6007 matches found
Updated firefox packages fix security vulnerabilities
When injecting an HTML base element, some requests would ignore the CSP's base-uri settings and accept the injected element's base instead CVE-2022-40956. By injecting a cookie with certain special characters, an attacker on a shared subdomain which is not a secure context could set and thus...
Updated apache packages fix security vulnerability
Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in modproxyajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.53 and prior versions...
Updated edk2 packages fix multiples security vulnerabilities
Improper configuration in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access. CVE-2018-12179. Insufficient memory write check in SMM service for EDK II may allow an authenticated...
Updated pcre2 packages fix security vulnerability
An out-of-bounds read was discovered in PCRE before 10.34 when the pattern \X is JIT compiled and used to match specially crafted subjects in non-UTF mode. Applications that use PCRE to parse untrusted input may be vulnerable to this flaw, which would allow an attacker to crash the application. T...
Updated kernel-tmb packages fix security vulnerability
This kernel-tmb update is based on the upstream 4.14.127 and fixes at least the following security issues: Jonathan Looney discovered that it is possible to send a crafted sequence of SACKs which will fragment the RACK send map. An attacker may be able to further exploit the fragmented send map t...
Updated binutils packages fixes security vulnerabilities
This update provides the latest stable binutils, currently version 2.32 and fixes at least the following security issues: ihex.c in GNU Binutils before 2.26 contains a stack buffer overflow when printing bad bytes in Intel Hex objects CVE-2014-9939 Use-after-free vulnerability in libiberty allows...
Updated mediawiki packages fix security vulnerabilities
Mediawiki v1.40.0 does not validate namespaces used in XML files. Therefore, if the instance administrator allows XML file uploads, a remote attacker with a low-privileged user account can use this exploit to become an administrator by sending a malicious link to the instance administrator...
Updated dnsmasq packages fix security vulnerabilities
This updated dnsmasq package fixes security issues: Certain DNSSEC aspects of the DNS protocol allow a remote attacker to trigger a denial of service via extreme consumption of resource caused by DNSSEC query or response: - KeyTrap - Extreme CPU consumption in DNSSEC validator. CVE-2023-50387 -...
Updated git packages fix security vulnerability
gitattributes are a mechanism to allow defining attributes for paths. These attributes can be defined by adding a '.gitattributes' file to the repository, which contains a set of file patterns and the attributes that should be set for paths matching this pattern. When parsing gitattributes,...
Updated gpac packages fix security vulnerabilities
The updated packages fix security vulnerabilities: AVCDuplicateConfig at isomedia/avcext.c in GPAC 0.7.1 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted file. There is "cfgnew-AVCLevelIndication = cfg-AVCLevelIndication;" but cfg...
Updated python-jinja2 packages fix security vulnerability
Sandbox escape due to information disclosure via str.format CVE-2016-10745. str.formatmap allows sandbox escape CVE-2019-10906...
Updated perl-Dancer2 packages fix security vulnerabilities
Dancer2 0.206000 addresses several potential security issues. There is a potential RCE with regards to Storable. Dancer2 adds session ID validation to the session engine so that session backends based on Storable can reject malformed session IDs that may lead to exploitation of the RCE. Parsing...
Updated microcode packages fix security vulnerabilities
This update provides new microcode fixes and mitigations for Spectre CVE-2017-5715 for many Intel CPUs produced in the last 5 years. So far the Intel microcode updates are for several processors from many of Intel Haswell, Broadwell, Skylake, Kaby Lake, Coffee Lake, Gemini Lake, Apollo Lake,...
Updated kernel-tmb packages fixes security vulnerabilities
This kernel-tmb update is based on upstream 4.4.50 and fixes at least the following security issues: The cgroup offline implementation in the Linux kernel through 4.8.11 mishandles certain drain operations, which allows local users to cause a denial of service system hang by leveraging access to ...
