6009 matches found
Updated connman packages fix security vulnerability
client.c in gdhcp in ConnMan could be used by network-adjacent attackers operating a crafted DHCP server to cause a stack-based buffer overflow and denial of service, terminating the connman process. CVE-2023-28488...
Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 5.15.110 and fixes atleast the following security issues: A slab-out-of-bound read problem was found in brcmfgetassocies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c. This issue could occur when associnfo-reqlen data is bigger than the siz...
Updated firefox/nss/rootcerts packages fix security vulnerability
In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoofing attacks CVE-2023-32205. An out-of-bounds read could have led to a crash in the RLBox Expat driver CVE-2023-32206. A missing delay in popup...
Updated python-django packages fix security vulnerability
Passing certain inputs e.g., an excessive number of parts to multipart forms could result in too many open files or memory exhaustion, and provided a potential vector for a denial-of-service attack. CVE-2023-24580 Bypass of validation when using one form field to upload multiple files. This...
Updated indent packages fix security vulnerability
Multiple memory safety issues bsc1209718...
Updated freeimage packages fix security vulnerability
Buffer Overflow vulnerability leading to denial of service via a crafted JXR file. CVE-2021-33367...
Updated golang packages fix security vulnerability
Angle brackets were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character could result in unexpectedly closing the CSS context and allowing for injection of unexpected HMTL, if executed with untrusted input...
Updated thunderbird packages fix security vulnerability
Browser prompts could have been obscured by popups. CVE-2023-32205 Crash in RLBox Expat driver. CVE-2023-32206 Potential permissions request bypass via clickjacking. CVE-2023-32207 Content process crash due to invalid wasm code. CVE-2023-32211 Potential spoof due to obscured address bar...
Updated libxml2 packages fix security vulnerability
NULL Pointer Dereference allows attackers to cause a denial of service or application crash. This only applies when lxml is used together with libxml2 2.9.10 through 2.9.14. libxml2 2.9.9 and earlier are not affected. It allows triggering crashes through forged input data, given a vulnerable code...
Updated libfastjson packages fix security vulnerability
Integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbufmemappend. CVE-2020-12762...
Updated avahi packages fix security vulnerability
Fixes crash on some invalid DBus calls. CVE-2023-1981...
Updated parcellite packages fix security vulnerability
Parcellite clipboard manager might cause your copied secrets to be stored in the plain-text form in the system logs...
Updated virtualbox packages fix security vulnerabilities
This update provides the upstream 7.0.8 maintenance release that fixes at least the following security vulnerabilities: Vulnerability in the Oracle VM VirtualBox prior to 7.0.8. A difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM...
Updated imagemagick packages fix security vulnerability
A heap-based buffer overflow issue was discovered in ImageMagick's ImportMultiSpectralQuantum function in MagickCore/quantum-import.c. An attacker could pass specially crafted file to convert, triggering an out-of-bounds read error, allowing an application to crash, resulting in a denial of...
Updated git packages fix security vulnerability
By feeding specially crafted input to 'git apply --reject', a path outside the working tree can be overwritten with partially controlled contents corresponding to the rejected hunks from the given patch. CVE-2023-25652. When Git is compiled with runtime prefix support and runs without translated...
Updated squirrel/supertux packages fix security vulnerability
sqclass.cpp in Squirrel 3.1 allows an out-of-bounds read in the core interpreter that can lead to Code Execution. If a victim executes an attacker-controlled squirrel script, it is possible for the attacker to break out of the squirrel script sandbox even if all dangerous functionality such as Fi...
Updated dnsmasq packages fix security vulnerability
A flaw was found in Dnsmasq. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020. CVE-2023-28450...
Updated php-smarty packages fix security vulnerability
Cross site scripting vulnerability in Javascript escaping. CVE-2023-28447 Additional bug fixes included. See referenced release notes for details...
Updated emacs packages fix security vulnerability
org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU Emacs allows attackers to execute arbitrary commands via a file name or directory name that contains shell metacharacters. CVE-2023-28617...
Updated tcpdump packages fix security vulnerability
The SMB protocol decoder in tcpdump version 4.99.3 can perform an out-of-bounds write when decoding a crafted network packet. CVE-2023-1801...
Updated redis packages fix security vulnerability
Authenticated users can use the HINCRBYFLOAT command to create an invalid hash field that will crash Redis on access. CVE-2023-28856...
Updated openimageio packages fix security vulnerability
A heap out-of-bounds read vulnerability exists in the RLA format parser of OpenImageIO master-branch-9aeece7a and v2.3.19.0. More specifically, in the way run-length encoded byte spans are handled. A malformed RLA file can lead to an out-of-bounds read of heap metadata which can result in sensiti...
Updated kernel packages fix security vulnerability
This kernel update is based on upstream 5.15.106 and fixes atleast the following security issues: A flaw was found in the Linux Kernel. The tun/tap sockets have their socket UID hardcoded to 0 due to a type confusion in their initialization function. While it will be often correct, as tuntap...
Updated kernel-linus packages fix security vulnerability
This kernel-linus update is based on upstream 5.15.106 and fixes atleast the following security issues: A flaw was found in the Linux Kernel. The tun/tap sockets have their socket UID hardcoded to 0 due to a type confusion in their initialization function. While it will be often correct, as tunta...
