AdvisoryWeek
Subscribe
Archives
2022-10 - Adobe, Mozilla, Canonical, Red Hat, Microsoft, GitHub
Published on March 14, 2022
Email address
Subscribe
Advisory Week
Week 10, 2022
Adobe Security Bulletins and Advisories
Security Updates Available for Adobe Illustrator | APSB21-12 APSB22-15
Security updates available for Adobe Photoshop | APSB21-28 APSB22-14
Mozilla Security Advisories
Security Vulnerabilities fixed in Thunderbird 91.7 mfsa2022-12
Security Vulnerabilities fixed in Firefox 98 mfsa2022-10
Security Vulnerabilities fixed in Firefox ESR 91.7 mfsa2022-11
Ubuntu Security Notices
USN-5322-1: Subversion vulnerability
USN-5321-1: Firefox vulnerabilities
USN-5320-1: Expat vulnerabilities and regression
USN-5319-1: Linux kernel vulnerabilities
USN-5318-1: Linux kernel vulnerabilities
USN-5317-1: Linux kernel vulnerabilities
USN-5316-1: Redis vulnerability
USN-5310-2: GNU C Library vulnerabilities
USN-5300-3: PHP vulnerabilities
USN-5313-1: OpenJDK vulnerabilities
USN-5314-1: Firefox vulnerabilities
Red Hat Security Advisory
(RHSA-2022:0056) Moderate: OpenShift Container Platform 4.10.3 security update
(RHSA-2022:0830) Important: .NET 5.0 security and bugfix update
(RHSA-2022:0831) Important: kernel security update
(RHSA-2022:0827) Important: .NET Core 3.1 security and bugfix update
(RHSA-2022:0832) Important: .NET 6.0 on RHEL 7 security and bugfix update
(RHSA-2022:0829) Important: .NET Core 3.1 on RHEL 7 security and bugfix update
(RHSA-2022:0826) Important: .NET 6.0 security and bugfix update
(RHSA-2022:0828) Important: .NET 5.0 on RHEL 7 security and bugfix update
(RHSA-2022:0825) Important: kernel security, bug fix, and enhancement update
(RHSA-2022:0824) Critical: firefox security and bug fix update
(RHSA-2022:0820) Important: kernel security, bug fix, and enhancement update
(RHSA-2022:0823) Important: kernel security update
(RHSA-2022:0822) Important: kernel-rt security update
(RHSA-2022:0821) Important: kernel-rt security and bug fix update
(RHSA-2022:0818) Critical: firefox security update
(RHSA-2022:0817) Critical: firefox security update
(RHSA-2022:0816) Critical: firefox security update
(RHSA-2022:0819) Important: kernel-rt security and bug fix update
(RHSA-2022:0815) Critical: firefox security update
(RHSA-2022:0790) Low: Satellite 6.10.3 Async Bug Fix Update
(RHSA-2022:0780) Important: cyrus-sasl security update
(RHSA-2022:0777) Important: kernel security, bug fix, and enhancement update
(RHSA-2022:0772) Important: kpatch-patch security update
(RHSA-2022:0771) Important: kernel-rt security and bug fix update
(RHSA-2022:0759) Moderate: virt:rhel and virt-devel:rhel security and bug fix update
Microsoft Security
Visual Studio Code Spoofing Vulnerability
Windows Update Stack Elevation of Privilege Vulnerability
Brotli Library Buffer Overflow Vulnerability
Azure Site Recovery Remote Code Execution Vulnerability
Azure Site Recovery Remote Code Execution Vulnerability
Azure Site Recovery Elevation of Privilege Vulnerability
Azure Site Recovery Elevation of Privilege Vulnerability
Azure Site Recovery Remote Code Execution Vulnerability
Azure Site Recovery Remote Code Execution Vulnerability
Azure Site Recovery Elevation of Privilege Vulnerability
Azure Site Recovery Remote Code Execution Vulnerability
Microsoft Office Word Tampering Vulnerability
Microsoft Word Security Feature Bypass Vulnerability
Microsoft Office Visio Remote Code Execution Vulnerability
Microsoft Office Visio Remote Code Execution Vulnerability
Microsoft Office Visio Remote Code Execution Vulnerability
Tablet Windows User Interface Application Elevation of Privilege Vulnerability
Windows SMBv3 Client/Server Remote Code Execution Vulnerability
Windows ALPC Elevation of Privilege Vulnerability
Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability
Windows DWM Core Library Elevation of Privilege Vulnerability
Windows ALPC Elevation of Privilege Vulnerability
