Ubuntu Security Notice 5836-1 - It was discovered that Vim was not properly performing memory management operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code.
695585aeade2a3c26904b99549588433713177c334b05ed806179ae8d4af1b8f
Red Hat Security Advisory 2023-0553-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.9 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include code execution, cross site scripting, denial of service, deserialization, memory exhaustion, and server-side request forgery vulnerabilities.
b1c38f65bae3193ed8c668b2bae1cee800e1ccc28c19fe1cdfede86f7cf64425
Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
59bfd1bf5d9c1596226fa4815bf76643ce59698866c107a26269c481f125c4d7
Red Hat Security Advisory 2023-0552-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.9 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include code execution, cross site scripting, denial of service, deserialization, memory exhaustion, and server-side request forgery vulnerabilities.
006e90c63a69c501c16f89812a5a1aaf7502785b6b055395eb2ad74a1842941e
Control Web Panel versions prior to 0.9.8.1147 are vulnerable to unauthenticated OS command injection. Successful exploitation results in code execution as the root user. The results of the command are not contained within the HTTP response and the request will block while the command is running.
00cb85e5ab25f2d5091aa8c72d9d5252d08919dce9dbd37743bea7469e5dbc51
Red Hat Security Advisory 2023-0554-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.9 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include code execution, cross site scripting, denial of service, deserialization, memory exhaustion, and server-side request forgery vulnerabilities.
e90ca13f238e697d7a29099622998f986479754c0835d83a15b54b13aa1987a6
Some Hikvision Hybrid SAN products were vulnerable to multiple remote code execution (command injection) vulnerabilities, including reflected cross site scripting, Ruby code injection, classic and blind SQL injection resulting in remote code execution that allows an adversary to execute arbitrary operating system commands and more. However, an adversary must be on the same network to leverage this vulnerability to execute arbitrary commands.
9ef9e4e937841d3becdae9ba498b3199c7ac7dfcaea39831e8e5a468cd2d8f10
Red Hat Security Advisory 2023-0556-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.9 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include code execution, cross site scripting, denial of service, deserialization, memory exhaustion, and server-side request forgery vulnerabilities.
fdd1e59f82d92219da0e2d2df0b897f5c18f334dce9ba31e6253e2a5b32a8562
Ubuntu Security Notice 5834-1 - It was discovered that the Apache HTTP Server mod_dav module did not properly handle specially crafted request headers. A remote attacker could possibly use this issue to cause the process to crash, leading to a denial of service. It was discovered that the Apache HTTP Server mod_proxy_ajp module did not properly handle certain invalid Transfer-Encoding headers. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack.
6efee65211f04fee00bb50c4c029fc349fc21db0290cb03b636a2739c23b1a93
PHPJabbers Business Directory Script version 3.2 suffers from a cross site scripting vulnerability.
d2557e411d456bd34555a2aacdc580e243ce6132afdd23ed9686aef6b539969e
PHPJabbers Auto Classifieds Script version 3.2 suffers from a cross site scripting vulnerability.
a763dffdb3d9d66af1165c31dde196ceb865df88853aef37d01989c9d9427a14
Ubuntu Security Notice 5835-3 - Guillaume Espanel, Pierre Libeau, Arnaud Morin, and Damien Rannou discovered that Nova incorrectly handled VMDK image processing. An authenticated attacker could possibly supply a specially crafted VMDK flat image and obtain arbitrary files from the server containing sensitive information.
4f0a5499385b4c636708b12bdb6f9102c53b1da14fe9a66a60cebc7215b1cfbe
Ubuntu Security Notice 5835-2 - Guillaume Espanel, Pierre Libeau, Arnaud Morin, and Damien Rannou discovered that OpenStack Glance incorrectly handled VMDK image processing. An authenticated attacker could possibly supply a specially crafted VMDK flat image and obtain arbitrary files from the server containing sensitive information.
3fb505612e419d1d2c3f5347e187d7b947f82bc4c448a5a408057987d90c1572
Ubuntu Security Notice 5835-1 - Guillaume Espanel, Pierre Libeau, Arnaud Morin, and Damien Rannou discovered that Cinder incorrectly handled VMDK image processing. An authenticated attacker could possibly supply a specially crafted VMDK flat image and obtain arbitrary files from the server containing sensitive information.
c3b02490c9fb9598caf6f78dca5d1608afdcf55d22ee7f8ae3e403ca232a9dcc
Ubuntu Security Notice 5833-1 - Sebastian Chnelik discovered that python-future incorrectly handled certain HTTP header field. An attacker could possibly use this issue to cause a denial of service.
d15cff8644784b9d4f12f574dd93984e0f0dfda35c43880b6bf30496f902b79a
Red Hat Security Advisory 2023-0450-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
5e212f18292d3e78f7516c35b21d43f5b53af9868c7ebd29964a4998efdd91d5
Red Hat Security Advisory 2023-0540-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation. This advisory covers the RPM packages for the release.
6001920729dfec97e09573596dcfdc19ebe283e4ce407c42db318b7fc731ebcf
Red Hat Security Advisory 2023-0449-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.1.
726bfc58a7a038280d33e55d6dea407a146da9de969fa7c9460e4ae98e1bbea7
Red Hat Security Advisory 2023-0542-01 - Red Hat OpenShift Service Mesh is the Red Hat distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers container images for the release. Issues addressed include denial of service and spoofing vulnerabilities.
d0ec81ac694e922500234d90eb37e90222ddaf5b72118f0b1c21008e8f27c7e2
Red Hat Security Advisory 2023-0544-01 - This patch, Camel for Spring Boot 3.14.5 Patch 1, serves as a replacement for the previous release of Camel for Spring Boot 3.14.5 and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References. This release of Camel for Spring Boot includes CXF artifacts that were missing from the previous 3.14.5 release. Issues addressed include a server-side request forgery vulnerability.
489c108fec329cf77b35d28d1f85ba5d1b39602e1324910c726cb4f3b1be1bfc
Ubuntu Security Notice 5832-1 - Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
b242d051794285ce6fb5ea0e2560337d6d70a05108712a3794e5a8724e9960af
Red Hat Security Advisory 2023-0530-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.
d37ea6e81a72b1990d52094b2bb32d87c8b89b8b020202307951c1b7d7acaf2b
Red Hat Security Advisory 2023-0536-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
db3cdec09f4fa18614ad2c2f7b915eebef7167898fe789825310fcf2d185841a
Red Hat Security Advisory 2023-0526-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
a38173ffd4c1a32200dc9063832772ab2a903e6b329d709b48733bc7df9b1460
Red Hat Security Advisory 2023-0499-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
cafa34e9b6e6e20e9552a755d2013ce9af4b6ec3fae928e0d9abcbb8e4ef86b0