34 matches found
Git Users Urged to Update Software to Prevent Remote Code Execution Attacks
The maintainers of the Git source code version control system have released updates to remediate two critical vulnerabilities that could be exploited by a malicious actor to achieve remote code execution. The flaws, tracked as CVE-2022-23521 and CVE-2022-41903, impacts the following versions of...
Debian DLA-2652-1 : unbound1.9 security update
Several security vulnerabilities have been discovered in Unbound, a validating, recursive, caching DNS resolver, by security researchers of X41 D-SEC located in Aachen, Germany. Integer overflows, assertion failures, an out-of-bound write and an infinite loop vulnerability may lead to a denial of...
[SECURITY] [DSA 4544-1] unbound security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4544-1 [email protected] https://www.debian.org/security/ Sebastien Delafond October 16, 2019 https://www.debian.org/security/faq -...
Thunderbird ESR < 60.7.XXX - icalrecur_add_bydayrules Stack-Based Buffer Overflow Vulnerability
Stack-based buffer overflow in Thunderbird ========================================== Severity Rating: High Confirmed Affected Versions: All versions affected Confirmed Patched Versions: Thunderbird ESR 60.7.XXX Vendor: Thunderbird Vendor URL: https://www.thunderbird.net/ Vendor Reference:...
Thunderbird ESR < 60.7.XXX - parser_get_next_char Heap-Based Buffer Overflow Vulnerability
Heap-based buffer overflow in Thunderbird ========================================= Severity Rating: High Confirmed Affected Versions: All versions affected Confirmed Patched Versions: Thunderbird ESR 60.7.XXX Vendor: Thunderbird Vendor URL: https://www.thunderbird.net/ Vendor Reference:...
Thunderbird ESR < 60.7.XXX - Type Confusion Vulnerability
Type confusion in Thunderbird ============================= Severity Rating: Medium Confirmed Affected Versions: All versions affected Confirmed Patched Versions: Thunderbird ESR 60.7.XXX Vendor: Thunderbird Vendor URL: https://www.thunderbird.net/ Vendor Reference:...
Thunderbird ESR < 60.7.XXX - icalmemorystrdupanddequote Heap-Based Buffer Overflow Vulnerability
Heap-based buffer overflow in Thunderbird ========================================= Severity Rating: High Confirmed Affected Versions: All versions affected Confirmed Patched Versions: Thunderbird ESR 60.7.XXX Vendor: Thunderbird Vendor URL: https://www.thunderbird.net/ Vendor Reference:...
Thunderbird ESR 60.7.XXX - icalrecur_add_bydayrules Stack-Based Buffer Overflow
Thunderbird ESR 60.7.XXX - icalrecuraddbydayrules Stack-Based Buffer Overflow X41 D-Sec GmbH Security Advisory: X41-2019-003 Stack-based buffer overflow in Thunderbird ========================================== Severity Rating: High Confirmed Affected Versions: All versions affected Confirmed...
Thunderbird ESR 60.7.XXX - icalmemorystrdupanddequote Heap-Based Buffer Overflow
Thunderbird ESR 60.7.XXX - icalmemorystrdupanddequote Heap-Based Buffer Overflow X41 D-Sec GmbH Security Advisory: X41-2019-001 Heap-based buffer overflow in Thunderbird ========================================= Severity Rating: High Confirmed Affected Versions: All versions affected Confirmed...
Thunderbird ESR 60.7.XXX - Type Confusion
Thunderbird ESR 60.7.XXX - Type Confusion -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 X41 D-Sec GmbH Security Advisory: X41-2019-004 Type confusion in Thunderbird ============================= Severity Rating: Medium Confirmed Affected Versions: All versions affected Confirmed Patched Version...
Thunderbird ESR 60.7.XXX - parser_get_next_char Heap-Based Buffer Overflow
Thunderbird ESR 60.7.XXX - parsergetnextchar Heap-Based Buffer Overflow X41 D-Sec GmbH Security Advisory: X41-2019-002 Heap-based buffer overflow in Thunderbird ========================================= Severity Rating: High Confirmed Affected Versions: All versions affected Confirmed Patched...
Thunderbird ESR < 60.7.XXX - 'parser_get_next_char' Heap-Based Buffer Overflow
X41 D-Sec GmbH Security Advisory: X41-2019-002 Heap-based buffer overflow in Thunderbird ========================================= Severity Rating: High Confirmed Affected Versions: All versions affected Confirmed Patched Versions: Thunderbird ESR 60.7.XXX Vendor: Thunderbird Vendor URL:...
Thunderbird ESR < 60.7.XXX - 'icalrecur_add_bydayrules' Stack-Based Buffer Overflow
X41 D-Sec GmbH Security Advisory: X41-2019-003 Stack-based buffer overflow in Thunderbird ========================================== Severity Rating: High Confirmed Affected Versions: All versions affected Confirmed Patched Versions: Thunderbird ESR 60.7.XXX Vendor: Thunderbird Vendor URL:...
Thunderbird ESR < 60.7.XXX - 'icalmemorystrdupanddequote' Heap-Based Buffer Overflow
X41 D-Sec GmbH Security Advisory: X41-2019-001 Heap-based buffer overflow in Thunderbird ========================================= Severity Rating: High Confirmed Affected Versions: All versions affected Confirmed Patched Versions: Thunderbird ESR 60.7.XXX Vendor: Thunderbird Vendor URL:...
UA-Parser Denial Of Service
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 X41 D-SEC GmbH Security Advisory: X41-2018-009 ReDoS Vulnerability in UA-Parser ================================ Severity Rating: Medium Confirmed Affected Versions: 2015-05-14 and newer, commit 6fd6c261274254bcbbacd77ef4b12534c7f9923d Confirmed...
HylaFAX 6.0.6 / 5.6.0 Uninitialized Pointer / Out Of Bounds Write Vulnerabilities
Multiple bugs were found in the code handling fax page reception in JPEG format that allow arbitrary writes to an uninitialized pointer by remote parties dialing in. When processing an specially crafted input, the issue could lead to remote code execution. HylaFAX versions 6.0.6 and 5.6.0 are...
Yubico 0.1.9 libykneomgr Out Of Bounds Read / Write Vulnerability
Yubico version 0.1.9 libykneomgr suffers from out of bounds read and write vulnerabilities. Multiple Vulnerabilities in Yubico libykneomgr ============================================== Overview - -------- Confirmed Affected Versions: 0.1.9 Confirmed Patched Versions: - Vendor: Yubico / Depreciat...
Yubico PIV Tool 1.5.0 Buffer Overflow Vulnerability
A buffer overflow and an out of bounds memory read were identified in the yubico-piv-tool-1.5.0, these can be triggered by a malicious token. Multiple Vulnerabilities in Yubico Piv ====================================== Overview - -------- Confirmed Affected Versions: 1.5.0 Confirmed Patched...
Apple Smart Card Services Memory Corruption Vulnerability
Attackers with local access can exploit security issues in the smartcard driver. These result in memory corruptions, which might lead to code execution. Since smartcards can be used for authentication, the vulnerabilities may allow an attacker to login to the system without valid credentials as a...
OpenSC 0.18.0 Buffer Overflow / Out Of Bounds Read Vulnerability
Multiple issues have been identified in OpenSC, ranging from stack based buffer overflows to out of bounds reads and writes on the heap. They can be triggered by malicious smartcards sending malformed responses to APDU commands. Additionally to those fixes reported here, a lot of minor issues eg...