Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.
82fd72c7078fbdb4c025569a6e31fa7f8b9876ca37aab8ac24db92b0c589d2bfRed Hat Security Advisory 2023-1742-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling, buffer overflow, bypass, and denial of service vulnerabilities.
f28377e6e25b8387aa54cea292997b508ff485520e06f1243636f40bf125d07bSielco Analog FM Transmitter version 2.12 suffers from a cross site request forgery vulnerability.
c1c1c47865eb0e698992e725937498a55c55a78c7bf94b4e53ab2fcb7e6d18b5Red Hat Security Advisory 2023-1703-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.
03a9f7d0a470c4a3a3e5ff2582b47989635975c93c4803d4ad495a25a443adacSielco Analog FM Transmitter version 2.12 suffers from a cookie brute forcing vulnerability that can allow for session hijacking.
96ea285153f1385d9929ef190734969d4bc702d1d9aa0eea1a04870c880ae84aUbuntu Security Notice 6005-1 - Matthieu Barjole and Victor Cutillas discovered that Sudo incorrectly escaped control characters in log messages and sudoreplay output. An attacker could possibly use these issues to inject terminal control characters that alter output when being viewed.
cfe68dda5b69bc3506d45d5fc62f841408e947bace873e0d0e077a57032bf5b2Red Hat Security Advisory 2023-1691-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
eccaa6934a64207a23dd6b1cf3fa71535c99920b8ea85a4c853863d77d0ecf12Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
8026353c260fad12f44bf058697e9c8735bae663d236840940c371530147f2d8Red Hat Security Advisory 2023-1706-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.
333817e146d854daeb052ab54475b70ca44c1d1bc718a9693175a9703e2584fdRed Hat Security Advisory 2023-1693-01 - PostgreSQL is an advanced object-relational database management system.
d315648628aada8ac514ba2da5117ea67c094878448ac43371fca303e3df4ac2Ubuntu Security Notice 6007-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
c9b262e901295d825ffdae99b8758152082453e077fbc686cdf819f98f52abc7Google Chrome Browser version 111.0.5563.64 suffers from an AXPlatformNodeCocoa fatal out-of-memory denial of service vulnerability on macOS.
0f11dee0a3ee89decd4ede4b99ca33ca5b7ef40ffe08c8c8a668fe309ac5f950Ubuntu Security Notice 6004-1 - It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs. It was discovered that a use-after-free vulnerability existed in the SGI GRU driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service or possibly execute arbitrary code.
cabcdc25961ee369304092af7380ed42dd5a5ca767df881b09baa5dd34bba804Red Hat Security Advisory 2023-1696-01 - The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Issues addressed include a denial of service vulnerability.
55f0df74ba8f33e1055c916a1f7b0e9facdcd6152b767e465552ba68d10bb913Red Hat Security Advisory 2023-1701-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Issues addressed include a denial of service vulnerability.
95865e1295101a4f7e7c59eff29c03d48375f1ce8565ab466dab99605cb682d0WordPress WP Data Access plugin versions 5.3.7 and below suffer from a privilege escalation vulnerability.
d49ea8b9bea193cf8a0f42cd8b8716664bb3a87bf5134d20480629da298be9eaWordPress Limit Login Attempts plugin versions 1.7.1 and below suffer from a persistent cross site scripting vulnerability.
1532b19d05d684bd2a3c4b372dc5d6e1ef62176213e1f28f5a724a28d3ee4637Red Hat Security Advisory 2023-1705-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.
906ebe2ed57d890538254ef5f55316a4b30d716dba57c2c67c380cd085144dabRed Hat Security Advisory 2023-1672-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
030708069144cd8ccb832f74cd07c22c5ad7ba62856846754b4caee7462f5fc0InnovaStudio WYSIWYG Editor Asset Manager versions 5.4 and below suffer from a remote shell upload vulnerability.
f426d47f87ff9623498bc4617c33a7f93c29e93fdcc636ae9236941a5d648a22Ubuntu Security Notice 6006-1 - It was discovered that .NET did not properly manage dll files. An attacker could potentially use this issue to execute arbitrary code.
1fa7749f9355224ff71dd8d0884e1a1e23185a0afa7baf7835f3cebd3cceaccaRed Hat Security Advisory 2023-1681-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
ed29f867346e7388a07eaead82debbae66d899bc23a11235339b3af2d5749d55Red Hat Security Advisory 2023-1673-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
73871da6d0b24a9caeb2cbbff8d7a8f78ad8f79a742f5b1fa7ceea1630059811Red Hat Security Advisory 2023-1524-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.9.59.
76f4b0e3f3ea7884d6e299b4a81f60ce28ea66b48a087dabcd77087eea4a8cba
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed