795 matches found
[SECURITY] [DSA 5205-1] samba security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5205-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 11, 2022 https://www.debian.org/security/faq -...
[SECURITY] [DSA 5174-1] gnupg2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5174-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 03, 2022 https://www.debian.org/security/faq -...
CVE-2022-30787
An integer underflow in fuselibreaddir enables arbitrary memory read operations in NTFS-3G through 2021.8.22 when using libfuse-lite...
[SECURITY] [DSA 5144-1] condor security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5144-1 [email protected] https://www.debian.org/security/ Markus Koschany May 22, 2022 https://www.debian.org/security/faq -...
CVE-2022-1534
Buffer Over-read at parserawml.c:1416 in GitHub repository bfabiszewski/libmobi prior to 0.11. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash...
CVE-2021-41945
Encode OSS httpx 0.23.0 is affected by improper input validation in httpx.URL, httpx.Client and some functions using httpx.URL.copywith...
[SECURITY] [DSA 5123-1] xz-utils security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5123-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 18, 2022 https://www.debian.org/security/faq -...
CVE-2020-28635
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any o...
CVE-2020-28611
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any o...
CVE-2021-44494
An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS GT.M through V7.0-000. Using crafted input, an attacker can cause calls to ZRead to crash due to a NULL pointer dereference...
[SECURITY] [DLA 2976-1] gzip security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2976-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta April 10, 2022 https://wiki.debian.org/LTS -...
CVE-2022-28805
singlevar in lparser.c in Lua from including 5.4.0 up to excluding 5.4.4 lacks a certain luaKexp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code...
Vulnerability fixed in redis
A vulnerability has been fixed in the redis packages for Debian. The vulnerability allows a remote malicious person to execute execute arbitrary commands on the underlying system. This vulnerability affects only Debian packages for redis, due to a bug in the Debian specific configuration for the...
[SECURITY] [DSA 5075-1] minetest security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5075-1 [email protected] https://www.debian.org/security/ Markus Koschany February 14, 2022 https://www.debian.org/security/faq -...
[SECURITY] [DSA 5073-1] expat security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5073-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 12, 2022 https://www.debian.org/security/faq -...
[SECURITY] [DSA 5032-1] djvulibre security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5032-1 [email protected] https://www.debian.org/security/ Florian Weimer December 28, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DSA 5018-1] python-babel security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5018-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 09, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DSA 5011-1] salt security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5011-1 [email protected] https://www.debian.org/security/ Markus Koschany November 19, 2021 https://www.debian.org/security/faq -...
CVE-2021-44026
Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to a potential SQL injection via search or searchparams...
CVE-2021-43173
In NLnet Labs Routinator prior to 0.10.2, a validation run can be delayed significantly by an RRDP repository by not answering but slowly drip-feeding bytes to keep the connection alive. This can be used to effectively stall validation. While Routinator has a configurable time-out value for RRDP...