Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-7186-2)

"The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7186-2 advisory. Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type- confusion error. A physically proximate...

Advisory ROSA-SA-2023-2266

software: sqlite 3.41.2 OS: ROSA-CHROME packageevrstring: sqlite-3.41.2-1.src.rpm CVE-ID: CVE-2022-46908 BDU-ID: 2023-05686 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the command line interface of the SQLite database management system is related to implementation errors in the...

GHSA-W3F6-PC54-GFW7 swift-nio-http2 vulnerable to denial of service via mishandled HPACK variable length integer encoding

A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HPACK-encoded header block. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.1. It is fixed in 1.19.2 and later releases. There are a number of...

Google Chrome Security Update (stable-channel-update-for-desktop-2022-01) - Mac OS X

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

Debian DSA-4714-1 : chromium - security update

Several vulnerabilities have been discovered in the chromium web browser. - CVE-2020-6423 A use-after-free issue was found in the audio implementation. - CVE-2020-6430 Avihay Cohen discovered a type confusion issue in the v8 JavaScript library. - CVE-2020-6431 Luan Herrera discovered a policy...

Code injection

The Twitter Kit framework through 3.4.2 for iOS does not properly validate the api.twitter.com SSL certificate. Although the certificate chain must contain one of a set of pinned certificates, there are certain implementation errors such as a lack of hostname verification. NOTE: this is an...

Debian: Security Advisory (DLA-1308-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 1308-1] firefox-esr security update

Package : firefox-esr Version : 52.7.1esr-1deb7u1 CVE ID : CVE-2018-5125 CVE-2018-5127 CVE-2018-5129 CVE-2018-5130 CVE-2018-5131 CVE-2018-5144 CVE-2018-5145 Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors and other implementation errors ma...

Debian DLA-1256-1 : firefox-esr security update

Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees and other implementation errors may lead to the execution of arbitrary code or denial of service. For Debian 7 'Wheezy', these problems have been fixed in version...

[SECURITY] [DLA 1172-1] firefox-esr security update

Package : firefox-esr Version : 52.5.0esr-1deb7u1 CVE ID : CVE-2017-7826 CVE-2017-7828 CVE-2017-7830 Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees and other implementation errors may lead to the execution of arbitrary...

Debian DLA-1153-1 : icedove/thunderbird security update

Multiple security issues have been found in the Mozilla Thunderbird mail client: Multiple memory safety errors, buffer overflows and other implementation errors may lead to crashes or the execution of arbitrary code. With this update the source package name changes from icedove to thunderbird so...

[SECURITY] [DLA 1153-1] icedove/thunderbird security update

Package : thunderbird Version : 1:52.4.0-1deb7u1 CVE ID : CVE-2017-7793 CVE-2017-7805 CVE-2017-7810 CVE-2017-7814 CVE-2017-7818 CVE-2017-7819 CVE-2017-7823 CVE-2017-7824 CVE-2017-7825 Multiple security issues have been found in the Mozilla Thunderbird mail client: Multiple memory safety errors,...

Debian DLA-1118-1 : firefox-esr security update

Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees, buffer overflows and other implementation errors may lead to the execution of arbitrary code, denial of service, cross-site scripting or bypass of the phishing and malware...

Debian DLA-1053-1 : firefox-esr security update

Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees, buffer overflows and other implementation errors may lead to the execution of arbitrary code, denial of service, bypass of the same-origin policy or incorrect enforcement of...

Debian DLA-1007-1 : icedove/thunderbird security update

Multiple security issues have been found in the Mozilla Thunderbird mail client: Multiple memory safety errors, buffer overflows and other implementation errors may lead to the execution of arbitrary code or spoofing. For Debian 7 'Wheezy', these problems have been fixed in version...

Debian DSA-3881-1 : firefox-esr - security update

Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees, buffer overflows and other implementation errors may lead to the execution of arbitrary code, denial of service or domain spoofing. Debian follows the extended support...

Debian DLA-852-1 : firefox-esr security update

Multiple security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees and other implementation errors may lead to the execution of arbitrary code, ASLR bypass, information disclosure or denial of service. For Debian 7 'Wheezy', these problems...

Debian DSA-3771-1 : firefox-esr - security update

Multiple security issues have been found in the Mozilla Firefox web browser: Memory safety errors, use-after-frees and other implementation errors may lead to the execution of arbitrary code, information disclosure or privilege escalation. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

Debian DSA-3716-1 : firefox-esr - security update

Multiple security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows and other implementation errors may lead to the execution of arbitrary code or bypass of the same-origin policy. Also, a man-in-the-middle attack in the addon update...

Debian: Security Advisory (DSA-3674-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...