Updated ceph packages fix security vulnerability
Openstack manilla owning a Ceph File system "share", enables the owner to read/write any manilla share or entire file system. The vulnerability is due to a bug in the "volumes" plugin in Ceph Manager. This allows an attacker to compromise Confidentiality and Integrity of a file system...
Updated python-flask-restx packages fix security vulnerability
Fixes unspecified security issues...
Updated jpegoptim packages fix security vulnerability
A heap overflow can occur with crafted JPEG image file. CVE-2023-27781...
Updated tomcat packages fix security vulnerability
Information disclosure due to concurrency bug CVE-2021-43980 Fix for CVE-2020-9484 introduced a time of check, time of use vulnerability CVE-2022-23181 Correct documentation to warn of use over untrusted networks. CVE-2022-29885 Correct documentation showing use of XSS vulnerability. CVE-2022-343...
Updated firefox packages fix security vulnerability
Updated firefox and libwebp packages fix security vulnerabilities: Unexpected data returned from the Safe Browsing API could have led to memory corruption and a potentially exploitable crash CVE-2023-1945. A website could have obscured the fullscreen notification by using a combination of...
Updated python-certifi packages fix security vulnerability
Disable bundled Trustcor root cerificate signatures generated after Wednesday November 30 00:00:00 2022. CVE-2022-23491...
Updated davmail packages fix security vulnerability
Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1...
Updated libheif packages fix security vulnerability
Vulnerability in the strided image data parsing code in the emscripten wrapper for libheif. An attacker could exploit this through a crafted image file to cause a buffer overflow in linear memory during a memcpy call. CVE-2023-0996...
Updated golang packages fix security vulnerability
DOS due to incorrect HTTP and MIME header parsing CVE-2023-24534 DOS due to incorrect Multipart form parsing CVE-2023-24536 Calling any of the Parse functions on Go source code which contains //line directives with very large line numbers can cause an infinite loop due to integer overflow...
Updated thunderbird packages fix security vulnerability
Fullscreen notification obscured. CVE-2023-29533 Double-free in libwebp. MFSA-TMP-2023-0001 Potential Memory Corruption following Garbage Collector compaction. CVE-2023-29535 Invalid free from JavaScript code. CVE-2023-29536 Revocation status of S/Mime recipient certificates was not checked...
Updated thunderbird packages fix security vulnerability
Matrix SDK bundled with Thunderbird vulnerable to denial-of-service attack. CVE-2023-28427...
Updated openssl packages fix security vulnerability
A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate...
Updated tigervnc/x11-server packages fix security vulnerability
A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window aka COW, the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-fr...
Updated ipmitool packages fix security vulnerability
It's been found that multiple functions in ipmitool before 1.8.19 neglect proper checking of the data received from a remote LAN party, which may lead to buffer overflows and potentially to remote code execution on the ipmitool side. This is especially dangerous if ipmitool is run as a privileged...
Updated imgagmagick packages fix security vulnerability
A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many trash files in "/tmp," resulting in a denial o...
Updated vim packages fix security vulnerability
"rvim" can execute a shell through :diffpatch...
Updated ghostscript packages fix security vulnerability
In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte less than full, and one then...
Updated sudo packages fix security vulnerability
Sudo before 1.9.13 does not escape control characters in log messages. CVE-2023-28486 Sudo before 1.9.13 does not escape control characters in sudoreplay output. CVE-2023-28487...
Updated libapreq2 packages fix security vulnerability
A flaw in Apache libapreq2 versions 2.16 and earlier could cause a buffer overflow while processing multipart form uploads. A remote attacker could send a request causing a process crash which could lead to a denial of service attack. CVE-2022-22728...
Updated zstd packages fix security vulnerability
Buffer overrun in util.c CVE-2022-4899...
Updated stellarium packages fix security vulnerability
Attackers can write to files that are typically unintended, such as ones with absolute pathnames or .. directory traversal. CVE-2023-28371...
Updated python-cairosvg packages fix security vulnerability
CairoSVG is an SVG converter based on Cairo, a 2D graphics library. Prior to version 2.7.0, Cairo can send requests to external hosts when processing SVG files. A malicious actor could send a specially crafted SVG file that allows them to perform a server-side request forgery or denial of service...
Updated peazip packages fix security vulnerability
Denial of service via the End of Archive tag function of the peazip/pea UNPEA feature. CVE-2023-24785...
Updated opencontainers-runc packages fix security vulnerability
/sys/fs/cgroup is writable when cgroupns isn't unshared CVE-2023-25809 Regression that reintroduced CVE-2019-19921 - Incorrect Access Control leading to Escalation of Privileges CVE-2023-27561 AppArmor/SELinux bypass with symlinked /proc CVE-2023-28642...
Updated ldb/samba packages fix security vulnerability
Deletion of AD DC "dnsHostname" attribute by unprivileged authenticated users CVE-2023-0225 Read access controlled AD LDAP attributes CVE-2023-0614 Cleartext password sending by AD DC admin tool CVE-2023-0922...
Updated tigervnc/x11-server packages fix security vulnerability
DeepCopyPointerClasses use-after-free leads to privilege elevation. CVE-2023-0494...