Debian Security Advisory 5267-1

Debian Linux Security Advisory 5267-1 - Nicky Mouha discovered a buffer overflow in 'sha3', a Python library for the SHA-3 hashing functions.

Gentoo Linux Security Advisory 202210-33

Gentoo Linux Security Advisory 202210-33 - A vulnerability has been discovered in Libtirpc which could result in denial of service. Versions less than 1.3.2 are affected.

Debian Security Advisory 5266-1

Debian Linux Security Advisory 5266-1 - A heap use-after-free vulnerability after overeager destruction of a shared DTD in the XML_ExternalEntityParserCreate function in Expat, an XML parsing C library, may result in denial of service or potentially the execution of arbitrary code.

Gentoo Linux Security Advisory 202210-32

Gentoo Linux Security Advisory 202210-32 - An integer overflow has been found in hiredis which could result in arbitrary code execution. Versions less than 1.0.1 are affected.

Gentoo Linux Security Advisory 202210-31

Gentoo Linux Security Advisory 202210-31 - Multiple vulnerabilities have been discovered in OpenEXR, the worst of which could result in arbitrary code execution. Versions less than 3.1.5 are affected.

Apple Security Advisory 2022-10-27-15

Apple Security Advisory 2022-10-27-15 - Safari 16.1 addresses code execution, spoofing, and use-after-free vulnerabilities.

Debian Security Advisory 5265-1

Debian Linux Security Advisory 5265-1 - Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine.

Gentoo Linux Security Advisory 202210-30

Gentoo Linux Security Advisory 202210-30 - Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in remote code execution. Versions less than 21.1.4 are affected.

Apple Security Advisory 2022-10-27-14

Apple Security Advisory 2022-10-27-14 - Safari 16 addresses buffer overflow, code execution, out of bounds read, and spoofing vulnerabilities.

Apple Security Advisory 2022-10-27-13

Apple Security Advisory 2022-10-27-13 - watchOS 9 addresses buffer overflow, bypass, code execution, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities.

Red Hat Security Advisory 2022-7261-01

Red Hat Security Advisory 2022-7261-01 - OpenShift API for Data Protection enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes. Issues addressed include a denial of service vulnerability.

APPLE-SA-2022-10-27-10 Additional information for APPLE-SA-2022-10-24-6 tvOS 16.1

Posted by Apple Product Security via Fulldisclosure on Oct 30

APPLE-SA-2022-10-27-10 Additional information for APPLE-SA-2022-10-24-6 tvOS 16.1

tvOS 16.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213492.

AppleMobileFileIntegrity
Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple
TV HD
Impact: An app may be able to modify protected parts of the file
system
Description: This issue was addressed by removing...

APPLE-SA-2022-10-27-11 tvOS 16

Posted by Apple Product Security via Fulldisclosure on Oct 30

APPLE-SA-2022-10-27-11 tvOS 16

tvOS 16 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213487.

Accelerate Framework
Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple
TV HD
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: A memory consumption issue was addressed with improved
memory handling.
CVE-2022-42795:...

APPLE-SA-2022-10-27-12 Additional information for APPLE-SA-2022-10-24-5 watchOS 9.1

Posted by Apple Product Security via Fulldisclosure on Oct 30

APPLE-SA-2022-10-27-12 Additional information for APPLE-SA-2022-10-24-5 watchOS 9.1

watchOS 9.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213491.

AppleMobileFileIntegrity
Available for: Apple Watch Series 4 and later
Impact: An app may be able to modify protected parts of the file
system
Description: This issue was addressed by removing additional
entitlements....

APPLE-SA-2022-10-27-13 watchOS 9

Posted by Apple Product Security via Fulldisclosure on Oct 30

APPLE-SA-2022-10-27-13 watchOS 9

watchOS 9 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213486.

Accelerate Framework
Available for: Apple Watch Series 4 and later
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: A memory consumption issue was addressed with improved
memory handling.
CVE-2022-42795: ryuzaki

AppleAVD...

APPLE-SA-2022-10-27-14 Additional information for APPLE-SA-2022-09-12-5 Safari 16

Posted by Apple Product Security via Fulldisclosure on Oct 30

APPLE-SA-2022-10-27-14 Additional information for APPLE-SA-2022-09-12-5 Safari 16

Safari 16 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213442.

