sec Linux 5.3 Insecure Root Path Handling By packetstormsecurity.com Published On :: Fri, 10 Apr 2020 22:01:02 GMT Linux versions 5.3 and above appear to have an issue where io_uring suffers from insecure handling of the root directory for path lookups. Full Article
sec Red Hat Security Advisory 2020-1804-01 By packetstormsecurity.com Published On :: Tue, 28 Apr 2020 20:33:55 GMT Red Hat Security Advisory 2020-1804-01 - The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Full Article
sec Red Hat Security Advisory 2020-0860-01 By packetstormsecurity.com Published On :: Tue, 17 Mar 2020 13:23:22 GMT Red Hat Security Advisory 2020-0860-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 8 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability. Full Article
sec Red Hat Security Advisory 2020-0861-01 By packetstormsecurity.com Published On :: Tue, 17 Mar 2020 13:23:37 GMT Red Hat Security Advisory 2020-0861-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 8 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability. Full Article
sec Red Hat Security Advisory 2020-0855-01 By packetstormsecurity.com Published On :: Tue, 17 Mar 2020 22:02:22 GMT Red Hat Security Advisory 2020-0855-01 - Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. A file read / inclusion vulnerability was addressed. Full Article
sec Red Hat Security Advisory 2020-0912-01 By packetstormsecurity.com Published On :: Mon, 23 Mar 2020 16:01:07 GMT Red Hat Security Advisory 2020-0912-01 - Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. A file read / inclusion vulnerability was addressed. Full Article
sec Red Hat Security Advisory 2020-0961-01 By packetstormsecurity.com Published On :: Tue, 24 Mar 2020 15:09:31 GMT Red Hat Security Advisory 2020-0961-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. A file read / inclusion vulnerability was addressed among other issues. Full Article
sec Red Hat Security Advisory 2020-0962-01 By packetstormsecurity.com Published On :: Tue, 24 Mar 2020 15:10:43 GMT Red Hat Security Advisory 2020-0962-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. A file read / inclusion vulnerability was addressed among other issues. Full Article
sec Red Hat Security Advisory 2020-1428-01 By packetstormsecurity.com Published On :: Mon, 13 Apr 2020 13:22:22 GMT Red Hat Security Advisory 2020-1428-01 - Open Liberty is a lightweight open framework for building fast and efficient cloud-native Java microservices. This release of Open Liberty 20.0.0.4 serves as a replacement for Open Liberty 20.0.0.3 and includes security fixes, bug fixes, and enhancements. Full Article
sec Red Hat Security Advisory 2020-1479-01 By packetstormsecurity.com Published On :: Wed, 15 Apr 2020 00:14:17 GMT Red Hat Security Advisory 2020-1479-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This asynchronous patch is a security update for the Apache Tomcat package in JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5, 6, and 7. All users of Red Hat JBoss Enterprise Application Platform 6.4 are advised to upgrade to these updated packages. Full Article
sec Red Hat Security Advisory 2020-1478-01 By packetstormsecurity.com Published On :: Wed, 15 Apr 2020 00:14:30 GMT Red Hat Security Advisory 2020-1478-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This asynchronous patch is a security update for the Apache Tomcat package in JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5, 6, and 7. All users of Red Hat JBoss Enterprise Application Platform 6.4 are advised to upgrade to this updated package. Full Article
sec Red Hat Security Advisory 2020-1508-01 By packetstormsecurity.com Published On :: Tue, 21 Apr 2020 13:54:15 GMT Red Hat Security Advisory 2020-1508-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Issues addressed include denial of service and deserialization vulnerabilities. Full Article
sec Red Hat Security Advisory 2020-1507-01 By packetstormsecurity.com Published On :: Tue, 21 Apr 2020 14:05:14 GMT Red Hat Security Advisory 2020-1507-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Issues addressed include denial of service and deserialization vulnerabilities. Full Article
sec Red Hat Security Advisory 2020-1506-01 By packetstormsecurity.com Published On :: Tue, 21 Apr 2020 14:05:30 GMT Red Hat Security Advisory 2020-1506-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include denial of service and deserialization vulnerabilities. Full Article
sec Red Hat Security Advisory 2020-1521-01 By packetstormsecurity.com Published On :: Tue, 21 Apr 2020 14:07:26 GMT Red Hat Security Advisory 2020-1521-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.3 serves as a replacement for Red Hat JBoss Web Server 5.2, and includes bug fixes, enhancements, and component upgrades, which are documented in the Release Notes, linked to in the References. Issues addressed include a privilege escalation vulnerability. Full Article