Updated wkhtmltopdf packages fix security vulnerability
Directory traversal vulnerability in wkhtmltopdf through 0.12.5 allows remote attackers to read local files and disclose sensitive information via a crafted html file running with the default configurations. CVE-2020-21365...
Updated python-pillow packages fix security vulnerability
pathgetbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path. CVE-2022-22815 pathgetbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path. CVE-2022-22816 PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary...
Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.15.32 and fixes at least the following security issues: An out-of-bounds OOB memory write flaw was found in the Linux kernel’s watchqueue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local...
Updated freerdp/remmina packages fix security vulnerability
It was discovered that FreeRDP incorrectly handled certain memory operations. A remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly exeucte arbitrary code. The freerdp package has been updated to version 2.1.2 to fix these issues. Also, th...
Updated kernel-linus packages fix security vulnerabilities
Vanilla upstream kernel version 6.6.58 fixes bugs and vulnerabilities. For information about the vulnerabilities see the links...
Updated freeradius packages fix security vulnerability
This vulnerability allows an attacker performing a meddler-in-the-middle attack between Palo Alto Networks PAN-OS firewall and a RADIUS server to bypass authentication and escalate privileges to ‘superuser’ when RADIUS authentication is in use and either CHAP or PAP is selected in the RADIUS serv...
Updated log4j packages fix security vulnerability
Apache Log4j2 is vulnerable to a remote code execution RCE attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed b...
Updated imagemagick packages fix security vulnerabilities
The imagemagick package has been updated to version 6.9.9.41 which fixes several unspecified security vulnerabilities. This update fixes several vulnerabilities in imagemagick, including: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of...
Updated virtualbox & kmod-virtualbox packages fix security vulnerabilities
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise...
Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 5.15.110 and fixes atleast the following security issues: A slab-out-of-bound read problem was found in brcmfgetassocies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c. This issue could occur when associnfo-reqlen data is bigger than the siz...
Updated apache packages fix security vulnerability
Some modproxy configurations on Apache HTTP Server allow a HTTP request smuggling attack. Configurations are affected when modproxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the user-supplied request-target URL data an...
Updated unrar packages fix security vulnerability
RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract aka unpack operation, as demonstrated by creating a /.ssh/authorizedkeys file. CVE-2022-30333...
Updated python-urllib3 packages fix security vulnerability
urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest CVE-2020-26137...
Updated golang packages fix a security vulnerability
A flaw was found in Go standard library packages. Both the net/http/cgi and net/http/fcgi packages use a default Content-Type response header value of "text/html", rather than "text/plain". An attacker could exploit this in applications using these packages by uploading crafted files, allowing fo...
Updated curl packages fix security vulnerability
If cookie state is written into a cookie jar file that is later read back and used for subsequent requests, a malicious HTTP server can inject new cookies for arbitrary domains into said cookie jar. The issue pertains to the function that loads cookies into memory, which reads the specified file...
Updated sqlite3 packages fix security vulnerability
It was discovered that sqlite contained an assertion failure upon queries when compiled with -DSQLITEENABLESTAT4 CVE-2022-35737...
Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.15.41 and fixes at least the following security issues: A flaw was found in unrestricted eBPF usage by the BPFBTFLOAD, leading to a possible out-of-bounds memory write in the Linux kernel BPF subsystem due to the way a user loads BTF. This flaw allo...
Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 5.15.32 and fixes at least the following security issues: An out-of-bounds OOB memory write flaw was found in the Linux kernel’s watchqueue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to...
Updated jackson-databind packages fix security vulnerability
A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper CVE-2017-7525...
Updated kernel-tmb packages fix security vulnerabilities
This kernel-tmb update is based on upstream -longterm 3.14.23 and fixes the following security issues: The kvmiommumappages function in virt/kvm/iommu.c in the Linux kernel through 3.16.1 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to 1...