Safari Extensions
Available for: macOS Big Sur and macOS Monterey
Impact: A website may be able to track users through Safari web
extensions
Description: A logic issue was addressed with improved state
management.
WebKit...

APPLE-SA-2022-10-27-15 Additional information for APPLE-SA-2022-10-24-7 Safari 16.1

Posted by Apple Product Security via Fulldisclosure on Oct 30

APPLE-SA-2022-10-27-15 Additional information for APPLE-SA-2022-10-24-7 Safari 16.1

Safari 16.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213495.

WebKit
Available for: macOS Big Sur and macOS Monterey
Impact: Visiting a malicious website may lead to user interface
spoofing
Description: The issue was addressed with improved UI handling.
WebKit Bugzilla: 243693...

APPLE-SA-2022-10-27-9 Additional information for APPLE-SA-2022-09-12-3 macOS Big Sur 11.7

Posted by Apple Product Security via Fulldisclosure on Oct 30

APPLE-SA-2022-10-27-9 Additional information for APPLE-SA-2022-09-12-3 macOS Big Sur 11.7

macOS Big Sur 11.7 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213443.

AppleMobileFileIntegrity
Available for: macOS Big Sur
Impact: An app may be able to access user-sensitive data
Description: An issue in code signature validation was addressed with
improved checks....

APPLE-SA-2022-10-27-1 iOS 15.7.1 and iPadOS 15.7.1

Posted by Apple Product Security via Fulldisclosure on Oct 30

APPLE-SA-2022-10-27-1 iOS 15.7.1 and iPadOS 15.7.1

iOS 15.7.1 and iPadOS 15.7.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213490.

Apple Neural Engine
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: An app may be able to execute arbitrary code...

APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6

Posted by Apple Product Security via Fulldisclosure on Oct 30

APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6

macOS Monterey 12.6 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213444.

AppleMobileFileIntegrity
Available for: macOS Monterey
Impact: An app may be able to access user-sensitive data
Description: An issue in code signature validation was addressed with
improved checks....

APPLE-SA-2022-10-27-8 Additional information for APPLE-SA-2022-10-24-4 macOS Big Sur 11.7.1

Posted by Apple Product Security via Fulldisclosure on Oct 30

APPLE-SA-2022-10-27-8 Additional information for APPLE-SA-2022-10-24-4 macOS Big Sur 11.7.1

macOS Big Sur 11.7.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213493.

AppleMobileFileIntegrity
Available for: macOS Big Sur
Impact: An app may be able to modify protected parts of the file
system
Description: This issue was addressed by removing additional
entitlements....

APPLE-SA-2022-10-27-2 Additional information for APPLE-SA-2022-10-24-1 iOS 16.1 and iPadOS 16

Posted by Apple Product Security via Fulldisclosure on Oct 30

APPLE-SA-2022-10-27-2 Additional information for APPLE-SA-2022-10-24-1 iOS 16.1 and iPadOS 16

iOS 16.1 and iPadOS 16 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213489.

Apple Neural Engine
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, iPad mini
5th generation and later
Impact: An app may be...

APPLE-SA-2022-10-27-6 Additional information for APPLE-SA-2022-10-24-3 macOS Monterey 12.6.1

Posted by Apple Product Security via Fulldisclosure on Oct 30

APPLE-SA-2022-10-27-6 Additional information for APPLE-SA-2022-10-24-3 macOS Monterey 12.6.1

macOS Monterey 12.6.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213494.

AppleMobileFileIntegrity
Available for: macOS Monterey
Impact: An app may be able to modify protected parts of the file
system
Description: This issue was addressed by removing additional
entitlements....

APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13

Posted by Apple Product Security via Fulldisclosure on Oct 30

APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13

macOS Ventura 13 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213488.

Accelerate Framework
Available for: Mac Studio (2022), Mac Pro (2019 and later), MacBook
Air (2018 and later), MacBook Pro (2017 and later), Mac mini (2018
and later), iMac (2017 and later), MacBook (2017), and iMac...

APPLE-SA-2022-10-27-4 Additional information for APPLE-SA-2022-09-12-2 iOS 15.7 and iPadOS 15.7

Posted by Apple Product Security via Fulldisclosure on Oct 30

APPLE-SA-2022-10-27-4 Additional information for APPLE-SA-2022-09-12-2 iOS 15.7 and iPadOS 15.7

iOS 15.7 and iPadOS 15.7 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213445.

