Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a sensitive information exposure in Sudo Project Sudo [CVE-2023-28486]

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a sensitive information exposure in Sudo Project Sudo, caused by improper escaping terminal control characters during logging operations CVE-2023-28486. Sudo Project Sudo is included as a Base OS package used...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a sensitive information exposure in Sudo Project Sudo [CVE-2023-28487]

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a sensitive information exposure in Sudo Project Sudo, caused by improper escaping terminal control characters by the "sudoreplay -l" command CVE-2023-28487. Sudo Project Sudo is included as a Base OS package...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security restrictions bypass in Sudo Project Sudo [CVE-2023-42465]

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security restrictions bypass in Sudo Project Sudo, caused by a fault injection flaw in the stack/register variables CVE-2023-42465. Sudo Project Sudo is included as a Base OS package used by our service...

Security Bulletin: IBM Storage Ceph is vulnerable to CWE in the RHEL UBI (CVE-2023-28487)

Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2023-28487. Vulnerability Details CVEID:CVE-2023-28487 DESCRIPTION: Sudo Project Sudo could allow a remote attacker to obtain...

Exploit for Out-of-bounds Write in Sudo_Project Sudo

CVE-2019-18634 N-Day Exploit Slides https://docs.googl...

Exploit for Out-of-bounds Write in Sudo_Project Sudo

CVE-2019-18634 I wrote this exploit for Linx Mint 19.1 so pro...