sec Red Hat Security Advisory 2020-1520-01 By packetstormsecurity.com Published On :: Tue, 21 Apr 2020 14:09:21 GMT Red Hat Security Advisory 2020-1520-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.3 serves as a replacement for Red Hat JBoss Web Server 5.2, and includes bug fixes, enhancements, and component upgrades, which are documented in the Release Notes, linked to in the References. Issues addressed include a privilege escalation vulnerability. Full Article
sec Red Hat Security Advisory 2020-1509-01 By packetstormsecurity.com Published On :: Tue, 21 Apr 2020 14:15:11 GMT Red Hat Security Advisory 2020-1509-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include denial of service and deserialization vulnerabilities. Full Article
sec Red Hat Security Advisory 2020-1512-01 By packetstormsecurity.com Published On :: Tue, 21 Apr 2020 14:17:02 GMT Red Hat Security Advisory 2020-1512-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include denial of service and deserialization vulnerabilities. Full Article
sec Red Hat Security Advisory 2020-1514-01 By packetstormsecurity.com Published On :: Tue, 21 Apr 2020 20:00:19 GMT Red Hat Security Advisory 2020-1514-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include denial of service and deserialization vulnerabilities. Full Article
sec Red Hat Security Advisory 2020-1517-01 By packetstormsecurity.com Published On :: Wed, 22 Apr 2020 15:10:56 GMT Red Hat Security Advisory 2020-1517-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include denial of service and deserialization vulnerabilities. Full Article
sec Red Hat Security Advisory 2020-1516-01 By packetstormsecurity.com Published On :: Wed, 22 Apr 2020 15:11:05 GMT Red Hat Security Advisory 2020-1516-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include denial of service and deserialization vulnerabilities. Full Article
sec Red Hat Security Advisory 2020-1515-01 By packetstormsecurity.com Published On :: Wed, 22 Apr 2020 15:11:12 GMT Red Hat Security Advisory 2020-1515-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include denial of service and deserialization vulnerabilities. Full Article
sec Red Hat Security Advisory 2020-1864-01 By packetstormsecurity.com Published On :: Tue, 28 Apr 2020 20:26:29 GMT Red Hat Security Advisory 2020-1864-01 - The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ada 95 GNU, as well as related support libraries. Full Article
sec Spectre Chip Security Vulnerability Strikes Again By packetstormsecurity.com Published On :: Tue, 22 May 2018 06:36:24 GMT Full Article headline flaw intel
sec Intel Chip Flaw - Math Unit May Spill Crypto Secrets To Apps By packetstormsecurity.com Published On :: Thu, 14 Jun 2018 01:21:32 GMT Full Article headline data loss flaw cryptography intel
sec New Spectre Attack Enables Secrets To Be Leaked Over A Network By packetstormsecurity.com Published On :: Fri, 27 Jul 2018 00:57:39 GMT Full Article headline hacker flaw intel
sec Intel's Commitment To Making Its Stuff Secure Is Called Into Question By packetstormsecurity.com Published On :: Mon, 08 Oct 2018 14:48:27 GMT Full Article headline flaw intel
sec Intel Patches Six Security Issues By packetstormsecurity.com Published On :: Thu, 16 Jan 2020 16:22:18 GMT Full Article headline flaw patch intel
sec Apple Security Advisory 2019-12-10-7 By packetstormsecurity.com Published On :: Wed, 11 Dec 2019 23:23:23 GMT Apple Security Advisory 2019-12-10-7 - Xcode 11.3 is now available and addresses an arbitrary code execution vulnerability. Full Article
sec Apple Security Advisory 2019-12-10-8 By packetstormsecurity.com Published On :: Thu, 12 Dec 2019 00:16:21 GMT Apple Security Advisory 2019-12-10-8 - watchOS 6.1.1 is now available and addresses code execution vulnerabilities. Full Article
sec Apple Security Advisory 2019-12-10-6 By packetstormsecurity.com Published On :: Thu, 12 Dec 2019 00:18:03 GMT Apple Security Advisory 2019-12-10-6 - Safari 13.0.4 is now available and addresses code execution vulnerabilities. Full Article
sec Apple Security Advisory 2019-12-10-5 By packetstormsecurity.com Published On :: Thu, 12 Dec 2019 00:18:11 GMT Apple Security Advisory 2019-12-10-5 - tvOS 13.3 is now available and addresses code execution vulnerabilities. Full Article
sec Apple Security Advisory 2019-12-10-2 By packetstormsecurity.com Published On :: Thu, 12 Dec 2019 00:18:19 GMT Apple Security Advisory 2019-12-10-2 - iOS 12.4.4 is now available and addresses a code execution vulnerability. Full Article
