Advisory Week


Week 24, 2022
Adobe Security Bulletins and Advisories
 
Adobe Security Bulletin APSB22-31
Security Update Available for Adobe InDesign | APSB20-66 APSB22-30
Security Update Available for Adobe InCopy | APSB21-05 APSB22-29
Security Updates Available for Adobe Bridge | APSB21-23 APSB22-25
Security Updates Available for Adobe Animate | APSB21-21 APSB22-24
Ubuntu Security Notices
 
USN-5485-1: Linux kernel vulnerabilities
USN-5484-1: Linux kernel vulnerabilities
USN-5482-1: SPIP vulnerabilities
USN-5483-1: Exempi vulnerabilities
LSN-0087-1: Kernel Live Patch Security Notice
USN-5481-1: BlueZ vulnerabilities
USN-5479-1: PHP vulnerabilities
USN-5478-1: util-linux vulnerability
USN-5477-1: ncurses vulnerabilities
USN-5359-2: rsync vulnerability
USN-5476-1: Liblouis vulnerabilities
USN-5475-1: Firefox vulnerabilities
Red Hat Security Advisory
 
(RHSA-2022:4947) Important: OpenShift Container Platform 4.6.59 security update
(RHSA-2022:4951) Moderate: OpenShift Container Platform 4.8.43 packages and security update
(RHSA-2022:5101) Important: Red Hat AMQ Broker 7.10.0 release and security update
(RHSA-2022:5099) Important: grub2, mokutil, shim, and shim-unsigned-x64 security update
(RHSA-2022:5100) Important: grub2, mokutil, shim, and shim-unsigned-x64 security update
(RHSA-2022:5095) Important: grub2, mokutil, shim, and shim-unsigned-x64 security update
(RHSA-2022:5096) Important: grub2, mokutil, shim, and shim-unsigned-x64 security update
(RHSA-2022:5098) Important: grub2, mokutil, and shim security update
(RHSA-2022:4965) Moderate: OpenShift Container Platform 4.7.53 packages and security update
(RHSA-2022:5061) Moderate: .NET Core 3.1 security and bugfix update
(RHSA-2022:5056) Important: cups security and bug fix update
(RHSA-2022:5057) Important: cups security update
(RHSA-2022:5055) Important: cups security update
(RHSA-2022:5054) Important: cups security update
(RHSA-2022:5050) Moderate: .NET 6.0 security and bugfix update
(RHSA-2022:5052) Important: xz security update
(RHSA-2022:5053) Important: log4j security update
(RHSA-2022:5046) Moderate: .NET 6.0 security and bugfix update
(RHSA-2022:5047) Moderate: .NET 6.0 on RHEL 7 security and bugfix update
(RHSA-2022:5026) Moderate: OpenShift Virtualization 4.10.2 Images security and bug fix update
(RHSA-2022:4972) Moderate: OpenShift Container Platform 4.9.38 packages and security update
(RHSA-2022:4943) Moderate: OpenShift Container Platform 4.10.18 packages and security update
(RHSA-2022:5006) Important: Red Hat OpenShift Service Mesh 2.1.3 Containers security update
(RHSA-2022:5004) Critical: Red Hat OpenShift Service Mesh 2.1.3 security update
(RHSA-2022:5003) Important: Red Hat OpenShift Service Mesh 2.0.10 security update
(RHSA-2022:5002) Moderate: virt:av and virt-devel:av security and bug fix update
(RHSA-2022:4991) Important: xz security update
(RHSA-2022:4993) Important: xz security update
(RHSA-2022:4992) Important: xz security update
(RHSA-2022:4990) Important: cups security update
(RHSA-2022:4994) Important: xz security update
Cisco Security Advisory
 
Cisco AppDynamics Controller Authorization Bypass Vulnerability
Cisco IP Phone Duplicate Key Vulnerability
Cisco Email Security Appliance and Cisco Secure Email and Web Manager Information Disclosure Vulnerability
Cisco Identity Services Engine Sensitive Information Disclosure Vulnerability
Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Remote Command Execution and Denial of Service Vulnerability
Cisco Email Security Appliance and Cisco Secure Email and Web Manager External Authentication Bypass Vulnerability
Cisco Identity Services Engine Authentication Bypass Vulnerability
Microsoft Security
 