Apple Neural Engine
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: An...

APPLE-SA-2022-10-27-3 Additional information for APPLE-SA-2022-09-12-1 iOS 16

Posted by Apple Product Security via Fulldisclosure on Oct 30

APPLE-SA-2022-10-27-3 Additional information for APPLE-SA-2022-09-12-1 iOS 16

iOS 16 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213446.

Accelerate Framework
Available for: iPhone 8 and later
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: A memory consumption issue was addressed with improved
memory handling....

Red Hat Security Advisory 2022-7144-01

Red Hat Security Advisory 2022-7144-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.51 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 10, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, integer overflow, null pointer, out of bounds read, out of bounds write, and server-side request forgery vulnerabilities.

Red Hat Security Advisory 2022-7143-01

Red Hat Security Advisory 2022-7143-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.51 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 10, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, integer overflow, null pointer, out of bounds read, out of bounds write, and server-side request forgery vulnerabilities.

Ubuntu Security Notice USN-5703-1

Ubuntu Security Notice 5703-1 - Selim Enes Karaduman discovered that a race condition existed in the General notification queue implementation of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Pawan Kumar Gupta, Alyssa Milburn, Amit Peled, Shani Rehana, Nir Shildan and Ariel Sabba discovered that some Intel processors with Enhanced Indirect Branch Restricted Speculation did not properly handle RET instructions after a VM exits. A local attacker could potentially use this to expose sensitive information.

Ubuntu Security Notice USN-5702-2

Ubuntu Security Notice 5702-2 - USN-5702-1 fixed a vulnerability in curl. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Robby Simpson discovered that curl incorrectly handled certain POST operations after PUT operations. This issue could cause applications using curl to send the wrong data, perform incorrect memory operations, or crash.

Debian Security Advisory 5261-1

Debian Linux Security Advisory 5261-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Ubuntu Security Notice USN-5701-1

Ubuntu Security Notice 5701-1 - Yeting Li discovered that Jinja2 incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service.

Ubuntu Security Notice USN-5702-1

Ubuntu Security Notice 5702-1 - Robby Simpson discovered that curl incorrectly handled certain POST operations after PUT operations. This issue could cause applications using curl to send the wrong data, perform incorrect memory operations, or crash. Hiroki Kurosawa discovered that curl incorrectly handled parsing .netrc files. If an attacker were able to provide a specially crafted .netrc file, this issue could cause curl to crash, resulting in a denial of service. This issue only affected Ubuntu 22.10.

Ubuntu Security Notice USN-5696-2

Ubuntu Security Notice 5696-2 - USN-5696-1 fixed several vulnerabilities in MySQL. This update provides the corresponding update for Ubuntu 16.04 ESM. Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.7.40 in Ubuntu 16.04 ESM. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.

Ubuntu Security Notice USN-5700-1

Ubuntu Security Notice 5700-1 - David Bouman and Billy Jheng Bing Jhong discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Soenke Huster discovered that an integer overflow vulnerability existed in the WiFi driver stack in the Linux kernel, leading to a buffer overflow. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.

Red Hat Security Advisory 2022-7209-01

Red Hat Security Advisory 2022-7209-01 - KSBA is a library to make X.509 certificates as well as the CMS easily accessible by other applications. Both specifications are building blocks of S/MIME and TLS. Issues addressed include code execution and integer overflow vulnerabilities.

Red Hat Security Advisory 2022-7184-01

Red Hat Security Advisory 2022-7184-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.4.0. Issues addressed include a denial of service vulnerability.

Ubuntu Security Notice USN-5699-1

Ubuntu Security Notice 5699-1 - Jan Engelhardt, Tavis Ormandy, and others discovered that the GNU C Library iconv feature incorrectly handled certain input sequences. An attacker could possibly use this issue to cause the GNU C Library to hang or crash, resulting in a denial of service. It was discovered that the GNU C Library nscd daemon incorrectly handled certain netgroup lookups. An attacker could possibly use this issue to cause the GNU C Library to crash, resulting in a denial of service.

