News

    Exploits

    Last 20 Website Defacements - Zone-h

    Advisories

    • Ubuntu Security Notice USN-4192-1 Thu, 14 Nov 2019 15:57:14 GMT
      Ubuntu Security Notice 4192-1 - It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program.
    • Red Hat Security Advisory 2019-3883-01 Thu, 14 Nov 2019 15:56:37 GMT
      Red Hat Security Advisory 2019-3883-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. An arbitrary kernel memory write issue was addressed.
    • Ubuntu Security Notice USN-4191-1 Thu, 14 Nov 2019 15:56:24 GMT
      Ubuntu Security Notice 4191-1 - It was discovered that the LSI SCSI adapter emulator implementation in QEMU did not properly validate executed scripts. A local attacker could use this to cause a denial of service. Sergej Schumilo, Cornelius Aschermann and Simon Woerner discovered that the qxl paravirtual graphics driver implementation in QEMU contained a null pointer dereference. A local attacker in a guest could use this to cause a denial of service. Various other issues were also addressed.
    • Ubuntu Security Notice USN-4191-2 Thu, 14 Nov 2019 15:56:18 GMT
      Ubuntu Security Notice 4191-2 - USN-4191-2 fixed a vulnerability in QEMU. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that the LSI SCSI adapter emulator implementation in QEMU did not properly validate executed scripts. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
    • Ubuntu Security Notice USN-4186-3 Thu, 14 Nov 2019 15:56:10 GMT
      Ubuntu Security Notice 4186-3 - USN-4186-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 was incomplete on 64-bit Intel x86 systems. This update addresses the issue. Various other issues were also addressed.
    • Red Hat Security Advisory 2019-3878-01 Thu, 14 Nov 2019 15:55:35 GMT
      Red Hat Security Advisory 2019-3878-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. An arbitrary kernel memory write issue was addressed.
    • Ubuntu Security Notice USN-4185-3 Thu, 14 Nov 2019 15:55:24 GMT
      Ubuntu Security Notice 4185-3 - USN-4185-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 was incomplete on 64-bit Intel x86 systems. Also, the update introduced a regression that broke KVM guests where extended page tables are disabled or not supported. This update addresses both issues. Various other issues were also addressed.
    • Ubuntu Security Notice USN-4183-2 Thu, 14 Nov 2019 15:55:18 GMT
      Ubuntu Security Notice 4183-2 - USN-4183-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 was incomplete on 64-bit Intel x86 systems. This update addresses the issue. Various other issues were also addressed.
    • Ubuntu Security Notice USN-4184-2 Thu, 14 Nov 2019 15:55:13 GMT
      Ubuntu Security Notice 4184-2 - USN-4184-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 was incomplete on 64-bit Intel x86 systems. Also, the update introduced a regression that broke KVM guests where extended page tables are disabled or not supported. This update addresses both issues. Various other issues were also addressed.
    • Red Hat Security Advisory 2019-3877-01 Thu, 14 Nov 2019 15:54:39 GMT
      Red Hat Security Advisory 2019-3877-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. An arbitrary kernel memory write issue was addressed.
    • Red Hat Security Advisory 2019-3872-01 Thu, 14 Nov 2019 15:53:36 GMT
      Red Hat Security Advisory 2019-3872-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. An arbitrary kernel memory write issue was addressed.
    • Red Hat Security Advisory 2019-3770-01 Thu, 14 Nov 2019 15:53:25 GMT
      Red Hat Security Advisory 2019-3770-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the oauth-server container image for Red Hat OpenShift Container Platform 4.2.4. Issues addressed include a cross site scripting vulnerability.
    • Red Hat Security Advisory 2019-3771-01 Thu, 14 Nov 2019 15:52:34 GMT
      Red Hat Security Advisory 2019-3771-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the golang-github-prometheus-prometheus container image for Red Hat OpenShift Container Platform 4.2.4. A cross site scripting issue was addressed.
    • Red Hat Security Advisory 2019-3873-01 Thu, 14 Nov 2019 15:51:46 GMT
      Red Hat Security Advisory 2019-3873-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. An arbitrary kernel memory write issue was addressed.
    • Ubuntu Security Notice USN-4190-1 Thu, 14 Nov 2019 15:51:34 GMT
      Ubuntu Security Notice 4190-1 - It was discovered that libjpeg-turbo incorrectly handled certain BMP images. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that libjpeg-turbo incorrectly handled certain JPEG images. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 19.04. Various other issues were also addressed.
    • MicroStrategy Library Cross Site Scripting Wed, 13 Nov 2019 17:23:53 GMT
      MicroStrategy Library suffers from a cross site scripting vulnerability. Version 11.1.3 has the patch.
    • Kernel Live Patch Security Notice LSN-0059-1 Wed, 13 Nov 2019 17:20:10 GMT
      On November 12, fixes for several high-severity Intel processor CVEs were released into the Ubuntu kernel, accompanied by a related processor microcode update. Due to the high complexity of the fixes and the required microcode update, we are unable to livepatch this set of CVEs. Please plan to reboot into an updated kernel as soon as possible. Various other issues were also addressed.
    • Red Hat Security Advisory 2019-3871-01 Wed, 13 Nov 2019 17:18:58 GMT
      Red Hat Security Advisory 2019-3871-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. An arbitrary kernel memory write was addressed.
    • Red Hat Security Advisory 2019-3870-01 Wed, 13 Nov 2019 17:18:00 GMT
      Red Hat Security Advisory 2019-3870-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. An arbitrary kernel memory write was addressed.
    • Ubuntu Security Notice USN-4189-1 Wed, 13 Nov 2019 17:17:48 GMT
      Ubuntu Security Notice 4189-1 - Jason Wang discovered that DPDK incorrectly handled certain messages. An attacker in a malicious container could possibly use this issue to cause DPDK to leak resources, resulting in a denial of service.
    • Ubuntu Security Notice USN-4186-2 Wed, 13 Nov 2019 17:17:28 GMT
      Ubuntu Security Notice 4186-2 - USN-4186-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. Stephan van Schaik, Alyssa Milburn, Sebastian
    • Debian Security Advisory 4563-1 Wed, 13 Nov 2019 17:17:19 GMT
      Debian Linux Security Advisory 4563-1 - These vulnerabilities have been discovered in the webkit2gtk web engine.
    • Debian Security Advisory 4567-1 Wed, 13 Nov 2019 17:17:11 GMT
      Debian Linux Security Advisory 4567-1 - It was discovered that the vhost PMD in DPDK, a set of libraries for fast packet processing, was affected by memory and file descriptor leaks which could result in denial of service.
    • Debian Security Advisory 4566-1 Wed, 13 Nov 2019 17:16:45 GMT
      Debian Linux Security Advisory 4566-1 - This update for QEMU, a fast processor emulator, backports support to passthrough the pschange-mc-no CPU flag. The virtualised MSR seen by a guest is set to show the bug as fixed, allowing to disable iTLB Multihit mitigations in nested hypervisors (cf. DSA 4564-1).
    • Debian Security Advisory 4565-1 Wed, 13 Nov 2019 17:16:30 GMT
      Debian Linux Security Advisory 4565-1 - This update ships updated CPU microcode for some types of Intel CPUs. In particular it provides mitigations for the TAA (TSX Asynchronous Abort) vulnerability. For affected CPUs, to fully mitigate the vulnerability it is also necessary to update the Linux kernel packages as released in DSA 4564-1.