AV1 Video Extension Remote Code Execution Vulnerability
Windows SMB Denial of Service Vulnerability
Windows Autopilot Device Management and Enrollment Client Spoofing Vulnerability
Microsoft Photos App Remote Code Execution Vulnerability
Local Security Authority Subsystem Service Elevation of Privilege Vulnerability
Windows Kerberos Elevation of Privilege Vulnerability
Windows Installer Elevation of Privilege Vulnerability
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
Microsoft SQL Server Remote Code Execution Vulnerability
HEVC Video Extensions Remote Code Execution Vulnerability
HEVC Video Extensions Remote Code Execution Vulnerability
.NET and Visual Studio Information Disclosure Vulnerability
Azure RTOS GUIX Studio Information Disclosure Vulnerability
Azure RTOS GUIX Studio Remote Code Execution Vulnerability
Azure RTOS GUIX Studio Remote Code Execution Vulnerability
Azure RTOS GUIX Studio Remote Code Execution Vulnerability
Microsoft Office Remote Code Execution Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office Information Disclosure Vulnerability
Microsoft Office Information Disclosure Vulnerability
AV1 Video Extension Remote Code Execution Vulnerability
Kerberos AppContainer Security Feature Bypass Vulnerability
Windows Hyper-V Remote Code Execution Vulnerability
Windows Kernel Information Disclosure Vulnerability
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability
Microsoft Office Information Disclosure Vulnerability
Microsoft SharePoint Server Remote Code Execution Vulnerability
Microsoft SharePoint Server Remote Code Execution Vulnerability
Windows Kernel Denial of Service Vulnerability
Microsoft File Server Shadow Copy Agent Service (RVSS) Elevation of Privilege Vulnerability
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
Windows Network Address Translation (NAT) Denial of Service Vulnerability
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
Windows Defender Remote Credential Guard Elevation of Privilege Vulnerability
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
Windows Desired State Configuration (DSC) Information Disclosure Vulnerability
Windows Encrypting File System (EFS) Remote Code Execution Vulnerability
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
Windows File History Remote Code Execution Vulnerability
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
Windows iSCSI Discovery Service Remote Code Execution Vulnerability
Azure Service Fabric Container Elevation of Privilege Vulnerability
Windows Network File System Remote Code Execution Vulnerability
Windows Media Center Elevation of Privilege Vulnerability
Windows Container Manager Service Elevation of Privilege Vulnerability
Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability
HEVC Video Extensions Remote Code Execution Vulnerability
Azure Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability
HEVC Video Extensions Remote Code Execution Vulnerability
Intel: CVE-2022-21125 Shared Buffers Data Sampling (SBDS)
Intel: CVE-2022-21123 Shared Buffers Data Read (SBDR)
Intel: CVE-2022-21127 Special Register Buffer Data Sampling Update (SRBDS Update)
Intel: CVE-2022-21166 Device Register Partial Write (DRPW)
Chromium: CVE-2022-2011 Use after free in ANGLE
Chromium: CVE-2022-2010 Out of bounds read in compositing
Chromium: CVE-2022-2008 Out of bounds memory access in WebGL
Chromium: CVE-2022-2007 Use after free in WebGPU
Github Security Advisories
 
[GHSA-rh9j-f5f8-rvgc] Authentication bypass vulnerability in Apple Game Center auth adapter
[GHSA-85q9-7467-r53q] XSS Vulnerability in Markdown Editor
[GHSA-r7pq-3x6p-7jcm] Memory Allocation with Excessive Size Value in OPCFoundation.NetStandard.Opc.Ua
[GHSA-vhfw-v69p-crcw] Uncontrolled Resource Consumption in OPCFoundation.NetStandard.Opc.Ua
[GHSA-fvxf-r9fw-49pc] Incorrect Implementation of Authentication Algorithm in OPCFoundation.NetStandard.Opc.Ua
[GHSA-6fp8-cxc9-4fr9] Uncontrolled Resource Consumption in OPCFoundation.NetStandard.Opc.Ua
[GHSA-5q2v-6j86-5h9v] Security Update for the OPC UA .NET Standard Stack
[GHSA-77mv-4rg7-r8qv] Potential Sensitive Cookie Exposure in NPM Packages @finastra/nestjs-proxy, @ffdc/nestjs-proxy
[GHSA-j562-c3cw-3p5g] Potential Authorization Header Exposure in NPM Packages @finastra/nestjs-proxy, @ffdc/nestjs-proxy
[GHSA-wwjw-r3gj-39fq] Insufficient Session Expiration in Admin Tool
[GHSA-h4mx-xv96-2jgm] Cross-Site Scripting in Frontend Login Mailer
[GHSA-3r95-23jp-mhvg] Cross-Site Scripting in Form Framework
[GHSA-fh99-4pgr-8j99] Insertion of Sensitive Information into Log File in typo3/cms-core
[GHSA-8gmv-9hwg-w89g] Information Disclosure via Export Module
[GHSA-hprf-rrwq-jm5c] Plaintext Storage of Keys and Passwords in Rundeck and PagerDuty Process Automation
[GHSA-w3vw-ccc5-qr8v] Use After Free in Context::start_auth_session
[GHSA-7rq4-qcpw-74gq] Formula Injection in Exported Data
[GHSA-fr2w-mp56-g4xp] Unrestricted Attachment Upload
[GHSA-rm89-9g65-4ffr] Insufficient HTML Sanitization
[GHSA-7v28-g2pq-ggg8] Remote code execution in locale setting change
[GHSA-g63h-q855-vp3q] Configuration API in EdgeXFoundry 2.1.0 and earlier exposes message bus credentials to local unauthenticated users
[GHSA-4jqc-jvh2-pxg9] Path traversal for local publishers in TechDocs backend
[GHSA-qpgx-64h2-gc3c] Insecure path traversal in Git Trigger Source can lead to arbitrary file read
[GHSA-5q86-62xr-3r57] Uses of deprecated API can be used to cause DoS in user-facing endpoints
[GHSA-pgw7-wx7w-2w33] ProxyAgent vulnerable to MITM
[GHSA-75rw-34q6-72cr] Signature forgery in Biscuit
[GHSA-77xc-hjv8-ww97] AutoUpdater module fails to validate certain nested components of the bundle
[GHSA-mq8j-3h7h-p8g7] Compromised child renderer processes could obtain IPC access without nodeIntegrationInSubFrames being enabled
[GHSA-q874-g24w-4q9g] Token bruteforcing
[GHSA-v7vq-3x77-87vg] Token bruteforcing.
[GHSA-g28x-pgr3-qqx6] Octokit gem published with world-writable files
[GHSA-26qj-cr27-r5c4] Octopoller gem published with world-writable files
[GHSA-3885-8gqc-3wpf] Potential leak of NuGet.org API key