304 matches found
ROS-20250904-10
The vulnerability of the dpkg-deb command line utility included in the dpkg package is related to the peculiarities of processing of temporary files by the package manager when extracting them to a temporary directory. Exploitation vulnerability could allow an attacker acting remotely to cause a...
Linux Distros Unpatched Vulnerability : CVE-2021-31523
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Debian xscreensaver 5.42+dfsg1-1 package for XScreenSaver has capnetraw enabled for the /usr/libexec/xscreensaver/sonar file, which allows local users to ga...
Linux Distros Unpatched Vulnerability : CVE-2019-9706
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service use- after-free and daemon crash because of a forcerescanuser...
Linux Distros Unpatched Vulnerability : CVE-2017-0373
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The genclasspod implementation in lib/Config/Model/Utils/GenClassPod.pm in Config-Model aka libconfig- model-perl before 2.102 has a dangerous use lib line, whi...
Linux Distros Unpatched Vulnerability : CVE-2014-8625
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple format string vulnerabilities in the parseerrormsg function in parsehelp.c in dpkg before 1.17.22 allow remote attackers to cause a denial of service...
CVE-2025-4609
Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 136.0.7103.113 allowed a remote attacker to potentially perform a sandbox escape via a malicious file. Chromium security severity: High...
SUSE: Security Advisory (SUSE-SU-2025:02734-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Advisory (SUSE-SU-2025:02734-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2025:02734-1 Security update for dpkg
This update for dpkg fixes the following issues: - CVE-2025-6297: Fixed an improper sanitization of directory permissions that could lead to DoS. bsc1245573...
CVE-2025-8582
Insufficient validation of untrusted input in Core in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Low...
CVE-2025-8454
It was discovered that uscan, a tool to scan/watch upstream sources for new releases of software, included in devscripts a collection of scripts to make the life of a Debian Package maintainer easier, skips OpenPGP verification if the upstream source is already downloaded from a previous run even...
CVE-2025-8454
It was discovered that uscan, a tool to scan/watch upstream sources for new releases of software, included in devscripts a collection of scripts to make the life of a Debian Package maintainer easier, skips OpenPGP verification if the upstream source is already downloaded from a previous run even...
CVE-2025-8292
Use after free in Media Stream in Google Chrome prior to 138.0.7204.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
[SECURITY] Fedora 42 Update: dpkg-1.22.20-1.fc42
This package provides the low-level infrastructure for handling the installation and removal of Debian software packages. This package contains the tools including dpkg-source required to unpack, build and upload Debian source packages. This package also contains the programs dpkg which used to...
AZL-64641 CVE-2025-6297 affecting package dpkg 1.20.10-1
It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given automated and...
dpkg-deb 安全漏洞
dpkg-deb is a package manager in Linux from the Debian community. A security vulnerability exists in dpkg-deb that stems from improperly cleaned directory permissions and could lead to a denial of service attack...
DEBIAN-CVE-2014-7210
pdns specific as packaged in Debian in version before 3.3.1-1 creates a too privileged MySQL user. It was discovered that the maintainer scripts of pdns-backend-mysql grant too wide database permissions for the pdns user. Other backends are not affected...
[SECURITY] [DSA 5942-1] chromium security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5942-1 [email protected] https://www.debian.org/security/ Andres Salomon June 11, 2025 https://www.debian.org/security/faq -...
[SECURITY] [DSA 5940-1] modsecurity-apache security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5940-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 08, 2025 https://www.debian.org/security/faq -...
Debian: Security Advisory (DLA-4204-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...