Ubuntu Security Notice USN-5688-2

Ubuntu Security Notice 5688-2 - USN-5688-1 fixed vulnerabilities in Libksba. This update provides the corresponding update for Ubuntu 22.10. It was discovered that an integer overflow could be triggered in Libksba when decoding certain data. An attacker could use this issue to cause a denial of service or possibly execute arbitrary code.

Red Hat Security Advisory 2022-7183-01

Red Hat Security Advisory 2022-7183-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.4.0. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2022-7185-01

Red Hat Security Advisory 2022-7185-01 - The device-mapper-multipath packages provide tools that use the device-mapper multipath kernel module to manage multipath devices. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-7171-01

Red Hat Security Advisory 2022-7171-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.

Red Hat Security Advisory 2022-7186-01

Red Hat Security Advisory 2022-7186-01 - The device-mapper-multipath packages provide tools that use the device-mapper multipath kernel module to manage multipath devices. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-7173-01

Red Hat Security Advisory 2022-7173-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.

Red Hat Security Advisory 2022-7192-01

Red Hat Security Advisory 2022-7192-01 - The device-mapper-multipath packages provide tools that use the device-mapper multipath kernel module to manage multipath devices. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-7181-01

Red Hat Security Advisory 2022-7181-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.4.0. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2022-7190-01

Red Hat Security Advisory 2022-7190-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.4.0. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2022-7187-01

Red Hat Security Advisory 2022-7187-01 - The device-mapper-multipath packages provide tools that use the device-mapper multipath kernel module to manage multipath devices. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-7178-01

Red Hat Security Advisory 2022-7178-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.4.0. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2022-7177-01

Red Hat Security Advisory 2022-7177-01 - This release of Camel for Spring Boot 3.14.5 serves as a replacement for Camel for Spring Boot 3.14.2 and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References.

Ubuntu Security Notice USN-5698-2

Ubuntu Security Notice 5698-2 - USN-5698-1 fixed a vulnerability in Open. This update provides the corresponding update for Ubuntu 16.04 ESM. It was discovered that Open vSwitch incorrectly handled comparison of certain minimasks. A remote attacker could use this issue to cause Open vSwitch to crash, resulting in a denial of service, or possibly execute arbitrary code.

Red Hat Security Advisory 2022-7188-01

Red Hat Security Advisory 2022-7188-01 - The device-mapper-multipath packages provide tools that use the device-mapper multipath kernel module to manage multipath devices. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-7182-01

Red Hat Security Advisory 2022-7182-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.4.0. Issues addressed include a denial of service vulnerability.

Ubuntu Security Notice USN-5697-1

Ubuntu Security Notice 5697-1 - Douglas Mendizabal discovered that Barbican incorrectly handled certain query strings. A remote attacker could possibly use this issue to bypass the access policy.

Ubuntu Security Notice USN-5698-1

Ubuntu Security Notice 5698-1 - It was discovered that Open vSwitch incorrectly handled comparison of certain minimasks. A remote attacker could use this issue to cause Open vSwitch to crash, resulting in a denial of service, or possibly execute arbitrary code.

Red Hat Security Advisory 2022-7105-01

Red Hat Security Advisory 2022-7105-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Issues addressed include a double free vulnerability.

Red Hat Security Advisory 2022-7134-01

Red Hat Security Advisory 2022-7134-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include code execution, information leakage, privilege escalation, and use-after-free vulnerabilities.

Red Hat Security Advisory 2022-7128-01

Red Hat Security Advisory 2022-7128-01 - PostgreSQL is an advanced object-relational database management system.

Red Hat Security Advisory 2022-7133-01

Red Hat Security Advisory 2022-7133-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration.

[RT-SA-2021-003] Missing Authentication in ZKTeco ZEM/ZMM Web Interface

Posted by RedTeam Pentesting GmbH on Oct 24

Advisory: Missing Authentication in ZKTeco ZEM/ZMM Web Interface

The ZKTeco time attendance device does not require authentication to use the
web interface, exposing the database of employees and their credentials.

Details
=======

Product: ZKTeco ZEM500-510-560-760, ZEM600-800, ZEM720, ZMM
Affected Versions: potentially versions below 8.88 (ZEM500-510-560-760, ZEM600-800, ZEM720) and 15.00 (ZMM200-220-210)
Fixed Versions: firmware version 8.88...