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
Remote Desktop Client Remote Code Execution Vulnerability
Windows Print Spooler Elevation of Privilege Vulnerability
Windows ALPC Elevation of Privilege Vulnerability
Paint 3D Remote Code Execution Vulnerability
Windows Common Log File System Driver Information Disclosure Vulnerability
Microsoft Defender for Endpoint Spoofing Vulnerability
Microsoft Exchange Server Remote Code Execution Vulnerability
Point-to-Point Tunneling Protocol Denial of Service Vulnerability
Windows Media Center Update Denial of Service Vulnerability
Skype Extension for Chrome Information Disclosure Vulnerability
Azure Site Recovery Remote Code Execution Vulnerability
Azure Site Recovery Elevation of Privilege Vulnerability
Microsoft Intune Portal for iOS Security Feature Bypass Vulnerability
.NET and Visual Studio Denial of Service Vulnerability
.NET and Visual Studio Remote Code Execution Vulnerability
Microsoft Exchange Server Spoofing Vulnerability
Windows Fax and Scan Service Elevation of Privilege Vulnerability
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
Azure Site Recovery Elevation of Privilege Vulnerability
HEIF Image Extensions Remote Code Execution Vulnerability
HEVC Video Extensions Remote Code Execution Vulnerability
Windows CD-ROM Driver Elevation of Privilege Vulnerability
Remote Desktop Protocol Client Information Disclosure Vulnerability
Windows Security Support Provider Interface Elevation of Privilege Vulnerability
Windows HTML Platforms Security Feature Bypass Vulnerability
VP9 Video Extensions Remote Code Execution Vulnerability
HEVC Video Extensions Remote Code Execution Vulnerability
HEVC Video Extensions Remote Code Execution Vulnerability
VP9 Video Extensions Remote Code Execution Vulnerability
HEVC Video Extensions Remote Code Execution Vulnerability
HEVC Video Extensions Remote Code Execution Vulnerability
HEVC Video Extensions Remote Code Execution Vulnerability
Raw Image Extension Remote Code Execution Vulnerability
Windows PDEV Elevation of Privilege Vulnerability
Windows NT OS Kernel Elevation of Privilege Vulnerability
Windows Installer Elevation of Privilege Vulnerability
Raw Image Extension Remote Code Execution Vulnerability
Windows Event Tracing Remote Code Execution Vulnerability
Windows Fast FAT File System Driver Elevation of Privilege Vulnerability
Windows DWM Core Library Elevation of Privilege Vulnerability
Windows Inking COM Elevation of Privilege Vulnerability
Microsoft Defender for IoT Elevation of Privilege Vulnerability
Microsoft Defender for IoT Remote Code Execution Vulnerability
Remote Desktop Client Remote Code Execution Vulnerability
Windows Hyper-V Denial of Service Vulnerability
Media Foundation Information Disclosure Vulnerability
Xbox Live Auth Manager for Windows Elevation of Privilege Vulnerability
Media Foundation Information Disclosure Vulnerability
Github Security Advisories
[GHSA-p6h4-93qp-jhcm] Command Injection in Parse server
[GHSA-mcg6-h362-cmq5] Improper Authorization in cobbler
[GHSA-6h3m-36w8-hv68] Arbitrary file write in nats-server
[GHSA-4cx6-fj7j-pjx9] Code injection in Stripe CLI on windows
[GHSA-83vp-6jqg-6cmr] Incorrect Authentication in shopware
[GHSA-6wrh-279j-6hvw] HTTP caching is marking private HTTP headers as public in Shopware
[GHSA-952p-fqcp-g8pc] HTML injection possibility in voucher code form in Shopware
[GHSA-w267-m9c4-8555] Shopware user session is not logged out if the password is reset via password recovery
[GHSA-jp6h-mxhx-pgqh] Shopware guest session is shared between customers
[GHSA-75p7-527p-w8wp] Server-Side Request Forgery and Open Redirect in AllTube Download
[GHSA-m5pq-gvj9-9vr8] Regular expression denial of service in Rust's regex crate
[GHSA-9w4w-cpc8-h2fq] Exposure of Sensitive Information to an Unauthorized Actor in httpie
[GHSA-5jgq-x857-p8xw] Account compromise in Evmos
[GHSA-6cp7-g972-w9m9] Use of a Key Past its Expiration Date in Maddy Mail Server