kernel security update

5.14.0-503.23.25.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...

PT-2024-7270 · Ruby +10 · Rexml +10

Name of the Vulnerable Software and Affected Versions: REXML versions prior to 3.2.6 REXML versions prior to 3.3.1 REXML versions prior to 3.3.2 REXML versions prior to 3.3.3 Description: The REXML gem has a denial of service vulnerability when it parses an XML that has many s in an attribute...

PT-2022-17577 · Unknown · Io.Socket:Socket.Io-Client

Name of the Vulnerable Software and Affected Versions: io.socket:socket.io-client versions prior to 2.0.1 Description: The issue is related to a NULL Pointer Dereference that occurs when parsing a packet with an invalid payload format. This can happen in the io.socket:socket.io-client package...

PT-2021-4979

Name of the Vulnerable Software and Affected Versions GitLab versions 11.9 through 13.10.2 GitLab CE/EE versions prior to 14.0 Description The issue is related to insufficient input validation in GitLab when parsing image files, allowing remote command execution. This has been exploited in...

Microsoft Outlook Security Feature Bypass Vulnerability

A security feature bypass vulnerability exists in Microsoft Outlook software when it improperly handles the parsing of file formats. The security feature bypass by itself does not allow arbitrary code execution. However, to successfully exploit the vulnerability, an attacker would have to use it ...