OESA-2023-1868 gdb security update

GDB, the GNU Project debugger, allows you to see what is going on inside another program while it executes -- or what another program was doing at the moment it crashed. Security Fixes: GNU gdb GDB 13.0.50.20220805-git was discovered to contain a heap buffer overflow via the function peas16 at...

CVE-2023-39804

In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c...

PT-2023-27111 · Gnu +5 · Gnu Tar +5

Name of the Vulnerable Software and Affected Versions: GNU tar versions prior to 1.35 Description: The issue arises from mishandled extension attributes in a PAX archive, which can cause an application crash in xheader.c. Recommendations: For GNU tar versions prior to 1.35, update to version 1.35...

UBUNTU-CVE-2023-39804

In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c...

GLSA-202311-08 : GNU Libmicrohttpd: Buffer Overflow Vulnerability

The remote host is affected by the vulnerability described in GLSA-202311-08 GNU Libmicrohttpd: Buffer Overflow Vulnerability - A flaw was found in libmicrohttpd. A missing bounds check in the postprocessurlencoded function leads to a buffer overflow, allowing a remote attacker to write arbitrary...

GNU Libmicrohttpd: Buffer Overflow Vulnerability

Background GNU libmicrohttpd is a small C library that makes it easy to run an HTTP server as part of another application. GNU Libmicrohttpd is free software and part of the GNU project. Description A buffer overflow vulnerability has been discovered in GNU Libmicrohttpd. Please review the CVE...

TitanNit Web Control 2.01 / Atemio 7600 Root Remote Code Execution

Summary The Atemio AM 520 HD Full HD satellite receiver enables the reception of digital satellite programs in overwhelming image quality in both SD and HD ranges. In addition to numerous connections, the small all-rounder offers a variety of plugins that can be easily installed thanks to the lar...

Default configuration

OpenZFS through 2.1.13 and 2.2.x through 2.2.1, in certain scenarios involving applications that try to rely on efficient copying of file data, can replace file contents with zero-valued bytes and thus potentially disable security mechanisms. NOTE: this issue is not always security related, but c...

OESA-2023-1853 gdb security update

GDB, the GNU Project debugger, allows you to see what is going on inside another program while it executes -- or what another program was doing at the moment it crashed. Security Fixes: GNU gdb GDB 13.0.50.20220805-git was discovered to contain a heap use after free via the function...

PT-2023-31158 · Unknown +3 · Gnu Core Utilities +3

Name of the Vulnerable Software and Affected Versions: OpenZFS versions 2.1.13 and earlier OpenZFS versions 2.2.x through 2.2.1 Description: The issue is related to the replacement of file contents with zero-valued bytes, potentially disabling security mechanisms in certain scenarios involving...

CVE-2023-49298

OpenZFS through 2.1.13 and 2.2.x through 2.2.1, in certain scenarios involving applications that try to rely on efficient copying of file data, can replace file contents with zero-valued bytes and thus potentially disable security mechanisms. NOTE: this issue is not always security related, but c...

Oracle Linux 8 : emacs (ELSA-2023-7083)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7083 advisory. 1:26.1-11 - Bump version Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has n...

Oracle Linux 8 : libmicrohttpd (ELSA-2023-7090)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-7090 advisory. 1:0.9.59-3 - Add cve-2023-27371.patch Related: rhbz2174639 CVE-2023-27371 Tenable has extracted the preceding description block directly from the Oracle Linux...

OESA-2023-1827 gdb security update

GDB, the GNU Project debugger, allows you to see what is going on inside another program while it executes -- or what another program was doing at the moment it crashed. Security Fixes: GNU gdb GDB 13.0.50.20220805-git was discovered to contain a heap use after free via the function...

OESA-2023-1825 gdb security update

GDB, the GNU Project debugger, allows you to see what is going on inside another program while it executes -- or what another program was doing at the moment it crashed. Security Fixes: GNU gdb GDB 13.0.50.20220805-git was discovered to contain a heap use after free via the function...

CVE-2023-44442

A parsing vulnerability was found in the GNU Image Manipulation Program GIMP. This flaw allows an unauthenticated, remote attacker to trick a GIMP user into opening a malicious PSD file, possibly enabling the execution of unauthorized code within the GIMP process. Mitigation Mitigation for this...

CVE-2023-44444

A parsing vulnerability was found in the GNU Image Manipulation Program GIMP. This flaw allows an unauthenticated, remote attacker to trick a GIMP user into opening a malicious PSP file, possibly enabling the execution of unauthorized code within the GIMP process. Mitigation Mitigation for this...

CVE-2023-44443

A parsing vulnerability was found in the GNU Image Manipulation Program GIMP. This flaw allows an unauthenticated, remote attacker to trick a GIMP user into opening a malicious PSP file, possibly enabling the execution of unauthorized code within the GIMP process. Mitigation Mitigation for this...

Vulnerabilities fixed in GIMP

Vulnerabilities have been fixed in GIMP. A malicious person could vulnerabilities to execute arbitrary code with victim's privileges, potentially gaining access to sensitive data. Successful exploitation requires the malicious party to trick the victim into opening a rogue file. The developers of...

Oracle Linux 9 : gmp (ELSA-2023-6661)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-6661 advisory. 1:6.2.0-13 - Fix: previous commit removed one function from the library and thus broke the ABI - function gmpnpreinvdivrem1 should now not be removed Related:...