BD Pyxis™ Rapid Rx Security Vulnerabilities

Intel® OpenVINO™ Software Advisory

Summary: Potential security vulnerabilities in some Intel® OpenVINO™ software may allow denial of service, information disclosure. Intel is releasing sotfware updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2023-25080 Description: Protection mechanism...

2023.4 IPU - Intel® Processor Advisory

Summary: A potential security vulnerability in some Intel® Processors may allow escalation of privilege and/or information disclosure and/or denial of service via local access. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details: CVEID:...

AMD SMM Supervisor Vulnerability Security Notice

Bulletin ID: AMD-SB-7011 Potential Impact: Loss of confidentiality, integrity, and availability Severity:High Summary External researchers reported a potential vulnerability during SMM Supervisor initialization which may impact some AMD processors. On systems that do not have Supervisor Mode...

Intel® Optane™ SSD and Intel® Optane™ SSD DC Firmware Advisory

Summary: Potential security vulnerabilities in some Intel® Optane™ SSD and some Intel® Optane™ SSD DC products may allow escalation of privilege, information disclosure or denial of service. Intel is releasing firmware updates to mitigate these potential vulnerabilities. Vulnerability Details:...

AMD Graphics Driver Vulnerabilities – November 2023

Bulletin ID: AMD-SB-6003 Potential Impact: Varies by CVE, see descriptions below Severity:Varies by CVE, see descriptions below Summary AMD received reports of vulnerabilities potentially affecting some AMD Graphics products. Refer to the CVE Details section for information about each CVE. CVE...

2023.4 IPU - BIOS Advisory

Summary: Potential security vulnerabilities in the BIOS firmware for some Intel® Processors may allow escalation of privilege or denial of service. Intel is releasing BIOS updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2023-25756 Description: Out-of-bounds...

Intel® NUC Software Advisory

Summary: Summary: Potential security vulnerabilities in some Intel® NUC Software may allow escalation of privilege, denial of service, and information disclosure. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2023-28737...

AMD Client Vulnerabilities – November 2023

Bulletin ID: AMD-SB-4002 Potential Impact: Varies by CVE, see descriptions below Severity:Varies by CVE, see descriptions below ****Summary Potential vulnerabilities in AMD Secure Processor (ASP), AMD System Management Unit (SMU), and other platform components were reported, and mitigations are...

RHEL 8 : nodejs:20 (RHSA-2023:7205)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7205 advisory. nodejs: integrity checks according to policies can be circumvented (CVE-2023-38552) nodejs: permission model improperly protects against...

Important: nodejs:20 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix(es): HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487) nodejs: permission model...

Intel® Arc™ RGB Controller Software Advisory

Summary: A potential security vulnerability in some Intel® Arc™ RGB Controller software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2023-32638 Description: Incorrect default permissions in some...

Intel® FPGA Firmware Advisory

Summary: A potential security vulnerability in some Intel® Field Programmable Gate Array (FPGA) products may allow information disclosure. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2023-22327 Description: Out-of-bounds write...

Intel® Graphics Drivers Advisory

Summary: Potential security vulnerabilities in some Intel® Graphics drivers may allow escalation of privilege, denial of service and information disclosure. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2023-29165 Description:...

CVE-2023-6103

A vulnerability has been found in Intelbras RX 1500 1.1.9 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /WiFi.html of the component SSID Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit....

CVE-2023-6103

A vulnerability has been found in Intelbras RX 1500 1.1.9 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /WiFi.html of the component SSID Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit....

Cross site scripting

A vulnerability has been found in Intelbras RX 1500 1.1.9 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /WiFi.html of the component SSID Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit....

CVE-2023-6103 Intelbras RX 1500 SSID WiFi.html cross site scripting

A vulnerability has been found in Intelbras RX 1500 1.1.9 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /WiFi.html of the component SSID Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit....

varnish -- HTTP/2 Rapid Reset Attack

Varnish Cache Project reports: A denial of service attack can be performed on Varnish Cache servers that have the HTTP/2 protocol turned on. An attacker can create a large volume of streams and immediately reset them without ever reaching the maximum number of concurrent streams...

kernel security, bug fix, and enhancement update

[5.14.0-362.8.1_3.OL9] Update Oracle Linux certificates (Kevin Lyons) Disable signing for aarch64 (Ilya Okomin) Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] Update x509.genkey [Orabug: 24817676] Conflict with shim-ia32...

nghttp2 security update

An update is available for nghttp2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list libnghttp2 is a library implementing the Hypertext Transfer Protocol version....

Important: nghttp2 security update

libnghttp2 is a library implementing the Hypertext Transfer Protocol version 2 (HTTP/2) protocol in C. Security Fix(es): HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487) For more details about the security issue(s), including the...

nginx:1.22 security update

An update is available for module.nginx, nginx. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list nginx is a web and proxy server supporting HTTP and other...

Moderate: nginx:1.22 security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fix(es): HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487) For more details about...

Satellite 6.14 security and bug fix update

An update is available for libdb. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Rocky Enterprise Software Foundation Satellite is a systems management tool...

grafana security and enhancement update

[9.2.10-7] - bump release number for rebuild with fixed gating.yaml file [9.2.10-6] - resolve RHEL-12665 - resolve CVE-2023-39325 CVE-2023-44487 rapid stream resets can cause excessive work - testing is turned off due to test failures caused by testing date mismatch [9.2.10-5] - resolve...

Exploit for Uncontrolled Resource Consumption in Ietf Http

CVE-2023-44487 (HTTP/2 Rapid Reset) There are some examples...

Unbreakable Enterprise kernel security update

[5.4.17-2136.325.5] - perf symbols: Symbol lookup with kcore can fail if multiple segments match stext (Krister Johansen) [Orabug: 35905508] - char: misc: Increase the maximum number of dynamic misc devices to 1048448 (D Scott Phillips) [Orabug: 35905508] - perf/arm-cmn: Fix invalid pointer...

De-risking in Practice: How Qualys Customers are Driving Value in Their Organizations

As the threat landscape continues to grow in complexity, it has become more important than ever for the modern enterprise to measure, communicate, and eliminate cyber risk with efficiency. What does that mean in practice? Over the last two days, during the 2023 Qualys Security Conference (QSC)...

API Leaks

Grasping the Fundamentals of API Breaches API, short for Application Programming Interface, consists of a stipulated set of guidelines and procedures enabling heterogeneous software applications to establish communication amongst them. Conceptualize it as an interconnecting channel that unites...

Leveraging AI-informed Cybersecurity to Measure, Communicate, and Eliminate Cyber Risk

Dilip Bachwani, Qualys CTO, shares the Qualys AI strategy with TruRisk AI at QSC 2023. The threat landscape is constantly evolving, and so are the implications of cyber risk across any organization. As attacker tactics become more sophisticated and persistent, cybersecurity strategies must grow...

NewStart CGSL MAIN 6.06 : neod Multiple Vulnerabilities (NS-SA-2023-0142)

The remote NewStart CGSL host, running version MAIN 6.06, has neod packages installed that are affected by multiple vulnerabilities: runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go...

(RHSA-2023:6832) Important: Red Hat OpenShift Data Foundation 4.14.0 security, enhancement & bug fix update

Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container....

(RHSA-2023:6828) Important: ACS 4.1 enhancement update

Updated images are now available for Red Hat Advanced Cluster Security. Security Fix(es): golang: net/http, x/net/http2: rapid stream resets can cause excessive work (Rapid Reset Attack) (CVE-2023-39325) A Red Hat Security Bulletin which addresses further details about the Rapid Reset flaw is...

Insights from Microsoft Security Copilot early adopters

To understand why customers are adopting generative AI solutions like Microsoft Security Copilot, we have to go back to the cyberthreat landscape—which continues to get more challenging. Organizations are facing a surge in cyberattacks while also dealing with a global shortage of security talent......

Insights from Microsoft Security Copilot early adopters

To understand why customers are adopting generative AI solutions like Microsoft Security Copilot, we have to go back to the cyberthreat landscape—which continues to get more challenging. Organizations are facing a surge in cyberattacks while also dealing with a global shortage of security talent......

(RHSA-2023:6818) Important: Satellite 6.14 security and bug fix update

Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Security Fix(es): golang: net/http, x/net/http2: rapid stream resets can cause excessive work...

(RHSA-2023:6817) Important: OpenShift Virtualization 4.14.0 Images security and bug fix update

OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.14.0 images. Security Fix(es): golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)...

(RHSA-2023:6272) Important: OpenShift Container Platform 4.11.53 bug fix and security update

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.53. See the following advisory for the RPM...

(RHSA-2023:6276) Important: OpenShift Container Platform 4.12.42 bug fix and security update

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.42. See the following advisory for the RPM...

(RHSA-2023:6275) Important: OpenShift Container Platform 4.12.42 security and extras update

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.12.42. See the following advisory for the container...

(RHSA-2023:6271) Important: OpenShift Container Platform 4.11.53 security and extras update

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.11.53. See the following advisory for the container...

(RHSA-2023:6257) Important: OpenShift Container Platform 4.13.21 bug fix and security update

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.21. There are no RPM packages for this update......

(RHSA-2023:6256) Important: OpenShift Container Platform 4.13.21 security and extras update

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. There are no RPM packages for this update. Security Fix(es): golang: net/http, x/net/http2: rapid stream resets can cause excessive work.....

(RHSA-2023:6788) Important: Red Hat OpenShift GitOps security update

Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Security Fix(es): golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325) HTTP/2: Multiple HTTP/2 enabled web servers are...

(RHSA-2023:6787) Important: Network Observability security update

Security Fix(es): golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-39325) HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487) For more details about the security issue(s), including the...

(RHSA-2023:6786) Important: Fence Agents Remediation Operator 0.2.1 security update

The Fence Agents Remediation Operator runs an existing set of upstream fencing agents for environments with a traditional API end-point (for example, IPMI) for power cycling cluster nodes. Security Fix(es): golang: net/http, x/net/http2: rapid stream resets can cause excessive work...

(RHSA-2023:6785) Important: Machine Deletion Remediation Operator 0.2.1 security update

The Machine Deletion Remediation Operator conforms to the External Remediation of NodeHealthCheck, and is designed to work with it in order to reprovision unhealthy nodes using the Machine API. It looks for the associated Machine of an unhealthy Node, and deletes it. Once the Machine CR has been...

(RHSA-2023:6784) Important: Node Health Check Operator 0.6.1 security update

You can use the Node Health Check Operator to deploy the Node Health Check controller. The controller identifies unhealthy nodes and uses the Self Node Remediation Operator to remediate the unhealthy nodes. Security Fix(es): golang: net/http, x/net/http2: rapid stream resets can cause excessive...

(RHSA-2023:6783) Important: Node Health Check Operator 0.4.1

You can use the Node Health Check Operator to deploy the Node Health Check controller. The controller identifies unhealthy nodes and uses the Self Node Remediation Operator to remediate the unhealthy nodes. Security Fix(es): golang: net/http, x/net/http2: rapid stream resets can cause excessive...

(RHSA-2023:6782) Important: openshift-gitops-kam security update

OpenShift GitOps KAM OpenShift GitOps Kubernetes Application Manager CLI tool Security Fix(es): golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325) HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset...