ROS-20240423-03

Vulnerability in the /krb5/src/lib/rpc/pmaprmt.c component of the Kerberos network protocol implementation is related to memory freeing errors. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service Vulnerability in component...

ROS-20240422-05

The golang package vulnerability is related to errors returned from MarshalJSON methods containing data, controlled by the user. Exploitation of the vulnerability could allow an attacker acting remotely, exploit these errors to disrupt the contextual behavior of the automatic output of the packag...

[SECURITY] Fedora 38 Update: cockpit-311.2-1.fc38

The Cockpit Web Console enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more...

Fedora: Security Advisory (FEDORA-2024-4e95f130fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2024-6065341780)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: cockpit-314-1.fc40

The Cockpit Web Console enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more...

The vulnerability of the golang package in the Debian GNU/Linux operating system, which allows a perpetrator to access confidential information

The vulnerability of the golang package in the Debian GNU/Linux operating system is related to the lack of protection for service data. Exploiting this vulnerability could allow a malicious actor to gain access to confidential information remotely...

The vulnerability of the golang package in the Debian GNU/Linux operating system, which allows a attacker to trigger a Denial-of-Service Attack (DoS).

The vulnerability of the golang package in the Debian GNU/Linux operating system is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to trigger a Denial-of-Service Attack DoS...

The vulnerability of the golang package in the Debian GNU/Linux operating system, allowing a hacker to execute arbitrary code

The vulnerability of the golang package in the Debian GNU/Linux operating system is related to incorrect code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

[SECURITY] Fedora 40 Update: BareBonesBrowserLaunch-3.1-33.fc40

Utility class to open a web page from a Swing application in the user's default browser. Supports: Mac OS X, GNU/Linux, Unix, Windows XP...

TELSAT marKoni FM Transmitter 1.9.5 Client-Side Access Control Bypass Vulnerability

TELSAT marKoni FM Transmitter version 1.9.5 implements client-side restrictions that can be bypassed by editing the HTML source page that enable administrative operations. TELSAT marKoni FM Transmitter 1.9.5 Client-Side Access Control Bypass Vendor: TELSAT Srl Product web page:...

TELSAT marKoni FM Transmitter 1.9.5 Insecure Access Control Change Password

Summary Professional FM transmitters. Description Unauthorized user could exploit this vulnerability to change his/her password, potentially gaining unauthorized access to sensitive information or performing actions beyond her/his designated permissions. TELSAT marKoni FM Transmitter 1.9.5 Insecu...

TELSAT marKoni FM Transmitter 1.9.5 Insecure Access Control

TELSAT marKoni FM Transmitter 1.9.5 Insecure Access Control Change Password Vendor: TELSAT Srl Product web page: https://www.markoni.it Affected version: Markoni-D Compact FM Transmitters Markoni-DH Exciter+Amplifiers FM Transmitters Markoni-A Analogue Modulator FM Transmitters Firmware: 1.9.5...

TELSAT marKoni FM Transmitter 1.9.5 Root Command Injection Exploit

TELSAT marKoni FM Transmitter version 1.9.5 is susceptible to unauthenticated remote code execution with root privileges. An attacker can exploit a command injection vulnerability by manipulating the Email settings' WAN IP info service, which utilizes the wget module. This allows the attacker to...

TELSAT marKoni FM Transmitter 1.9.5 Client-Side Access Control Bypass

Summary Professional FM transmitters. Description The application implements client-side restrictions that can be bypassed by editing the HTML source page that enable administrative operations. TELSAT marKoni FM Transmitter 1.9.5 Client-Side Access Control Bypass Vendor: TELSAT Srl Product web...

Firefox 121 / Chrome 120 Denial Of Service

Minor firefox DoS - semi silently polluting /Downloads with files part 2 Tested on: firefox 121 and chrome 120 on GNU/linux Date: Thu Jan 18 08:38:28 AM UTC 2024 This is barely a DoS, but since it might affect Chrome too we decided to disclose it. If firefox user visits a specially crafted page,...

The vulnerability of the Tor browser for the Debian GNU/Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the Tor browser for the Debian GNU/Linux operating system exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

TitanNit Web Control 2.01 / Atemio 7600 Root Remote Code Execution

Summary The Atemio AM 520 HD Full HD satellite receiver enables the reception of digital satellite programs in overwhelming image quality in both SD and HD ranges. In addition to numerous connections, the small all-rounder offers a variety of plugins that can be easily installed thanks to the lar...

Heap OOB Read

Environment bash Distributor ID: Debian Description: Debian GNU/Linux bookworm/sid Version I checked against the latest release as of 10/08/23 the current master branch at commit 50c2ab06f45a3101d73d6f317e98f041809f4923 . Description This AddressSanitizer output is indicating an OOB read of inval...

Heap BoF in trunc_string()

Environment bash Distributor ID: Debian Description: Debian GNU/Linux bookworm/sid Version I checked against the master branch as of 09/25 at commit 6ee7b521fa7531ef356ececc8be7575c3800f872 . Description Heap BoF in the file /src/message.c in the function truncstring at line 356. Snippet c bufe -...