Latest redhat enterprise linux tus Vulnerabilities

Glibc: potential use-after-free in getaddrinfo()
redhat/glibc<0:2.28-225.el8_8.6
redhat/glibc<0:2.34-60.el9_2.7
GNU glibc=2.33
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
and 32 more
Glibc: stack read overflow in getaddrinfo in no-aaaa mode
ubuntu/glibc<2.37-0ubuntu2.1
ubuntu/glibc<2.38-1ubuntu5
<2.39
=9.2
=9.0_ppc64le
=9.2_ppc64le
and 63 more
A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation.
Samba Samba>=3.0.0<4.13.14
Samba Samba>=4.14.0<4.14.10
Samba Samba>=4.15.0<4.15.2
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=33
and 58 more
A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required.
Samba Samba>=3.0.0<4.13.14
Samba Samba>=4.14.0<4.14.10
Samba Samba>=4.15.0<4.15.2
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=33
and 56 more
A flaw was found in the way Samba handled file/directory metadata. This flaw allows an authenticated attacker with permissions to read or modify share metadata, to perform this operation outside of th...
Samba Samba<4.15.0
Debian Debian Linux=10.0
Debian Debian Linux=11.0
Redhat Virtualization Host=4.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux Aus=8.6
and 6 more
A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Dom...
redhat/c-ares<1.17.2
redhat/c-ares<0:1.13.0-6.el8
redhat/rh-nodejs14-nodejs<0:14.17.5-1.el7
redhat/rh-nodejs12-nodejs<0:12.22.5-1.el7
redhat/rh-nodejs12-nodejs-nodemon<0:2.0.3-5.el7
>=1.0.0<1.17.2
and 69 more
A flaw was found in the ptp4l program of the linuxptp package. A missing length check when forwarding a PTP message between ports allows a remote attacker to cause an information leak, crash, or poten...
debian/linuxptp
Linuxptp Project Linuxptp<1.5.1
Linuxptp Project Linuxptp>=1.6.0<1.6.1
Linuxptp Project Linuxptp>=1.8.0<1.8.1
Linuxptp Project Linuxptp>=1.9.0<1.9.3
Linuxptp Project Linuxptp>=2.0.0<2.0.1
and 14 more
Microsoft ASP.NET Core Security Feature Bypass Vulnerability
nuget/Microsoft.AspNetCore.Http<2.1.22
nuget/Microsoft.AspNetCore.App.Runtime.win-arm64>=3.1.5<3.1.8
nuget/Microsoft.AspNetCore.App.Runtime.win-x86>=3.1.0<3.1.8
nuget/Microsoft.AspNetCore.App.Runtime.win-x64>=3.1.0<3.1.8
nuget/Microsoft.AspNetCore.App.Runtime.win-arm>=3.1.0<3.1.8
nuget/Microsoft.AspNetCore.App.Runtime.osx-x64>=3.1.0<3.1.8
and 35 more
A flaw was found in the GNOME Control Center in Red Hat Enterprise Linux 8 versions prior to 8.2, where it improperly uses Red Hat Customer Portal credentials when a user registers a system through th...
GNOME Control Center
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux Aus=8.2
Redhat Enterprise Linux Eus=8.2
Redhat Enterprise Linux Tus=8.2
Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Both the SPICE client (spice-gtk) and server are affec...
debian/spice<=0.14.0-1.3<=0.14.3-1
Spice Project Spice<0.14.2
Redhat Openstack=16.1
Canonical Ubuntu Linux=14.04
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
and 25 more
An information disclosure vulnerability was found in libvirt in versions before 6.3.0. HTTP cookies used to access network-based disks were saved in the XML dump of the guest domain. This flaw allows ...
Redhat Libvirt>=6.2.0<6.3.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux Eus=8.4
Redhat Enterprise Linux For Ibm Z Systems=8.0
Redhat Enterprise Linux For Ibm Z Systems Eus=8.4
Redhat Enterprise Linux For Power Little Endian=8.0
and 13 more
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u2...
redhat/java<1.8.0-openjdk-1:1.8.0.242.b07-1.el6_10
redhat/java<1.7.0-openjdk-1:1.7.0.251-2.6.21.0.el6_10
redhat/java<1.7.1-ibm-1:1.7.1.4.70-1jpp.1.el6_10
redhat/java<11-openjdk-1:11.0.6.10-1.el7_7
redhat/java<1.8.0-openjdk-1:1.8.0.242.b08-0.el7_7
redhat/java<1.7.0-openjdk-1:1.7.0.251-2.6.21.0.el7_7
and 84 more
Linux Kernel is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by mwifiex_update_vs_ie() function of Marvell Wifi Driver. By sending a specially-crafted packet, a local...
redhat/kernel-rt<0:3.10.0-1062.12.1.rt56.1042.el7
redhat/kernel-alt<0:4.14.0-115.17.1.el7a
redhat/kernel<0:3.10.0-1062.12.1.el7
redhat/kernel<0:3.10.0-327.85.1.el7
redhat/kernel<0:3.10.0-514.73.1.el7
redhat/kernel<0:3.10.0-693.65.1.el7
and 190 more
A flaw was discovered in the Bluetooth protocol. An attacker within physical proximity to the Bluetooth connection could downgrade the encryption protocol to be trivially brute forced.
redhat/kernel-rt<0:3.10.0-1062.4.1.rt56.1027.el7
redhat/kernel<0:3.10.0-1062.4.1.el7
redhat/kernel-alt<0:4.14.0-115.14.1.el7a
redhat/kernel<0:3.10.0-327.86.1.el7
redhat/kernel<0:3.10.0-514.70.1.el7
redhat/kernel<0:3.10.0-693.60.1.el7
and 729 more
urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering...
redhat/python<0:2.7.5-86.el7
redhat/python<0:2.7.5-63.el7_4
redhat/python<0:2.7.5-74.el7_5
redhat/python<0:2.7.5-83.el7_6
redhat/python3<0:3.6.8-15.1.el8
redhat/python27-python<0:2.7.16-6.el6
and 43 more
A flaw was found in pacemaker up to and including version 2.0.1. An insufficient verification inflicted preference of uncontrolled processes can lead to DoS
redhat/pacemaker<2.0.2
ubuntu/pacemaker<1.1.18-0ubuntu1.1
ubuntu/pacemaker<1.1.18-2ubuntu1.18.10.1
ubuntu/pacemaker<1.1.18-2ubuntu1.19.04.1
ubuntu/pacemaker<1.1.14-2ubuntu1.6
Clusterlabs Pacemaker<=2.0.1
and 44 more

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203