GHSA-8JQ6-W5CG-WM45 Exploitable inventory component chaining in PocketMine-MP

Impact Specially crafted InventoryTransactionPackets sent by malicious clients were able to exploit the behaviour of InventoryTransaction-findResultItem and cause it to take an abnormally long time to execute causing an apparent server freeze. The affected code is intended to compact conflicting...

dhcp security and bug fix update

12:4.3.6-34 - Resolves: 1704672 - Fix crash caused by bind rebase 12:4.3.6-33 - Resolves: 1673946 - Change default prefix length to 128 - Add address-prefix-lenght option to change default value - Fix backporting issues 12:4.3.6-31 - Resolves: 1685560 - Drop executable flag from NM dispatcher...

CVE-2018-5742 An oversight while backporting a feature leads to an assertion failure in buffer.c:420

While backporting a feature for a newer branch of BIND9, RedHat introduced a path leading to an assertion failure in buffer.c:420. Affects RedHat versions bind-9.9.4-65.el7 - bind-9.9.4-72.el7. No ISC releases are affected. Other packages from other distributions who made the same error may also ...

CVE-2002-2439

operator new sometimes returns pointers to heap blocks which are too small. When a new array is allocated, the C++ run-time has to calculate its size. The product may exceed the maximum value which can be stored in a machine register. This error is ignored, and the truncated value is used for the...

CVE-2019-15902

A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptracegetdebugreg" commit reintroduced the...

Design/Logic Flaw

In the Linux kernel, a certain net/ipv4/tcpoutput.c change, which was properly incorporated into 4.16.12, was incorrectly backported to the earlier longterm kernels, introducing a new vulnerability that was potentially more severe than the issue that was intended to be fixed by backporting...

gitea -- multiple vulnerabilities

Gitea Team reports: This release contains two new security fixes which cannot be backported to the 1.7.0 branch, so it is recommended to update to this version...

Debian DSA-4430-1 : wpa - security update

Mathy Vanhoef NYUAD and Eyal Ronen Tel Aviv University & KU Leuven found multiple vulnerabilities in the WPA implementation found in wpasupplication station and hostapd access point. These vulnerability are also collectively known as 'Dragonblood'. - CVE-2019-9495 Cache-based side-channel attack...

CVE-2019-11026

FontInfoScanner::scanFonts in FontInfo.cc in Poppler 0.75.0 has infinite recursion, leading to a call to the error function in Error.cc...

Apache Superset 0.23 Remote Code Execution

Exploit Title: Apache Superset 0.23 - Remote Code Execution Date: 2018-05-17 Exploit Author: David May [email protected] Vendor Homepage: https://superset.apache.org/ Software Link: https://github.com/apache/incubator-superset Version: Any before 0.23 Tested on: Ubuntu 18.04 CVE-ID:...

openssl security update

1.0.2k-12.0.3 - Oracle bug 28672370: backport CVE-2018-0732 - Oracle bug 28672351: backport CVE-2018-0737...

Ruby on Rails: Untrusted strings that are cache fetched with raw option are automatically marshal loaded

This vulnerability effects application code that caches a string from an untrusted source using the raw: true option. For example, vulnerable application code might looks something like the following ruby body = Rails.cache.fetchkey, raw: true, expiresin: ttl do res = Net::HTTP.getresponseremoteu...

[SECURITY] [DSA 4203-1] vlc security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4203-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 17, 2018 https://www.debian.org/security/faq -...

CVE-2017-1000353

Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an unauthenticated remote code execution. An unauthenticated remote code execution vulnerability allowed attackers to transfer a serialized Java SignedObject object to the Jenkins CLI, that would be deserialized...

Remote code execution

Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an unauthenticated remote code execution. An unauthenticated remote code execution vulnerability allowed attackers to transfer a serialized Java SignedObject object to the Jenkins CLI, that would be deserialized...

CVE-2017-1000353

Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an unauthenticated remote code execution. An unauthenticated remote code execution vulnerability allowed attackers to transfer a serialized Java SignedObject object to the Jenkins CLI, that would be deserialized...

Debian DLA-1002-1 : smb4k security update

Sebastian Krahmer from SUSE discovered that smb4k, a Samba SMB share advanced browser, contains a logic flaw in which the mount helper binary does not properly verify the mount command it is being asked to run. This allows local users to call any other binary as root. The issue is resolved by...

[SECURITY] [DLA 1002-1] smb4k security update

Package : smb4k Version : 1.2.1-2deb7u1 CVE ID : CVE-2017-8849 Debian Bug : 862505 Sebastian Krahmer from SUSE discovered that smb4k, a Samba SMB share advanced browser, contains a logic flaw in which the mount helper binary does not properly verify the mount command it is being asked to run. Thi...

Fedora 25 : libarchive (2017-55a8f10223)

fix two minor CVEs by backporting upstream commits Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

CVE-2017-6056

It was discovered that a programming error in the processing of HTTPS requests in the Apache Tomcat servlet and JSP engine may result in denial of service via an infinite loop. The denial of service is easily achievable as a consequence of backporting a CVE-2016-6816 fix but not backporting the f...