News

    Exploits

    Last 20 Website Defacements - Zone-h

    Advisories

    • Red Hat Security Advisory 2022-8750-01 Fri, 02 Dec 2022 15:57:08 GMT
      Red Hat Security Advisory 2022-8750-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. Issues addressed include denial of service and out of bounds read vulnerabilities.
    • Ubuntu Security Notice USN-5758-1 Fri, 02 Dec 2022 15:57:01 GMT
      Ubuntu Security Notice 5758-1 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the video4linux driver for Empia based TV cards in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
    • Ubuntu Security Notice USN-5757-2 Fri, 02 Dec 2022 15:56:46 GMT
      Ubuntu Security Notice 5757-2 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the video4linux driver for Empia based TV cards in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
    • Ubuntu Security Notice USN-5757-1 Fri, 02 Dec 2022 15:56:33 GMT
      Ubuntu Security Notice 5757-1 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the video4linux driver for Empia based TV cards in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
    • Ubuntu Security Notice USN-5756-1 Fri, 02 Dec 2022 15:56:15 GMT
      Ubuntu Security Notice 5756-1 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a memory leak existed in the IPv6 implementation of the Linux kernel. A local attacker could use this to cause a denial of service.
    • Ubuntu Security Notice USN-5755-1 Fri, 02 Dec 2022 15:56:00 GMT
      Ubuntu Security Notice 5755-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
    • Debian Security Advisory 5292-1 Fri, 02 Dec 2022 15:55:41 GMT
      Debian Linux Security Advisory 5292-1 - The Qualys Research Team discovered a race condition in the snapd-confine binary which could result in local privilege escalation.
    • Ubuntu Security Notice USN-5743-2 Fri, 02 Dec 2022 15:55:28 GMT
      Ubuntu Security Notice 5743-2 - USN-5743-1 fixed a vulnerability in LibTIFF. This update provides the corresponding updates for Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 22.10. It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges.
    • Ubuntu Security Notice USN-5754-1 Fri, 02 Dec 2022 15:55:13 GMT
      Ubuntu Security Notice 5754-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a memory leak existed in the IPv6 implementation of the Linux kernel. A local attacker could use this to cause a denial of service.
    • Ubuntu Security Notice USN-5753-1 Thu, 01 Dec 2022 17:33:16 GMT
      Ubuntu Security Notice 5753-1 - The Qualys Research Team discovered that a race condition existed in the snapd snap-confine binary when preparing the private /tmp mount for a snap. A local attacker could possibly use this issue to escalate privileges and execute arbitrary code.
    • Ubuntu Security Notice USN-5752-1 Thu, 01 Dec 2022 17:30:09 GMT
      Ubuntu Security Notice 5752-1 - David Bouman and Billy Jheng Bing Jhong discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Soenke Huster discovered that an integer overflow vulnerability existed in the WiFi driver stack in the Linux kernel, leading to a buffer overflow. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
    • Intel Data Center Manager 4.1.1.45749 Authentication Bypass / Spoofing Wed, 30 Nov 2022 20:48:27 GMT
      Intel Data Center Manager versions 4.1.1.45749 and below suffer from an authentication bypass vulnerability via spoofing.
    • Ubuntu Security Notice USN-5718-2 Wed, 30 Nov 2022 20:39:52 GMT
      Ubuntu Security Notice 5718-2 - USN-5718-1 fixed a vulnerability in pixman. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Maddie Stone discovered that pixman incorrectly handled certain memory operations. A remote attacker could use this issue to cause pixman to crash, resulting in a denial of service, or possibly execute arbitrary code.
    • Ubuntu Security Notice USN-5750-1 Wed, 30 Nov 2022 20:39:38 GMT
      Ubuntu Security Notice 5750-1 - It was discovered that GnuTLS incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause GnuTLS to crash, resulting in a denial of service.
    • Ubuntu Security Notice USN-5749-1 Wed, 30 Nov 2022 20:39:29 GMT
      Ubuntu Security Notice 5749-1 - Erik de Castro Lopo and Agostino Sarubbo discovered that libsamplerate did not properly perform bounds checking. If a user were tricked into processing a specially crafted audio file, an attacker could possibly use this issue to cause a crash.
    • Ubuntu Security Notice USN-5728-3 Wed, 30 Nov 2022 20:39:15 GMT
      Ubuntu Security Notice 5728-3 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the memory address space accounting implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
    • Red Hat Security Advisory 2022-8669-01 Wed, 30 Nov 2022 20:39:00 GMT
      Red Hat Security Advisory 2022-8669-01 - Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center. Issues addressed include an integer overflow vulnerability.
    • Red Hat Security Advisory 2022-8679-01 Wed, 30 Nov 2022 20:38:53 GMT
      Red Hat Security Advisory 2022-8679-01 - The USBGuard software framework provides system protection against intrusive USB devices by implementing basic whitelisting and blacklisting capabilities based on device attributes. To enforce a user-defined policy, USBGuard uses the Linux kernel USB device authorization feature.
    • Red Hat Security Advisory 2022-8673-01 Wed, 30 Nov 2022 20:38:47 GMT
      Red Hat Security Advisory 2022-8673-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
    • Red Hat Security Advisory 2022-8680-01 Wed, 30 Nov 2022 20:38:42 GMT
      Red Hat Security Advisory 2022-8680-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration.
    • Ubuntu Security Notice USN-5745-2 Wed, 30 Nov 2022 20:38:24 GMT
      Ubuntu Security Notice 5745-2 - USN-5745-1 fixed vulnerabilities in shadow. Unfortunately that update introduced a regression that caused useradd to behave incorrectly in Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. This update reverts the security fix pending further investigation.
    • Ubuntu Security Notice USN-5748-1 Wed, 30 Nov 2022 20:38:02 GMT
      Ubuntu Security Notice 5748-1 - It was discovered that Sysstat incorrectly handled certain arithmetic multiplications. An attacker could use this issue to cause Sysstat to crash, resulting in a denial of service, or possibly execute arbitrary code.
    • Red Hat Security Advisory 2022-8686-01 Wed, 30 Nov 2022 20:37:02 GMT
      Red Hat Security Advisory 2022-8686-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
    • Red Hat Security Advisory 2022-8685-01 Wed, 30 Nov 2022 20:36:49 GMT
      Red Hat Security Advisory 2022-8685-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a memory leak vulnerability.
    • Ubuntu Security Notice USN-5689-2 Wed, 30 Nov 2022 20:35:49 GMT
      Ubuntu Security Notice 5689-2 - USN-5689-1 fixed a vulnerability in Perl. This update provides the corresponding update for Ubuntu 22.10. It was discovered that Perl incorrectly handled certain signature verification. An remote attacker could possibly use this issue to bypass signature verification.