container-tools:rhel8 bug fix update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Bug Fixes: podman exec rc-code needs to distinguish between stopped containers and non existing ones BZ1723470 Performance Problems with Podman on systems with IO load BZ1724522 podma...

kernel: infinite loop in update_blocked_averages() in kernel/sched/fair.c leading to denial of service

The CFS Linux kernel scheduler mishandles handling of leaf cfsrq's in the kernel/sched/fair.c code, which allows a local unprivileged attacker to cause a denial of service DoS by entering an infinite loop in updateblockedaverages function by inducing a high load on a system. Due to the nature of...

QEMU: device_tree: heap buffer overflow while loading device tree blob

A heap buffer overflow issue was found in the loaddevicetree function of QEMU, which is invoked to load a device tree blob at boot time. It occurs due to device tree size manipulation before buffer allocation, which could overflow a signed int type. A user/process could use this flaw to potential...

Important: Red Hat Security Advisory: keepalived security update

An update for keepalived is now available for Red Hat Enterprise Linux 7.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

QEMU: device_tree: heap buffer overflow while loading device tree blob

A heap buffer overflow issue was found in the loaddevicetree function of QEMU, which is invoked to load a device tree blob at boot time. It occurs due to device tree size manipulation before buffer allocation, which could overflow a signed int type. A user/process could use this flaw to potential...

CImg Library Command Injection Vulnerability

CImg Library is an open source C++ library for image processing . A command injection vulnerability exists in the 'loadnetwork' function in CImg The CImg Library version 2.3.3 and earlier. The vulnerability stems from a network system or product not properly filtering specific elements of...

CVE-2019-1010174

CImg The CImg Library v.2.3.3 and earlier is affected by: command injection. The impact is: RCE. The component is: loadnetwork function. The attack vector is: Loading an image from a user-controllable url can lead to command injection, because no string sanitization is done on the url. The fixed...

PT-2019-11494 · David Tschumperle · Cimg Library

Name of the Vulnerable Software and Affected Versions: CImg Library versions prior to 2.3.4 Description: The issue allows for command injection, potentially leading to Remote Code Execution RCE, due to a lack of string sanitization on user-controllable URLs when loading images using the load...

openSUSE: Security Advisory for ucode-intel (openSUSE-SU-2019:1805-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2019-2727

Vulnerability in the Oracle Application Testing Suite component of Oracle Enterprise Manager Products Suite subcomponent: Load Testing for Web Apps. The supported version that is affected is 13.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

CVE-2019-2727

Vulnerability in the Oracle Application Testing Suite component of Oracle Enterprise Manager Products Suite subcomponent: Load Testing for Web Apps. The supported version that is affected is 13.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

CVE-2019-2727

Oracle Application Testing Suite (subcomponent: Load Testing for Web Apps) in Oracle Enterprise Manager Products Suite, version 13.3, is affected by CVE-2019-2727. The vulnerability allows unauthenticated, network-based access via HTTP to compromise data: unauthorized update/insert/delete and rea...

NVIDIA Jetson TX1 Tegra bootloader local code execution vulnerability

NVIDIA Jetson TX1 is an embedded system development module from NVIDIA. A security vulnerability exists in the nvtboot of the Tegra bootloader in NVIDIA Jetson TX1 L4T R32 versions prior to R32.2, which stems from a failure of the program to first validate the load address when loading the...

nodejs: Denial of Service with large HTTP headers

Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers almost 80 KB per connection, and carefully timed completion of the headers, it is possible to cause the HTTP...

Oracle Application Testing Suite Multiple Vulnerabilities (Jul 2019 CPU)

The version of Oracle Application Testing Suite installed on the remote host is affected by multiple vulnerabilities: - A deserialization vulnerability exists in Apache Commons FileUpload library. An unauthenticated, remote attacker can exploit this, via customized Java serialised object, to...

Akamai Load Balancing to Lock-in Quality

The Right Service from the Right Edge at the Right Time Introduction As Akamai's Global Traffic Management for Cloud, Data Centers and CDNs blog introduces, Akamai's Intelligent Edge™ platform includes DNS and Layer 7 load balancing capabilities that combine to get users to the right edge at the...

Oracle Enterprise Manager Products Suite Application Testing Suite Component Access Control Error Vulnerability

Oracle Enterprise Manager Products Suite is a set of Oracle's on-premise management platform. Application Testing Suite is one of the application testing components. A security vulnerability exists in the Load Testing for Web Apps subcomponent of the Application Testing Suite component of Oracle...

Important: Red Hat Security Advisory: keepalived security update

An update for keepalived is now available for Red Hat Enterprise Linux 7.5 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

PT-2019-11591 · Red Hat · Osbs-Client

Name of the Vulnerable Software and Affected Versions: osbs-client versions 0.46 through 0.56.0 Description: A flaw was found in the yaml.load function, allowing insecure use that enables loading of suspicious objects for code execution via parsing of malicious YAML files. Recommendations: For...

QEMU: device_tree: heap buffer overflow while loading device tree blob

A heap buffer overflow issue was found in the loaddevicetree function of QEMU, which is invoked to load a device tree blob at boot time. It occurs due to device tree size manipulation before buffer allocation, which could overflow a signed int type. A user/process could use this flaw to potential...