sec Apple Security Advisory 2019-12-10-3 By packetstormsecurity.com Published On :: Thu, 12 Dec 2019 00:18:29 GMT Apple Security Advisory 2019-12-10-3 - macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra is now available and addresses buffer overflow, code execution, and denial of service vulnerabilities. Full Article
sec Apple Security Advisory 2019-12-10-4 By packetstormsecurity.com Published On :: Thu, 12 Dec 2019 00:18:38 GMT Apple Security Advisory 2019-12-10-4 - watchOS 5.3.4 is now available and addresses a code execution vulnerability. Full Article
sec Apple Security Advisory 2019-12-10-1 By packetstormsecurity.com Published On :: Sat, 14 Dec 2019 12:22:22 GMT Apple Security Advisory 2019-12-10-1 - iOS 13.3 and iPadOS 13.3 is now available and addresses code execution and information leakage vulnerabilities. Full Article
sec Apple Security Advisory 2020-1-28-6 By packetstormsecurity.com Published On :: Wed, 29 Jan 2020 17:15:31 GMT Apple Security Advisory 2020-1-28-6 - iTunes for Windows 12.10.4 is now available and addresses a filesystem access issue. Full Article
sec Apple Security Advisory 2020-1-28-3 By packetstormsecurity.com Published On :: Wed, 29 Jan 2020 17:17:18 GMT Apple Security Advisory 2020-1-28-3 - watchOS 6.1.2 is now available and addresses code execution vulnerabilities. Full Article
sec Apple Security Advisory 2020-1-28-4 By packetstormsecurity.com Published On :: Wed, 29 Jan 2020 17:17:28 GMT Apple Security Advisory 2020-1-28-4 - tvOS 13.3.1 is now available and addresses code execution vulnerabilities. Full Article
sec Apple Security Advisory 2020-1-28-2 By packetstormsecurity.com Published On :: Wed, 29 Jan 2020 17:17:36 GMT Apple Security Advisory 2020-1-28-2 - macOS Catalina 10.15.3, Security Update 2020-001 Mojave, and Security Update 2020-001 High Sierra are now available and address buffer overflow, bypass, and code execution vulnerabilities. Full Article
sec Apple Security Advisory 2020-1-28-1 By packetstormsecurity.com Published On :: Wed, 29 Jan 2020 17:17:53 GMT Apple Security Advisory 2020-1-28-1 - iOS 13.3.1 and iPadOS 13.3.1 are now available and address code execution vulnerabilities. Full Article
sec Apple Security Advisory 2020-1-29-2 By packetstormsecurity.com Published On :: Thu, 30 Jan 2020 14:46:23 GMT Apple Security Advisory 2020-1-29-2 - iCloud for Windows 10.9.2 is now available and addresses buffer overflow, code execution, cross site scripting, and denial of service vulnerabilities. Full Article
sec Apple Security Advisory 2020-1-29-1 By packetstormsecurity.com Published On :: Thu, 30 Jan 2020 14:46:35 GMT Apple Security Advisory 2020-1-29-1 - iCloud for Windows 7.17 addresses buffer overflow, code execution, cross site scripting, and denial of service vulnerabilities. Full Article
sec Apple Security Advisory 2020-03-24-1 By packetstormsecurity.com Published On :: Wed, 25 Mar 2020 14:20:32 GMT Apple Security Advisory 2020-03-24-1 - iOS 13.4 and iPadOS 13.4 are now available and address buffer overflow, code execution, and cross site scripting vulnerabilities. Full Article
sec Apple Security Advisory 2020-03-24-2 By packetstormsecurity.com Published On :: Wed, 25 Mar 2020 14:22:53 GMT Apple Security Advisory 2020-03-24-2 - macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra are now available and address buffer overflow, bypass, code execution, and information leakage vulnerabilities. Full Article
sec Apple Security Advisory 2020-03-24-3 By packetstormsecurity.com Published On :: Wed, 25 Mar 2020 14:25:02 GMT Apple Security Advisory 2020-03-24-3 - tvOS 13.4 is now available and addresses buffer overflow, code execution, and cross site scripting vulnerabilities. Full Article
sec Apple Security Advisory 2020-03-24-4 By packetstormsecurity.com Published On :: Wed, 25 Mar 2020 14:30:03 GMT Apple Security Advisory 2020-03-24-4 - watchOS 6.2 is now available and addresses buffer overflow and code execution vulnerabilities. Full Article
sec Apple Security Advisory 2020-03-24-5 By packetstormsecurity.com Published On :: Wed, 25 Mar 2020 14:34:53 GMT Apple Security Advisory 2020-03-24-5 - Safari 13.1 is now available and addresses code execution and cross site scripting vulnerabilities. Full Article
sec Apple Security Advisory 2020-03-24-6 By packetstormsecurity.com Published On :: Wed, 25 Mar 2020 14:36:33 GMT Apple Security Advisory 2020-03-24-6 - iTunes for Windows 12.10.5 is now available and addresses buffer overflow, code execution, and cross site scripting vulnerabilities. Full Article
sec Apple Security Advisory 2020-03-24-7 By packetstormsecurity.com Published On :: Wed, 25 Mar 2020 14:42:01 GMT Apple Security Advisory 2020-03-24-7 - Xcode 11.4 is now available and contains security improvements. Full Article
