VMware Workspace ONE Access contains a vulnerability whereby the horizon user can escalate their privileges to those of the root user by modifying a file and then restarting the vmware-certproxy service which invokes it. The service control is permitted via the sudo configuration without a password.
84c0696cc53d2e4bd749c04b694cbb8ae3676b266a9d0e92ecb77d88dc2558c3The WebGL implementation for setting uniform values with an ArrayBuffer argument do not properly handle large buffer sizes. As WASM now allows allocating large ArrayBuffers, this can lead to buffer overflows when writing to the GPU command buffer.
0bdf6d06a281ed2823e5f46ea472615509e7f1f676d5bd3238d8cfd3b783d262Gentoo Linux Security Advisory 202208-1 - A vulnerability in lib3mf could lead to remote code execution. Versions less than 2.1.1 are affected.
fc6389bd2feac72adae0eb488ca83448d6ad549d5bacaa27328875ae4cad563aGentoo Linux Security Advisory 202208-5 - Multiple vulnerabilities have been found in Icinga Web 2, the worst of which could result in remote code execution. Versions less than 2.9.6 are affected.
4a08c63afff8eb3bfdc8a00c4537380ca8e077d51e8edd3dcfc94e6d3eee8b15Gentoo Linux Security Advisory 202208-4 - Multiple vulnerabilities in libmcpp could result in a denial of service condition. Versions less than 2.7.2_p5 are affected.
a088924d64099367a873b4e034c237994ae034fe332c657784b74b7276c56e47Gentoo Linux Security Advisory 202208-3 - A vulnerability in Babel could result in remote code execution. Versions less than 2.9.1 are affected.
e70e2fa5fd8c9e60d94d64c386d341ca0857cec1c7c071bd4e918f701c47d519Gentoo Linux Security Advisory 202208-2 - Multiple vulnerabilities have been found in Go, the worst of which could result in remote code execution. Versions less than 1.18.5 are affected.
eabceb4823bcfb7bb993cf3361829f17b94012ebb0f1f7786ada1edb6fe5b395Backdoor.Win32.Jokerdoor malware suffers from a buffer overflow vulnerability.
b1a0f0eda16637855c7124025a9bba474d285060035c7ace064b81d352be6595Red Hat Security Advisory 2022-5904-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include a buffer overflow vulnerability.
db326f586de9b3e575952643fc9db0ee6c0115663e08051da48b5887b68c8ea2Red Hat Security Advisory 2022-5903-01 - Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services. This asynchronous security patch is an update to Red Hat Process Automation Manager 7. Issues addressed include HTTP request smuggling, denial of service, and deserialization vulnerabilities.
64f14a1390aa598b8f7f7082ac1e23e09426694792e54d265ca579256dd960fbRed Hat Security Advisory 2022-5892-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.6 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include a deserialization vulnerability.
0bcee61dfe0ce316be6fa00ab748da7982555563f8a5827a6684f1375b776344Red Hat Security Advisory 2022-5893-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.6 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include a deserialization vulnerability.
759956fa8198b6da0d0e492602418c691f029a866ace132b6dba9c842d49be07Red Hat Security Advisory 2022-5894-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.6 is a first release for Red Hat JBoss Enterprise Application Platform 7.4 on Red Hat Enterprise Linux 9, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.6 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include a deserialization vulnerability.
426a645d2fa0ddc98a75436f88fd9b611293459a951b5c12b1d26e94e2db2da3Ubuntu Security Notice 5547-1 - Le Wu discovered that the NVIDIA graphics drivers did not properly perform input validation in some situations. A local user could use this to cause a denial of service or possibly execute arbitrary code. Tal Lossos discovered that the NVIDIA graphics drivers incorrectly handled certain memory operations, leading to a null-pointer dereference. A local attacker could use this to cause a denial of service. Artem S. Tashkinov discovered that the NVIDIA graphics drivers Dynamic Boost D-Bus component did not properly restrict access to its endpoint. When enabled in non-default configurations, a local attacker could use this to cause a denial of service or possibly execute arbitrary code.
fed8c6912db5c18b18ce002d7aa30fbc1ae00429aec9790f658542e2c6c65b13Red Hat Security Advisory 2022-5766-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.12.0 ESR. Issues addressed include a spoofing vulnerability.
898736458f616f9dbbd52a4ac1cb7254d0443005945620b4101d750af011e51aRed Hat Security Advisory 2022-5778-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.12.0. Issues addressed include a spoofing vulnerability.
701c98d5cba29948aeaa948c1f3e67597f8e4a943f6c261259cda3cb733a4e5fRed Hat Security Advisory 2022-5765-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.12.0 ESR. Issues addressed include a spoofing vulnerability.
1a1903aa4af6b7b38a9e99e8633bd51832ef2f73da6e553cfc2c95dbf6a6fe1bRed Hat Security Advisory 2022-5840-01 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.
42e01a6d5bc88185e1a2422b06a068eb5eb39518221abce55975738768ed0e4aRed Hat Security Advisory 2022-5729-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.25.
9c7c07073163fbbacb1cc6764330d6cf59f2a897acf20e586336301b878cde0cRed Hat Security Advisory 2022-5806-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.
3288e7f1b72cc66b4148dafc16ad6ac715c06167b59e614d3e544dcf846e1254Red Hat Security Advisory 2022-5821-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include buffer overflow, integer overflow, and memory leak vulnerabilities.
b0c9666aad6ba1beeca61ef826a8716bb5430800c2fc2a1e86aa57ed09be8138Red Hat Security Advisory 2022-5730-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.25.
e525d06407e4223a8a0233610319ed4f467126b67fe9026741ae52cbd2b2d4e3Red Hat Security Advisory 2022-5805-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.
8d41a4d578c000f9e6c78fe4ebc616d173e0b7f77bf76539770b6dbfd49d1101Red Hat Security Advisory 2022-5756-01 - The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat build of OpenJDK 11 for Windows serves as a replacement for the Red Hat build of OpenJDK 11 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
f52d40865e6e2b5dc6f79db2e53b46eedf52acbbd8396c1f11dd57f9e5c9be24Red Hat Security Advisory 2022-5809-01 - The pcre2 package contains a new generation of the Perl Compatible Regular Expression libraries for implementing regular expression pattern matching using the same syntax and semantics as Perl. Issues addressed include an out of bounds read vulnerability.
64b425ad6e0c78a1c1ba9124284ad8737404322d84451098989ae4c1b8e87b2c
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed