221 matches found
USN-5667-1: Linux kernel vulnerabilities
Selim Enes Karaduman discovered that a race condition existed in the General notification queue implementation of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-188...
kubernetes security update
kubernetes 1.22.14-1 - Added Oracle specific build files for Kubernetes kubernetes 1.23.11-1 - Added Oracle specific build files for Kubernetes olcne 1.5.6-1 - Upgraded kubernetes-1.23.7 to 1.23.11, 1.22.8 to 1.22.14 and 1.21.6 to 1.21.14 - Resolve Kubernetes CVE-2022-3172 for version 1.21 -...
Researchers Disclose Critical Vulnerability in Oracle Cloud Infrastructure
Researchers have disclosed a new severe Oracle Cloud Infrastructure OCI vulnerability that could be exploited by users to access the virtual disks of other Oracle customers. "Each virtual disk in Oracle's cloud has a unique identifier called OCID," Shir Tamari, head of research at Wiz, said in a...
USN-5622-1: Linux kernel vulnerabilities
It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 Moshe Ko...
USN-5599-1: Linux kernel (Oracle) vulnerabilities
Asaf Modelevsky discovered that the IntelR 10GbE PCI Express ixgbe Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. CVE-2021-33061 Moshe Kol, Amit Klein and Yossi Gilad discovered that the I...
USN-5597-1: Linux kernel (Oracle) vulnerability
It was discovered that the virtual terminal driver in the Linux kernel did not properly handle VGA console font changes, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...
USN-5560-2: Linux kernel vulnerabilities
Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...
USN-5518-1: Linux kernel vulnerabilities
It was discovered that the eBPF implementation in the Linux kernel did not properly prevent writes to kernel objects in BPFBTFLOAD commands. A privileged local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-0500 It was discovered tha...
USN-5514-1: Linux kernel vulnerabilities
It was discovered that the implementation of the 6pack and mkiss protocols in the Linux kernel did not handle detach events properly in some situations, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service system crash. CVE-2022-1195...
TikTok Assures U.S. Lawmakers it's Working to Safeguard User Data From Chinese Staff
Following heightened worries that U.S. users' data had been accessed by TikTok engineers in China between September 2021 and January 2022, the company sought to assuage U.S. lawmakers that it's taking steps to "strengthen data security." The admission that some China-based employees can access...
Wiz extends CNAPP leadership with protection for Alibaba Cloud
Support for Alibaba Cloud follows just weeks after launch of Oracle Cloud Infrastructure OCI integration, providing organizations the broadest coverage of any cloud native application protection platform CNAPP...
Oracle Cloud Infrastructure Information Disclosure Vulnerability (CNVD-2022-74098)
Oracle Corporation Oracle is the world's largest provider of information management software and services, founded in 1977, headquartered in Redwood shore, California, USA, open for global oracle certification. oracle Cloud Infrastructure is a cloud services platform from Oracle Corporation USA...
CVE-2022-21503
Vulnerability in the Oracle Cloud Infrastructure product of Oracle Cloud Services. Easily exploitable vulnerability allows high privileged attacker with network access to compromise Oracle Cloud Infrastructure. Successful attacks of this vulnerability can result in unauthorized access to Oracle...
CVE-2022-21503
Vulnerability in the Oracle Cloud Infrastructure product of Oracle Cloud Services. Easily exploitable vulnerability allows high privileged attacker with network access to compromise Oracle Cloud Infrastructure. Successful attacks of this vulnerability can result in unauthorized access to Oracle...
Design/Logic Flaw
Vulnerability in the Oracle Cloud Infrastructure product of Oracle Cloud Services. Easily exploitable vulnerability allows high privileged attacker with network access to compromise Oracle Cloud Infrastructure. Successful attacks of this vulnerability can result in unauthorized access to Oracle...
CVE-2022-21503
Vulnerability in the Oracle Cloud Infrastructure product of Oracle Cloud Services. Easily exploitable vulnerability allows high privileged attacker with network access to compromise Oracle Cloud Infrastructure. Successful attacks of this vulnerability can result in unauthorized access to Oracle...
CVE-2022-21503
Vulnerability in the Oracle Cloud Infrastructure product of Oracle Cloud Services. Easily exploitable vulnerability allows high privileged attacker with network access to compromise Oracle Cloud Infrastructure. Successful attacks of this vulnerability can result in unauthorized access to Oracle...
CVE-2022-21503
The CVE-2022-21503 entry concerns Oracle Cloud Infrastructure (OCI) vulnerabilities described as: an easily exploitable issue allowing a high-privileged attacker with network access to compromise OCI and potentially obtain unauthorized access to data. Documented impact states confidentiality expo...
Oracle Cloud Infrastructure 安全漏洞
Oracle Corporation Oracle is the world's largest provider of information management software and services, founded in 1977, headquartered in Redwood shore, California, USA, open for global oracle certification. oracle Cloud Infrastructure is a cloud services platform from Oracle Corporation USA...
Wiz now integrates with Oracle Cloud Infrastructure, bringing a graph-based cloud security approach to all major providers
Fortune 500’s Avery Dennison among enterprises that operate securely on OCI and other cloud infrastructure with Wiz...