News

Looking Glass Cyber
    Malware Patrol SecList securingtomorrow.mcafee.com Quick Heal Threat Post Naked Security Security Affairs

    Security Awareness Tips of the week

      Exploits

      Last 20 Website Defacements - Zone-h

      Advisories

      Symantec Packet Stoem Security

      • Gentoo Linux Security Advisory 202209-27 Fri, 30 Sep 2022 14:56:55 GMT
        Gentoo Linux Security Advisory 202209-27 - Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could result in arbitrary code execution. Versions less than 102.3.0:esr are affected.
      • Gentoo Linux Security Advisory 202209-20 Fri, 30 Sep 2022 14:56:50 GMT
        Gentoo Linux Security Advisory 202209-20 - Multiple vulnerabilities have been discovered in PHP, the worst of which could result in local root privilege escalation. Versions less than 7.4.30:7.4 are affected.
      • Gentoo Linux Security Advisory 202209-24 Fri, 30 Sep 2022 14:56:43 GMT
        Gentoo Linux Security Advisory 202209-24 - Multiple vulnerabilities have been discovered in Expat, the worst of which could result in arbitrary code execution. Versions less than 2.4.9 are affected.
      • Gentoo Linux Security Advisory 202209-22 Fri, 30 Sep 2022 14:56:33 GMT
        Gentoo Linux Security Advisory 202209-22 - A vulnerability has been found in Kitty which could allow for arbitrary code execution with user input. Versions less than 0.26.2 are affected.
      • Gentoo Linux Security Advisory 202209-26 Fri, 30 Sep 2022 14:56:27 GMT
        Gentoo Linux Security Advisory 202209-26 - Multiple vulnerabilities have been discovered in Go, the worst of which could result in denial of service. Versions less than 1.18.6 are affected.
      • Gentoo Linux Security Advisory 202209-23 Fri, 30 Sep 2022 14:56:19 GMT
        Gentoo Linux Security Advisory 202209-23 - Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions less than 105.0.5195.125 are affected.
      • Gentoo Linux Security Advisory 202209-25 Fri, 30 Sep 2022 14:56:12 GMT
        Gentoo Linux Security Advisory 202209-25 - A vulnerability has been discovered in Zutty which could allow for arbitrary code execution. Versions less than 0.13 are affected.
      • Gentoo Linux Security Advisory 202209-21 Fri, 30 Sep 2022 14:56:06 GMT
        Gentoo Linux Security Advisory 202209-21 - A vulnerability has been discovered in Poppler which could allow for arbitrary code execution. Versions less than 22.09.0 are affected.
      • Gentoo Linux Security Advisory 202209-19 Fri, 30 Sep 2022 14:56:01 GMT
        Gentoo Linux Security Advisory 202209-19 - Multiple vulnerabilities have been discovered in GraphicsMagick, the worst of which are fuzzing issues presumed to allow for arbitrary code execution. Versions less than 1.3.38 are affected.
      • Gentoo Linux Security Advisory 202209-18 Fri, 30 Sep 2022 14:53:19 GMT
        Gentoo Linux Security Advisory 202209-18 - Multiple vulnerabilities have been found in Mozilla Thunderbird, the world of which could result in arbitrary code execution. Versions less than 102.3.0 are affected.
      • Gentoo Linux Security Advisory 202209-17 Fri, 30 Sep 2022 14:53:09 GMT
        Gentoo Linux Security Advisory 202209-17 - Multiple vulnerabilities have been found in Redis, the worst of which could result in arbitrary code execution. Versions less than 7.0.5 are affected.
      • Gentoo Linux Security Advisory 202209-16 Fri, 30 Sep 2022 14:52:58 GMT
        Gentoo Linux Security Advisory 202209-16 - Multiple vulnerabilities have been discovered in BlueZ, the worst of which could result in arbitrary code execution. Versions less than 5.63 are affected.
      • Red Hat Security Advisory 2022-6753-01 Fri, 30 Sep 2022 14:51:18 GMT
        Red Hat Security Advisory 2022-6753-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include buffer overflow, denial of service, information leakage, null pointer, out of bounds read, out of bounds write, and server-side request forgery vulnerabilities.
      • Red Hat Security Advisory 2022-6750-01 Fri, 30 Sep 2022 14:51:03 GMT
        Red Hat Security Advisory 2022-6750-01 - Barbican is a ReST API designed for the secure storage, provisioning and management of secrets, including in OpenStack environments. Issues addressed include a bypass vulnerability.
      • Red Hat Security Advisory 2022-6755-01 Fri, 30 Sep 2022 14:49:39 GMT
        Red Hat Security Advisory 2022-6755-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR5-FP15.
      • Red Hat Security Advisory 2022-6756-01 Fri, 30 Sep 2022 14:49:17 GMT
        Red Hat Security Advisory 2022-6756-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR7-FP15.
      • Ubuntu Security Notice USN-5647-1 Thu, 29 Sep 2022 15:21:44 GMT
        Ubuntu Security Notice 5647-1 - It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Moshe Kol, Amit Klein and Yossi Gilad discovered that the IP implementation in the Linux kernel did not provide sufficient randomization when calculating port offsets. An attacker could possibly use this to expose sensitive information.
      • Ubuntu Security Notice USN-5615-2 Thu, 29 Sep 2022 15:21:29 GMT
        Ubuntu Security Notice 5615-2 - USN-5615-1 fixed several vulnerabilities in SQLite. This update provides the corresponding fix for CVE-2020-35525 for Ubuntu 16.04 ESM. It was discovered that SQLite incorrectly handled INTERSEC query processing. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code.
      • Red Hat Security Advisory 2022-6741-01 Thu, 29 Sep 2022 15:17:17 GMT
        Red Hat Security Advisory 2022-6741-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a privilege escalation vulnerability.
      • Ubuntu Security Notice USN-5646-1 Thu, 29 Sep 2022 15:08:37 GMT
        Ubuntu Security Notice 5646-1 - Tobias Stoeckmann discovered that libXi did not properly manage memory when handling X server responses. A remote attacker could use this issue to cause libXi to crash, resulting in a denial of service.
      • Ubuntu Security Notice USN-5645-1 Thu, 29 Sep 2022 14:58:06 GMT
        Ubuntu Security Notice 5645-1 - Jacob Champion discovered that PostgreSQL incorrectly handled SSL certificate verification and encryption. A remote attacker could possibly use this issue to inject arbitrary SQL queries when a connection is first established. Tom Lane discovered that PostgreSQL incorrect handled certain array subscripting calculations. An authenticated attacker could possibly use this issue to overwrite server memory and escalate privileges.
      • Ubuntu Security Notice USN-5644-1 Wed, 28 Sep 2022 15:04:08 GMT
        Ubuntu Security Notice 5644-1 - It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Duoming Zhou discovered that race conditions existed in the timer handling implementation of the Linux kernel's Rose X.25 protocol layer, resulting in use-after-free vulnerabilities. A local attacker could use this to cause a denial of service.
      • Red Hat Security Advisory 2022-6696-01 Tue, 27 Sep 2022 16:01:00 GMT
        Red Hat Security Advisory 2022-6696-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.6 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Critical. Issues addressed include crlf injection and denial of service vulnerabilities.
      • Ubuntu Security Notice USN-5643-1 Tue, 27 Sep 2022 16:00:42 GMT
        Ubuntu Security Notice 5643-1 - It was discovered that GhostScript incorrectly handled certain PDF files. If a user or automated system were tricked into opening a specially crafted PDF file, a remote attacker could use this issue to cause GhostScript to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. It was discovered that GhostScript incorrectly handled certain PDF files. If a user or automated system were tricked into opening a specially crafted PDF file, a remote attacker could use this issue to cause GhostScript to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS.
      • Ubuntu Security Notice USN-5642-1 Tue, 27 Sep 2022 15:57:48 GMT
        Ubuntu Security Notice 5642-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.