Red Hat Security Advisory 2024-2672-03 - Red Hat OpenShift Container Platform release 4.14.24 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include code execution and denial of service vulnerabilities.
5fa8457a19b5b243128fcb9743bf261c483b823073a0aa4ec2490d15f36b6ddc
Red Hat Security Advisory 2024-2671-03 - Red Hat build of MicroShift release 4.14.24 is now available with updates to packages and images that fix several bugs. Issues addressed include a denial of service vulnerability.
f9b1c9755123a9386ffae9979f9008b7d0e9bd3ffc22bc7048e9d16b1002cef8
Red Hat Security Advisory 2024-2669-03 - Red Hat OpenShift Container Platform release 4.15.12 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a code execution vulnerability.
ce85abc8301a0b2ee381b9b111a9cdcb5fc16cbeb823dc4ca6a996a4f5d1f0d3
Red Hat Security Advisory 2024-2668-03 - Red Hat OpenShift Container Platform release 4.14.24 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.
d5f428537221e62d3d650d0f8c2479aec72d684d2d877cbfc3194e504613303b
Red Hat Security Advisory 2024-2667-03 - Red Hat build of MicroShift release 4.15.12 is now available with updates to packages and images that include a security update.
98b5d207f7c39e2028391a82ecabfeec21dbba051445808302de34547798e61d
Red Hat Security Advisory 2024-2666-03 - Red Hat OpenShift Container Platform release 4.14.24 is now available with updates to packages and images that fix several bugs.
9d512b27e95a2839adf3d29f7257ff3e047f9aa0776faca6349b1a779c583cda
Red Hat Security Advisory 2024-2664-03 - Red Hat OpenShift Container Platform release 4.15.12 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.
93de817f473214e77882293747f302b7ea59170cb97f70fee297cd46bcfb98bc
Openmediavault versions prior to 7.0.32 have a vulnerability that occurs when users in the web-admin group enter commands on the crontab by selecting the root shell. As a result of exploiting the vulnerability, authenticated web-admin users can run commands with root privileges and receive reverse shell connections.
f54e108c3e072e69c000f9759d386e86aae92493e17fbe4348a5bdd7b5278328
RIOT versions 2024.01 and below suffers from multiple buffer overflows, ineffective size checks, and out-of-bounds memory access vulnerabilities.
43c245ca872e84173b6225084f324209f789f4e49b0b9c392d621feab1e1de58
I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.
4bc7e59ee0036389a0f76fc76b2303eeae62bf6eaaf608c9939226febf9ddeae
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. This is the cross platform package.
05d3932a1affb0ab7987664677134709982ca3837a0b0f0e16f9aeb391933341
AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.
16662dc632d17e2c5630b801752f97912a8e22697c065ebde175f1cc37b83a60
The Security Explorations team has come up with two attack scenarios that make it possible to extract private ECC keys used by a PlayReady client (Windows SW DRM scenario) for the communication with a license server and identity purposes. Proof of concept included.
c2dc2010ee36581d568d891c24ac2a0dfd8b8a87de8de3d72f1072bb1e38964a
Panel Amadey.d.c malware suffers from cross site scripting vulnerabilities.
56d2e699a952bda76c68e9e01f6c3048db2c4af020ac1ac6adda3f4b9c409042
Clinic Queuing System version 1.0 suffers from a remote code execution vulnerability.
23c5d126d6744f4ca5ca7cb92f2a3a88c17df81ab9f24fd93329abb2706e0378
Debian Linux Security Advisory 5686-1 - Nick Galloway discovered an integer overflow in dav1d, a fast and small AV1 video stream decoder which could result in memory corruption.
1d54a90fb87cd4c748525d19d9c51c2c51fc01f301f39ff1f96aba4e73e5a21f
Ubuntu Security Notice 6768-1 - Alicia Boya GarcĂa discovered that GLib incorrectly handled signal subscriptions. A local attacker could use this issue to spoof D-Bus signals resulting in a variety of impacts including possible privilege escalation.
9d6cc5a1b7b13b05e7ee4c7c57c70d75adbdb3c986b39b86b881073bb5cc4413
Debian Linux Security Advisory 5684-1 - The following vulnerabilities have been discovered in the WebKitGTK web engine. Kacper Kwapisz discovered that visiting a malicious website may lead to address bar spoofing. Nan Wang and Rushikesh Nandedkar discovered that processing maliciously crafted web content may lead to arbitrary code execution. SungKwon Lee discovered that processing web content may lead to a denial-of-service. Various other issues were also addressed.
6e9bc12028378c36947c0cc1d5a1b5f2cd1a6e3c69e4d33ee6a4c62e19d93ae3
Debian Linux Security Advisory 5682-2 - The update for glib2.0 released as DSA 5682-1 caused a regression in ibus affecting text entry with non-trivial input methods. Updated glib2.0 packages are available to correct this issue.
77333f6bc4c30f5e80c43b9d37869eda5b471ffea3c144e29bd56e485f4edf6b
Debian Linux Security Advisory 5685-1 - Several security vulnerabilities have been discovered in Wordpress, a popular content management framework, which may lead to exposure of sensitive information to an unauthorized actor in WordPress or allowing unauthenticated attackers to discern the email addresses of users who have published public posts on an affected website via an Oracle style attack.
ad8b64e2ba526ad865543abe9892e49e02b0997f620bdfe4b1a9169d4c45e33c
Debian Linux Security Advisory 5683-1 - Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
1e13bcfc9f75d691cae68258fef1e827898a71cb8c7a2d77cad66b75bfcd4bb2
Gentoo Linux Security Advisory 202405-29 - Multiple vulnerabilities have been discovered in Node.js. Versions greater than or equal to 16.20.2 are affected.
896f93d8be3fd63618f8c7828d363945d93c89399750559db27ad47c3598d38a
Gentoo Linux Security Advisory 202405-28 - Multiple vulnerabilities have been discovered in NVIDIA Drivers, the worst of which could result in root privilege escalation. Versions greater than or equal to 470.223.02 are affected.
4d1b35515c6ffab8d4f949193b102ed87d31b8db5b0343e6731e457ac07224aa
Gentoo Linux Security Advisory 202405-27 - A vulnerability has been discovered in Epiphany, which can lead to a buffer overflow. Versions greater than or equal to 42.4 are affected.
ea521ba9991bcd86765824e3a1beb74e67842c421b78985dbfe132d5dc3e8221
Gentoo Linux Security Advisory 202405-26 - Multiple vulnerabilities have been discovered in qtsvg, the worst of which could lead to a denial of service. Versions greater than or equal to 5.15.9-r1 are affected.
67dda3b3bd74c411362c0a504b1a94b2cdf9cdf31b0fff8a8d74b6c3887016b3