Debian Linux Security Advisory 4843-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
b63fae8d21eadd6fb015db055e5e8e2055c3653fa769dcd8d9d46a56af24ab72Debian Linux Security Advisory 4844-1 - Moshe Kol and Shlomi Oberman of JSOF discovered several vulnerabilities in dnsmasq, a small caching DNS proxy and DHCP/TFTP server. They could result in denial of service, cache poisoning or the execution of arbitrary code.
e8796fb0d51a874f14fa08f40ef54df04e7a41a8ec5691ce2db533b0966e1ebfDebian Linux Security Advisory 4845-1 - Several vulnerabilities were discovered in OpenLDAP, a free implementation of the Lightweight Directory Access Protocol. An unauthenticated remote attacker can take advantage of these flaws to cause a denial of service (slapd daemon crash, infinite loops) via specially crafted packets.
93d9bd640781dd21a67eca3c27b1a0e8b18464cca9960cea70eccb7f6a636db7Debian Linux Security Advisory 4846-1 - Several vulnerabilities have been discovered in the chromium web browser.
5c0a1a187b9f8a05156e97de44f20d15cc23e6a90f1c97e6bec018b05c985138Debian Linux Security Advisory 4847-1 - A remote information leak vulnerability and a remote buffer overflow vulnerability were discovered in ConnMan, a network manager for embedded devices, which could result in denial of service or the execution of arbitrary code.
e6c4b376d3fc8f7e2f9e8a51b0edb8192c78ab02ff4cd8ee359c53f6c671d352Debian Linux Security Advisory 4848-1 - Multiple security issues were discovered in the implementation of the Go programming language, which could result in denial of service and the P-224 curve implementation could generate incorrect outputs.
beb05da7d25160a00b718beaaba0fb9e0dd6e57c21ea264f3447768133371b78Debian Linux Security Advisory 4849-1 - Roman Fiedler discovered a vulnerability in the OverlayFS code in firejail, a sandbox program to restrict the running environment of untrusted applications, which could result in root privilege escalation. This update disables OverlayFS support in firejail.
5cebbbf9494bd78be8d3a2cb5e6e70f124bb0474d52286e83dcaa8b6aa666789Debian Linux Security Advisory 4850-1 - It was discovered that zstd, a compression utility, temporarily exposed a world-readable version of its input even if the original file had restrictive permissions.
971cfa1b26f29f8d1a0b32ade924cd6212a8cb8aea8fba8944c763bcac2dc3c4Debian Linux Security Advisory 4851-1 - Thomas Akesson discovered a remotely triggerable vulnerability in the mod_authz_svn module in Subversion, a version control system. When using in-repository authz rules with the AuthzSVNReposRelativeAccessFile option an unauthenticated remote client can take advantage of this flaw to cause a denial of service by sending a request for a non-existing repository URL.
81cb5fe96ccd2e9181d3b976b7ee7b20538707d3127deded8638b9a2236761c6Debian Linux Security Advisory 4852-1 - Joakim Hindersson discovered that Open vSwitch, a software-based Ethernet virtual switch, allowed a malicious user to cause a denial-of-service by sending a specially crafted packet.
b81e9b7032ae9bce92891e5eb2a14ad8b78e5e60ca1e9332fc6c0b55fc38e1e1Debian Linux Security Advisory 4853-1 - It was discovered that SPIP, a website engine for publishing, would allow a malicious user to perform cross-site scripting attacks, access sensitive information, or execute arbitrary code.
f00cc707979cfe7422a2cf35b483c3d033afae999b15397ec9b9363fc6a64e62Debian Linux Security Advisory 4854-1 - Vulnerabilities have been discovered in the webkit2gtk web engine.
be381d581a9e46a25974b634d65ded4a24b1669637f63dc9d1bed0470b79c1faDebian Linux Security Advisory 4855-1 - Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. An overflow bug in the x64_64 Montgomery squaring procedure, an integer overflow in CipherUpdate and a NULL pointer dereference flaw X509_issuer_and_serial_hash() were found, which could result in denial of service.
97d32585c37fd8006093ec57a2913bfc6ae8b85626eb395c01aae4dc59e6947aDebian Linux Security Advisory 4856-1 - Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in denial of service, information disclosure, cookie forgery or incorrect encryption.
be2a91fc87e7e29c4dd5af1cb4a667a713a1b5063f638d8c6ad302b66aa2a3ffDebian Linux Security Advisory 4857-1 - A buffer overflow vulnerability was discovered in the SPNEGO implementation affecting the GSSAPI security policy negotiation in BIND, a DNS server implementation, which could result in denial of service (daemon crash), or potentially the execution of arbitrary code.
0d5f699225d63d98310a1b39eec5904606fd5c723c4bc622c2e54f1635238966Debian Linux Security Advisory 4858-1 - Several vulnerabilities have been discovered in the chromium web browser.
06e041eb0996b6bf6de349afabb9921c5d0e7f815b82714c950fc912a4954e80Debian Linux Security Advisory 4859-1 - It was discovered that zstd, a compression utility, was vulnerable to timeframe, a world-readable version of its input even if the original file had restrictive permissions.
0f40c2be124fe4e129eb1875cd1e8aece49dfe999146fb100904aec18582840dDebian Linux Security Advisory 4860-1 - A vulnerability in the Certificate List Exact Assertion validation was discovered in OpenLDAP, a free implementation of the Lightweight Directory Access Protocol. An unauthenticated remote attacker can take advantage of this flaw to cause a denial of service (slapd daemon crash) via specially crafted packets.
e6d572d1741ea0e53922e0ddb5e0817baa079772df52005a2a3f4434a186b812Debian Linux Security Advisory 4861-1 - Felix Weinmann reported a flaw in the handling of combining characters in screen, a terminal multiplexer with VT100/ANSI terminal emulation, which can result in denial of service, or potentially the execution of arbitrary code via a specially crafted UTF-8 character sequence.
569d4df0108d39054a602652829a1fa05af2ce0f91699542d0f207bc9e1d1522Debian Linux Security Advisory 4862-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or information disclosure.
58e9f63ccd4b647aef2aec8484c3dda953d32a4ae7a76fe75ce16305e18aac17Debian Linux Security Advisory 4863-1 - Two vulnerabilities were discovered in Node.js, which could result in denial of service or DNS rebinding attacks.
56c3871a90994e8fc6eb8e6378eb9ce00442b53e24dda4d8a67326e482b2be17Debian Linux Security Advisory 4864-1 - Beast Glatisant and Jelmer Vernooij reported that python-aiohttp, a async HTTP client/server framework, is prone to an open redirect vulnerability. A maliciously crafted link to an aiohttp-based web-server could redirect the browser to a different website.
321114aef666b4091333abafeca13121fe248807de9356cb302fcd5cbe17a923Debian Linux Security Advisory 4865-1 - Multiple security issues were discovered in Docker, a Linux container runtime, which could result in denial of service, an information leak or privilege escalation.
7dc2d80b850f6bd28a9e9f63dfe2208b8767f34538778cfff1dac3efbf2d1d04Debian Linux Security Advisory 4866-1 - Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code or information disclosure.
6799803f6b184aa6dd8507e9afb88c97a9fb03cbd4498085740a1123c157048aWiFi Mouse version 1.7.8.5 suffers from a remote code execution vulnerability.
26ee57ad5e56c99a3851bf80a6fd10ad140b41167cd0ad64f51f6c14aa755468
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed