[slackware-security] openssl

New openssl packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/openssl-1.1.1t-i586-1slack15.0.txz: Upgraded. This update fixes security issues: X.400 address type confusion in X.509 GeneralName...

Exploit for Externally Controlled Reference to a Resource in Another Sphere in Linux Linux_Kernel

Bypassing Spectre-BTI User Space Mitigations on Linux Th...

Slackware: Security Advisory (SSA:2023-033-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Adobe Acrobat Reader Out-of-Bounds Write Vulnerability

Adobe Acrobat Reader is a PDF viewer from the American company Audobee Adobe. The software is used to print, sign and annotate PDF. Adobe Acrobat Reader has an out-of-bounds write vulnerability that can be exploited by an attacker to execute arbitrary code in the context of the current user...

Slackware: Security Advisory (SSA:2023-032-03)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-39060

ChangingTech MegaServiSignAdapter component has a vulnerability of improper input validation. An unauthenticated remote attacker can exploit this vulnerability to access and modify HKEYCURRENTUSER subkey ex: AutoRUN in Registry where malicious scripts can be executed to take control of the system...

Adobe Acrobat and Reader Buffer Overflow Vulnerability (CNVD-2023-51684)

Adobe Acrobat Reader is the United States of America Audobee Adobe, a PDF viewer. A buffer overflow vulnerability exists in Adobe Acrobat and Reader, which can be exploited by an attacker to execute arbitrary code in the context of the current user...

Adobe Acrobat and Reader Buffer Overflow Vulnerability (CNVD-2023-51685)

Adobe Acrobat Reader is the United States of America Audobee Adobe, a PDF viewer. A buffer overflow vulnerability exists in Adobe Acrobat and Reader, which can be exploited by an attacker to execute arbitrary code in the context of the current user...

Adobe Acrobat Reader 缓冲区错误漏洞

Adobe Acrobat Reader is a PDF viewer from the American company Audobee Adobe. The software is used to print, sign and annotate PDF. Adobe Acrobat Reader has an out-of-bounds write vulnerability that can be exploited by an attacker to execute arbitrary code in the context of the current user...

Adobe Acrobat Reader 缓冲区错误漏洞

Adobe Acrobat Reader is a PDF viewer from the American company Audobee Adobe. The software is used to print, sign and annotate PDF. Adobe Acrobat Reader has an out-of-bounds write vulnerability that can be exploited by an attacker to execute arbitrary code in the context of the current user...

CVE-2023-23951

Ability to enumerate the Oracle LDAP attributes for the current user by modifying the query used by the application...

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

[slackware-security] vim

New vim packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/vim-9.0.1241-i586-1slack15.0.txz: Upgraded. Fixed a security issue: Heap-based Buffer Overflow in GitHub repository vim/vim prior to...

CVE-2022-42414

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Slackware: Security Advisory (SSA:2023-025-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Slackware: Security Advisory (SSA:2023-020-02)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Exploit for Improper Privilege Management in Sudo_Project Sudo

CVE-2023-22809 sudo Privilege escalation Affected sudo ve...

[slackware-security] mozilla-thunderbird

New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-thunderbird-102.7.0-i686-1slack15.0.txz: Upgraded. This release contains security fixes and improvements. For mor...

RARLAB WinRAR ZIP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing ...

[slackware-security] mozilla-firefox

New mozilla-firefox packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-firefox-102.7.0esr-i686-1slack15.0.txz: Upgraded. This update contains security fixes and improvements. For more...