerability.
        • Ubuntu Security Notice USN-6391-1 Thu, 21 Sep 2023 16:18:48 GMT
          Ubuntu Security Notice 6391-1 - It was discovered that CUPS incorrectly parsed certain Postscript objects. If a user or automated system were tricked into printing a specially crafted document, a remote attacker could use this issue to cause CUPS to crash, resulting in a denial of service, or possibly execute arbitrary code.
        • Ubuntu Security Notice USN-6390-1 Thu, 21 Sep 2023 16:18:32 GMT
          Ubuntu Security Notice 6390-1 - It was discovered that Bind incorrectly handled certain control channel messages. A remote attacker with access to the control channel could possibly use this issue to cause Bind to crash, resulting in a denial of service. Robert Story discovered that Bind incorrectly handled certain DNS-over-TLS queries. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04.
        • Red Hat Security Advisory 2023-5313-01 Thu, 21 Sep 2023 16:18:22 GMT
          Red Hat Security Advisory 2023-5313-01 - The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines. Issues addressed include a bypass vulnerability.
        • Red Hat Security Advisory 2023-5312-01 Thu, 21 Sep 2023 16:18:09 GMT
          Red Hat Security Advisory 2023-5312-01 - The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines. Issues addressed include a bypass vulnerability.
        • Red Hat Security Advisory 2023-5095-01 Thu, 21 Sep 2023 16:05:38 GMT
          Red Hat Security Advisory 2023-5095-01 - Logging Subsystem 5.6.11 - Red Hat OpenShift. Red Hat Product Security has rated this update as having a security impact of Moderate.
        • Red Hat Security Advisory 2023-5096-01 Wed, 20 Sep 2023 15:29:00 GMT
          Red Hat Security Advisory 2023-5096-01 - Logging Subsystem 5.5.16 - Red Hat OpenShift security update. Red Hat Product Security has rated this update as having a security impact of Moderate.
        • Ubuntu Security Notice USN-6389-1 Wed, 20 Sep 2023 15:27:06 GMT
          Ubuntu Security Notice 6389-1 - It was discovered that Indent incorrectly handled parsing certain source files. If a user or automated system were tricked into processing a specially crafted source file, a remote attacker could use this issue to cause Indent to crash, resulting in a denial of service, or possibly execute arbitrary code.
        • Red Hat Security Advisory 2023-5310-01 Wed, 20 Sep 2023 15:26:52 GMT
          Red Hat Security Advisory 2023-5310-01 - A security update for Camel Extensions for Quarkus 2.13.3 is now available. The purpose of this text-only errata is to inform you about the security issues fixed. Issues addressed include a bypass vulnerability.
        • Ubuntu Security Notice USN-6386-1 Wed, 20 Sep 2023 15:26:38 GMT
          Ubuntu Security Notice 6386-1 - Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle L2CAP socket release, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
        • Ubuntu Security Notice USN-6387-1 Wed, 20 Sep 2023 15:26:18 GMT
          Ubuntu Security Notice 6387-1 - Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle L2CAP socket release, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
        • Ubuntu Security Notice USN-6388-1 Wed, 20 Sep 2023 15:25:39 GMT
          Ubuntu Security Notice 6388-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Yang Lan discovered that the GFS2 file system implementation in the Linux kernel could attempt to dereference a null pointer in some situations. An attacker could use this to construct a malicious GFS2 image that, when mounted and operated on, could cause a denial of service.
        • Ubuntu Security Notice USN-6385-1 Wed, 20 Sep 2023 15:25:15 GMT
          Ubuntu Security Notice 6385-1 - It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. William Zhao discovered that the Traffic Control subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service.
        • Ubuntu Security Notice USN-6384-1 Wed, 20 Sep 2023 15:24:54 GMT
          Ubuntu Security Notice 6384-1 - Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. Lonial Con discovered that the netfilter subsystem in the Linux kernel contained a memory leak when handling certain element flush operations. A local attacker could use this to expose sensitive information.
        • Ubuntu Security Notice USN-6382-1 Wed, 20 Sep 2023 15:24:28 GMT
          Ubuntu Security Notice 6382-1 - It was discovered that Memcached incorrectly handled certain multi-packet uploads in UDP. An attacker could possibly use this issue to cause a denial of service.
        • Red Hat Security Advisory 2023-5233-01 Wed, 20 Sep 2023 15:24:21 GMT
          Red Hat Security Advisory 2023-5233-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.13.4 images.
        • Red Hat Security Advisory 2023-5239-01 Wed, 20 Sep 2023 15:24:12 GMT
          Red Hat Security Advisory 2023-5239-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include buffer overflow, code execution, and denial of service vulnerabilities.
        • Red Hat Security Advisory 2023-5235-01 Wed, 20 Sep 2023 15:24:06 GMT
          Red Hat Security Advisory 2023-5235-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.
        • Red Hat Security Advisory 2023-5264-01 Wed, 20 Sep 2023 15:23:59 GMT
          Red Hat Security Advisory 2023-5264-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include buffer overflow, code execution, and denial of service vulnerabilities.
        • Red Hat Security Advisory 2023-5238-01 Wed, 20 Sep 2023 15:23:32 GMT
          Red Hat Security Advisory 2023-5238-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.