[SECURITY] [DLA 3489-1] mediawiki security update

Debian LTS Advisory DLA-3489-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany July 10, 2023 https://wiki.debian.org/LTS Package : mediawiki Version : 1:1.31.16-1+deb10u5 CVE ID : CVE-2022-47927 A security issue was discovered in MediaWiki, a website engine for...

[SECURITY] [DLA 3436-1] sssd security update

Debian LTS Advisory DLA-3436-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin May 29, 2023 https://wiki.debian.org/LTS Package : sssd Version : 1.16.3-3.2+deb10u1 CVE ID : CVE-2018-16838 CVE-2019-3811 CVE-2021-3621 CVE-2022-4254 Debian Bug : 919051 931432 992710...

CVE-2021-27799

eanleadingzeroes in backend/upcean.c in Zint Barcode Generator 2.9.1 has a stack-based buffer overflow that is reachable from the C API through an application that includes the Zint Barcode Generator library code...

[SECURITY] [DSA 4854-1] webkit2gtk security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4854-1 [email protected] https://www.debian.org/security/ Alberto Garcia February 17, 2021 https://www.debian.org/security/faq -...

[SECURITY] [DLA 2354-1] ndpi security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2354-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz August 29, 2020 https://wiki.debian.org/LTS -...

[SECURITY] [DLA 2333-1] imagemagick security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2333-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany August 18, 2020 https://wiki.debian.org/LTS -...

Debian: Security Advisory (DLA-1483-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2015-5221

Use-after-free vulnerability in the mifprocesscmpt function in libjasper/mif/mifcod.c in the JasPer JPEG-2000 library before 1.900.2 allows remote attackers to cause a denial of service crash via a crafted JPEG 2000 image file...

CVE-2017-9847

The bdecode function in bdecode.cpp in libtorrent 1.1.3 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted file...

CVE-2017-7612

The checksysvhash function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted ELF file...

CVE-2016-3622

The fpAcc function in tifpredict.c in the tiff2rgba tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service divide-by-zero error via a crafted TIFF image...

CVE-2016-2222

The wphttpvalidateurl function in wp-includes/http.php in WordPress before 4.4.2 allows remote attackers to conduct server-side request forgery SSRF attacks via a zero value in the first octet of an IPv4 address in the u parameter to wp-admin/press-this.php...

CVE-2016-1283

The pcrecompile2 function in pcrecompile.c in PCRE 8.38 mishandles the /?:F?+?:^?Ra+"99-?J?'R'?'R'?'RR'?'R'\97?J?J?'R'?'R'\99|:?|?'R'\k'R'|?'R'H'R'RH'R/ pattern and related patterns with named subgroups, which allows remote attackers to cause a denial of service heap-based buffer overflow or...

[SECURITY] [DSA 3396-1] linux security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3396-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 10, 2015 https://www.debian.org/security/faq -...

BSIGN 0.4.5 - Buffer Overflow Exploit

Exploit for linux platform in category local exploits Exploit Author: Juan Sacco - http://www.exploitpack.com Program: bsign - embed and verify secure hashes and digital signatures Tested on: GNU/Linux - Kali Linux 2.0 Description: BSIGN v0.4.5 and prior is prone to a stack-based buffer overflow...

CVE-2015-4047

racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service NULL pointer dereference and IKE daemon crash via a series of crafted UDP requests...

[SECURITY] [DSA 3261-2] libmodule-signature-perl regression update

------------------------------------------------------------------------- Debian Security Advisory DSA-3261-2 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso May 20, 2015 http://www.debian.org/security/faq -...

CVE-2014-9838

magick/cache.c in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service crash...

Debian Security Advisory DSA 2756-1 (wireshark - several vulnerabilities)

Multiple vulnerabilities were discovered in the dissectors for LDAP, RTPS and NBAP and in the Netmon file parser, which could result in denial of service or the execution of arbitrary code. OpenVAS Vulnerability Test $Id: deb2756.nasl 6611 2017-07-07 12:07:20Z cfischer $ Auto-generated from...

CVE-2012-3479

lisp/files.el in Emacs 23.2, 23.3, 23.4, and 24.1 automatically executes eval forms in local-variable sections when the enable-local-variables option is set to :safe, which allows user-assisted remote attackers to execute arbitrary Emacs Lisp code via a crafted file...