Updated apache packages fix security vulnerabilities
Apache has been updated to version 2.4.59 to fix CVE-2024-27316, CVE-2024-24795 and CVE-2023-38709. CVE-2024-27316: Apache HTTP Server: HTTP/2 DoS by memory exhaustion on endless continuation frames cve.mitre.org HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in...
Updated chromium-browser-stable packages fix security vulnerability
The chromium-browser-stable package has been updated to the 108.0.5359.124 release, fixing 8 vulnerabilities. Some of the security fixes are ... High CVE-2022-4436: Use after free in Blink Media. Reported by Anonymous on 2022-11-15 High CVE-2022-4437: Use after free in Mojo IPC. Reported by...
Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 5.15.62 and fixes at least the following security issues: A use-after-free flaw was found in the Linux kernel Atheros wireless adapter driver in the way a user forces the ath9khtcwaitfortarget function to fail with some input messages. This flaw allows a...
Updated python-yaml packages fix security vulnerability
A vulnerability was discovered in the PyYAML library, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the fullload method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw...
Updated axis packages fix security vulnerability
Updated axis packages fix security vulnerability: Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting XSS attack in the default servlet/services CVE-2018-8032...
Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 4.4.105 and fixes at least the following security issues: A security flaw was discovered in nl80211setrekeydata function in the Linux kernel since v3.1-rc1 through v4.13. This function does not check whether the required attributes are present in a netlink...
Updated python-twisted packages fix security vulnerabilities
Twisted.web has disordered HTTP pipeline response. CVE-2023-46137 Twisted.web has disordered HTTP pipeline response. CVE-2024-41671 HTML injection in HTTP redirect body. CVE-2024-41810...
Updated emacs packages fix security vulnerability
GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the etags program. For example, a victim may use the "etags -u " command suggested in the eta...
Updated imagemagick packages fix security vulnerability
A vulnerability was found in ImageMagick-7.0.11-5, where executing a crafted file with the convert command, ASAN detects memory leaks. CVE-2021-3574 A flaw was found in ImageMagick. The vulnerability occurs due to improper use of open functions and leads to a denial of service. This flaw allows a...
Updated expat packages fix security vulnerability
Passing malformed 2- and 3-byte UTF-8 sequences e.g. from start tag names to the XML processing application on top of Expat can cause arbitrary damage e.g. code execution depending on how invalid UTF-8 is handled inside the XML processor; validation was not their job but Expat's. Exploits with co...
Updated samba packages fix security vulnerability
When Samba is used as a domain controller, an unauthenticated attacker on the network can gain administrator access by exploiting a netlogon protocol flaw CVE-2020-1472. Note that Samba installations are not vulnerable unless they have the smb.conf lines 'server schannel = no' or 'server schannel...
Updated kernel packages fix security vulnerabilities
This kernel update is based on the upstream 4.14.70 and adds additional fixes for the L1TF security issues. It also fixes at least the following security issues: Linux kernel from versions 3.9 and up, is vulnerable to a denial of service attack with low rates of specially modified packets targeti...
kernel update provides 4.14 series and fixes security vulnerabilities
This kernel update provides an upgrade to the 4.14 longterm branch, currently based on 4.14.10. It also fixes at least the following security issues: An elevation of privilege vulnerability in the Broadcom wi-fi driver CVE-2017-0786. Use-after-free vulnerability in the sndpcminfo function in the...
Updated bash packages fix CVE-2014-6271
Updated bash packages fix security vulnerability: A flaw was found in the way Bash evaluated certain specially crafted environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Certain services and applications allow remote...
Updated virtualbox & kmod-virtualbox packages fix security vulnerabilities
Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products scope change. Successf...
Updated tinyxml packages fix a security vulnerability
The updated packages fix a security vulnerability: StringEqual in TiXmlDeclaration::Parse in tinyxmlparser.cpp in TinyXML through 2.6.2 has a reachable assertion and application exit via a crafted XML document with a '\0' located after whitespace. CVE-2023-34194...