45 matches found
[SECURITY] [DLA 3829-1] sendmail security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3829-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès June 15, 2024 https://wiki.debian.org/LTS -...
[SECURITY] [DLA 3810-1] php7.3 security update
Debian LTS Advisory DLA-3810-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin May 07, 2024 https://wiki.debian.org/LTS Package : php7.3 Version : 7.3.31-1deb10u6 CVE ID : CVE-2024-2756 CVE-2024-3096 Security issues were found in PHP, a widely-used open source...
[SECURITY] [DLA 3703-1] libreoffice security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3703-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès December 31, 2023 https://wiki.debian.org/LTS -...
Debian dla-3605 : grub-common - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3605 advisory. - ----------------------------------------------------------------------- Debian LTS Advisory DLA-3605-1 [email protected]...
Debian dla-3386 : grunt - security update
The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3386 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3386-1 [email protected] https://www.debian.org/lts/security/...
[SECURITY] [DSA 5194-1] booth security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5194-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 29, 2022 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4997-1] tiff security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4997-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 31, 2021 https://www.debian.org/security/faq -...
phpMyAdmin 4.8.1 Remote Code Execution
Exploit Title: phpMyAdmin 4.8.1 - Remote Code Execution RCE Date: 17/08/2021 Exploit Author: samguy Vulnerability Discovery By: ChaMd5 & Henry Huang Vendor Homepage: http://www.phpmyadmin.net Software Link: https://github.com/phpmyadmin/phpmyadmin/archive/RELEASE481.tar.gz Version: 4.8.1 Tested o...
phpMyAdmin 4.8.1 - Remote Code Execution Exploit
Exploit Title: phpMyAdmin 4.8.1 - Remote Code Execution RCE Exploit Author: samguy Vulnerability Discovery By: ChaMd5 & Henry Huang Vendor Homepage: http://www.phpmyadmin.net Software Link: https://github.com/phpmyadmin/phpmyadmin/archive/RELEASE481.tar.gz Version: 4.8.1 Tested on: Linux - Debian...
New Linux kernel memory corruption bug causes full system compromise
By Waqas Researchers dubbed it a "straightforward Linux kernel locking bug" that they exploited against Debian Buster's 4.19.0.13-amd64 kernel. This is a post from HackRead.com Read the original post: New Linux kernel memory corruption bug causes full system compromise...
How a simple Linux kernel memory corruption bug can lead to complete system compromise
An analysis of current and potential kernel security mitigations Posted by Jann Horn, Project Zero Introduction This blog post describes a straightforward Linux kernel locking bug and how I exploited it against Debian Buster's 4.19.0-13-amd64 kernel. Based on that, it explores options for securit...
[SECURITY] [DSA 4943-1] lemonldap-ng security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4943-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 23, 2021 https://www.debian.org/security/faq -...
Debian DSA-4930-1 : libwebp - security update
Multiple vulnerabilities were discovered in libwebp, the implementation of the WebP image format, which could result in denial of service, memory disclosure or potentially the execution of arbitrary code if malformed images are processed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
Debian DSA-4927-1 : thunderbird - security update
Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code. In adddition two security issues were addressed in the OpenPGP support. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
[SECURITY] [DSA 4925-1] firefox-esr security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4925-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 02, 2021 https://www.debian.org/security/faq -...
Debian DSA-4913-1 : hivex - security update
Jeremy Galindo discovered an out-of-bounds memory access in Hivex, a library to parse Windows Registry hive files. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4913. The text itself is...
[SECURITY] [DSA 4899-1] openjdk-11 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4899-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 23, 2021 https://www.debian.org/security/faq -...
Vulnerability fixed in x.org
A vulnerability has been fixed in X.org. A malicious person could exploit the vulnerability to appropriate elevated privileges within the X server and thus potentially execute arbitrary code with application privileges. Under usual circumstances, an X server runs with limited permissions. -= Debi...
Debian DSA-4890-1 : ruby-kramdown - security update
Stan Hu discovered that kramdown, a pure Ruby Markdown parser and converter, performed insufficient namespace validation of Rouge syntax highlighting formatters. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory...
Vulnerabilities fixed in cURL
Vulnerabilities have been fixed in cURL.The vulnerabilities allow a remote malicious person the ability to obtain sensitive information obtain. To do so, the malicious party must induce the victim to visit a server under the control of the malicious party. -= Debian =- Debian has made updates to...