SINUMERIK 808D V4.7, SINUMERIK 808D V4.8, SINUMERIK 828D V4.7, SINUMERIK 840D Sl V4.7, SINUMERIK 840D Sl V4.8 Security Vulnerabilities

Mageia: Security Advisory (MGASA-2023-0285)

The remote host is missing an update for...

Security Bulletin: Multiple vulnerabilities affect IBM Db2® on Cloud Pak for Data and Db2 Warehouse® on Cloud Pak for Data

Summary IBM has released the below fix for IBM Db2® on Cloud Pak for Data and Db2 Warehouse® on Cloud Pak for Data in response to multiple vulnerabilities found in multiple components. Vulnerability Details ** CVEID: CVE-2023-30447 DESCRIPTION: **IBM Db2 for Linux, UNIX and Windows (includes Db2...

glibc security update

[2.34-60.0.3.7] - CVE-2023-4527: Stack read overflow in getaddrinfo in no-aaa mode (#2234716). - CVE-2203-4806: potential use-after-free in getaddrinfo. - CVE-2023-4813: potential use-after-free in gaih_inet. Reviewed by: Jose E....

Oracle Linux 8 : glibc (ELSA-2023-5455)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-5455 advisory. A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa...

Oracle Linux 9 : glibc (ELSA-2023-5453)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-5453 advisory. A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash....

[SECURITY] [DLA 3601-1] thunderbird security update

Debian LTS Advisory DLA-3601-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort October 05, 2023 https://wiki.debian.org/LTS Package : thunderbird Version : 1:115.3.1-1~deb10u1 CVE...

glibc security update

[2.28-225.0.4] - CVE-2023-4911: tunables: Terminate immediately if end of input is reached Reviewed by: Jose E....

GLPI GZIP(Py3) 9.4.5 - RCE

...

GLPI GZIP(Py3) 9.4.5 - Remote Code Execution Exploit

...

Oracle Linux 8 : glibc (ELSA-2023-12853)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-12853 advisory. A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could...

Debian: Security Advisory (DLA-3601-1)

The remote host is missing an update for the...

Debian DLA-3601-1 : thunderbird - LTS security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3601 advisory. A compromised content process could have provided malicious data in a PathRecording resulting in an out- of-bounds write, leading to a potentially...

glibc security update

An update is available for glibc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The glibc packages provide the standard C libraries (libc), POSIX thread...

AlmaLinux 8 : glibc (ALSA-2023:5455)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:5455 advisory. A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode...

glibc security update

[2.34-60.0.3] - CVE-2023-4911: tunables: Terminate immediately if end of input is reached Reviewed by: Jose E....

Oracle Linux 9 : glibc (ELSA-2023-12854)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-12854 advisory. A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could...

Rocky Linux 8 : glibc (RLSA-2023:5455)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:5455 advisory. A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode...

AlmaLinux 9 : glibc (ALSA-2023:5453)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:5453 advisory. A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode...

jobzentrale-sl-fl.de Cross Site Scripting vulnerability OBB-3722461

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

(RHSA-2023:5476) Important: glibc security update

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): ....

(RHSA-2023:5455) Important: glibc security update

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security...

(RHSA-2023:5454) Important: glibc security update

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): ....

(RHSA-2023:5453) Important: glibc security update

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security...

glibc security update

[2.28-225.0.4] - CVE-2023-4911: tunables: Terminate immediately if end of input is reached Reviewed by: Jose E....

RHEL 9 : glibc (RHSA-2023:5453)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5453 advisory. glibc: Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527) glibc: potential use-after-free in getaddrinfo()...

Important: glibc security update

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): ....

Oracle Linux 9 : glibc (ELSA-2023-12850)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-12850 advisory. A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could...

Important: glibc security update

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): ....

Oracle Linux 8 : glibc (ELSA-2023-12851)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-12851 advisory. A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could...

RHEL 9 : glibc (RHSA-2023:5454)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:5454 advisory. glibc: buffer overflow in ld.so leading to privilege escalation (CVE-2023-4911) Note that Nessus has not tested for this issue but has instead...

glibc security update

[2.34-60.0.3] - CVE-2023-4911: tunables: Terminate immediately if end of input is reached Reviewed by: Jose E....

RHEL 8 : glibc (RHSA-2023:5455)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5455 advisory. glibc: Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527) glibc: potential use-after-free in getaddrinfo()...

RHEL 8 : glibc (RHSA-2023:5476)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:5476 advisory. glibc: buffer overflow in ld.so leading to privilege escalation (CVE-2023-4911) Note that Nessus has not tested for this issue but has instead...

No zero address check in PrimeLiquidityProvider.sol:sweepTokens

Lines of code Vulnerability details Impact Possible loss of funds due to sending them to the address(0), the developer's assumption is that safeTransfer is checking for to_ not being the address(0). In reality, it doesn’t implement such a check and we can see from the implementation of the...

Debian: Security Advisory (DSA-5513-1)

The remote host is missing an update for the...

[SECURITY] [DSA 5513-1] thunderbird security update

Debian Security Advisory DSA-5513-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 03, 2023 https://www.debian.org/security/faq Package : thunderbird CVE ID : CVE-2023-5176 CVE-2023-5171...

Thunderbird vulnerabilities

Releases Ubuntu 23.04 Ubuntu 22.04 LTS Ubuntu 20.04 LTS Packages thunderbird - Mozilla Open Source mail and newsgroup client Details Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker...

Amazon Linux 2023 : compat-libpthread-nonshared, glibc, glibc-all-langpacks (ALAS2023-2023-359)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-359 advisory. A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via...

Ubuntu 20.04 LTS : Firefox vulnerabilities (USN-6404-1)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6404-1 advisory. A compromised content process could have provided malicious data in a PathRecording resulting in an out- of-bounds write, leading to a potentially...

Debian DSA-5513-1 : thunderbird - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5513 advisory. A compromised content process could have provided malicious data in a PathRecording resulting in an out- of-bounds write, leading to a potentially...

Firefox vulnerabilities

Releases Ubuntu 20.04 LTS Packages firefox - Mozilla Open Source web browser Details Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive...

Ubuntu 20.04 LTS / 22.04 LTS / 23.04 : Thunderbird vulnerabilities (USN-6405-1)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6405-1 advisory. During the worker lifecycle, a use-after-free condition could have occured, which could have led to a potentially exploitable crash. This...

Debian: Security Advisory (DLA-3591-1)

The remote host is missing an update for the...

Debian: Security Advisory (DSA-5509-1)

The remote host is missing an update for the...

Debian: Security Advisory (DLA-3587-1)

The remote host is missing an update for the...

[SECURITY] [DLA 3591-1] firefox-esr security update

Debian LTS Advisory DLA-3591-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort September 30, 2023 https://wiki.debian.org/LTS Package : firefox-esr Version : 115.3.1esr-1~deb10u1 CVE...

Debian DSA-5509-1 : firefox-esr - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5509 advisory. Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap...

Debian DLA-3591-1 : firefox-esr - LTS security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3591 advisory. Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap...

[SECURITY] [DSA 5510-1] libvpx security update

Debian Security Advisory DSA-5510-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 29, 2023 https://www.debian.org/security/faq Package : libvpx CVE ID : CVE-2023-5217 Debian Bug :...

[SECURITY] [DSA 5509-1] firefox-esr security update

Debian Security Advisory DSA-5509-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 29, 2023 https://www.debian.org/security/faq Package : firefox-esr CVE ID : CVE-2023-5217 A buffer...