#apple

Apple Security Advisory 2021-10-26-2 - iOS 14.8.1 and iPadOS 14.8.1 addresses code execution, information leakage, integer overflow, out of bounds write, and use-after-free vulnerabilities.

Apple Security Advisory 2021-10-26-1 - iOS 15.1 and iPadOS 15.1 addresses buffer overflow, code execution, cross site scripting, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

Researchers found that one critical flaw in question is exploitable from the browser, allowing watering-hole attacks.

Red Hat Security Advisory 2021-3930-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.7.36.

Red Hat Security Advisory 2021-3926-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.8.17.

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

The incident triggered shutdowns at pumps across the country as attackers flashed the phone number of Supreme Leader Ali Khamenei across video screens.

Apple has issued updates for iOS 14.8.1 iPadOS 14.8.1, iOS 15.1, and iPadOS 15.1. We take a look at some of the patched vulnerabilities. Categories: Exploits and vulnerabilities Tags: 14.8 15.1 Apple *( Read more... ( https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/10/update-now-apple-patches-bugs-in-ios-and-ipados/ ) )* The post Update now! Apple patches bugs in iOS and iPadOS appeared first on Malwarebytes Labs.

Incorrect calculation of buffer size vulnerability in Peleton TTR01 up to and including PTV55G allows a remote attacker to trigger a Denial of Service attack through the GymKit daemon process by exploiting a heap overflow in the network server handling the Apple GymKit communication. This can lead to an Apple MFI device not being able to authenticate with the Peleton Bike

MEDIA NAVI Inc SMACom v1.2 was discovered to contain an insecure session validation vulnerability in the session handling of the `password` authentication parameter of the wifi photo transfer module. This vulnerability allows attackers with network access privileges or on public wifi networks to read the authentication credentials and follow-up requests containing the user password via a man in the middle attack.