5998 matches found
Updated vim packages fix security vulnerability
Divide By Zero in GitHub repository vim/vim prior to 9.0.1367. CVE-2023-1127 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1376. CVE-2023-1170 Incorrect Calculation of Buffer Size in GitHub repository vim/vim prior to 9.0.1378. CVE-2023-1175...
Updated libmicrohttpd packages fix security vulnerability
In the MHDPostProcessor, malformed inputs can be used to crash the server for denial-of-service...
Updated gssntlmssp packages fix security vulnerability
Multiple out-of-bounds read when decoding NTLM fields. CVE-2023-25563 Memory corruption when decoding UTF16 strings. CVE-2023-25564 Incorrect free when decoding target information. CVE-2023-25565 Memory leak when parsing usernames. CVE-2023-25566 Out-of-bounds read when decoding target informatio...
Updated firefox packages fix security vulnerability
Sometimes, when invalidating JIT code while following an iterator, the newly generated code could be overwritten incorrectly. This could lead to a potentially exploitable crash CVE-2023-25751. When accessing throttled streams, the count of available bytes needed to be checked in the calling...
Updated flatpak packages fix security vulnerability
If a malicious Flatpak app is run on a Linux virtual console such as /dev/tty1, it can copy text from the virtual console and paste it back into the virtual console's input buffer, from which the command might be run by the user's shell after the Flatpak app has exited. This is similar to...
Updated thunderbird packages fix security vulnerability
Incorrect code generation during JIT compilation. CVE-2023-25751 Potential out-of-bounds when accessing throttled streams. CVE-20223-25752 Invalid downcast in Worklets. CVE-2023-28162 URL being dragged from a removed cross-origin iframe into the same tab triggered navigation. CVE-2023-28164 Memor...
Updated mysql-connector-c++ packages fix security vulnerability
The program plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement. CVE-2022-24407...
Updated sqlite3 packages fix security vulnerability
SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE. CVE-2022-46908...
Updated protobuf packages fix security vulnerability
Parsing vulnerability for the MessageSet type in the ProtocolBuffers for protobuf-python can lead to out of memory can lead to a Denial of Service against services receiving unsanitized input. CVE-2022-1941 A parsing issue with binary data in protobuf-java core and lite can lead to a denial of...
Updated heimdal packages fix security vulnerability
The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding "!= 0" comparisons to the result of memcmp. When these patches were backported a logic inversion sneaked in causing the validation of message integrity codes in gssapi/arcfour to b...
Updated epiphany packages fix security vulnerability
In Epiphany aka GNOME Web through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts. CVE-2023-26081...
Updated apache packages fix security vulnerability
Some modproxy configurations on Apache HTTP Server allow a HTTP request smuggling attack. Configurations are affected when modproxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the user-supplied request-target URL data an...
Updated liferea packages fix security vulnerability
Remote code execution on feed enrichment. If "Extract full content from HTML5 and Google AMP" has been enabled for one or more feed subscriptions it is possible for a an attacker to inject a script command that runs with user priveleges. CVE-2023-1350...
Updated libtpms packages fix security vulnerability
An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can lead to denial of service crashing the TPM chip/process ...
Updated libde265 packages fix security vulnerability
libde265 has been updated to version 1.0.11 to fix many security issues...
Updated jasper packages fix security vulnerability
Memory leak in function cmdoptsparse that can cause a crash or segmentation fault. CVE-2022-2963...
Updated perl-HTML-StripScripts packages fix security vulnerability
The HTML-StripScripts module through 1.06 for Perl allows hssattvalstyle ReDoS because of catastrophic backtracking for HTML content with certain style attributes. CVE-2023-24038...
Updated ruby-git packages fix security vulnerability
ruby-git versions prior to v1.13.0 allows a remote authenticated attacker to execute an arbitrary ruby code by having a user to load a repository containing a specially crafted filename to the product. CVE-2022-46648, CVE-2022-47318...
Updated xfig packages fix security vulnerability
A potential buffer overflow exists in the file src/whelp.c at line 55. Specifically, the length of the string returned by getenv"LANG" may become very long and cause a buffer overflow while executing the sprintf function. This vulnerability could potentially allow an attacker to execute arbitrary...
Updated woodstox-core packages fix security vulnerability
Denial of service using crafted input. CVE-2022-40152...
Updated tmux packages fix security vulnerability
Fixed a null pointer dereference in window.c. CVE-2022-47016...
Updated microcode packages fix security vulnerabilities
Updated microcode packages fix security vulnerabilities: Insufficient granularity of access control in out-of-band management in some IntelR Atom and Intel Xeon Scalable Processors may allow a privileged user to potentially enable escalation of privilege via adjacent network access CVE-2022-21216...
Updated dcmtk packages fix security vulnerability
Jinsheng Ba discovered that DCMTK incorrectly handled certain requests. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. CVE-2021-41687, CVE-2021-41688, CVE-2021-41689,...
Updated libreswan packages fix security vulnerability
A change in the libreswan 4.2 Traffic Selector parsing code introduced a missing check that would reject palformed Traffic Selector payloads. As such, in such case the code stumbles on to hit a double free, leading to a crash and restart of the pluto daemon. No remote code execution. CVE-2023-230...
Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.15.98 and fixes atleast the following security issues: A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines o...
Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 5.15.98 and fixes atleast the following security issues: A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB...
Updated redis packages fix security vulnerability
Specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. CVE-2023-25155 String matching commands like SCAN or KEYS with a specially crafted pattern to trigger a...
Updated chromium-browser-stable packages fix security vulnerability
High CVE-2023-1213: Use after free in Swiftshader. Reported by Jaehun Jeong@n3sk of Theori on 2023-01-30 High CVE-2023-1214: Type Confusion in V8. Reported by Man Yue Mo of GitHub Security Lab on 2023-02-03 High CVE-2023-1215: Type Confusion in CSS. Reported by Anonymous on 2023-02-17 High...
Updated pkgconf packages fix security vulnerability
In pkgconf through 1.9.3, variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconftupleparse. For example, a .pc file containing a few hundred bytes can expand to one billion bytes. CVE-2023-24056...
Updated emacs packages fix security vulnerability
GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the etags program. For example, a victim may use the "etags -u " command suggested in the eta...
Updated libtiff packages fix security vulnerability
Out-of-bounds read in tiffcrop in tools/tiffcrop.c:3488, allowing attackers to cause a denial-of-service via a crafted tiff file. CVE-2023-0795 Out-of-bounds read in tiffcrop in tools/tiffcrop.c:3592, allowing attackers to cause a denial-of-service via a crafted tiff file. CVE-2023-0796...
Updated chromium-browser-stable packages fix security vulnerability
Chromium updated Chromium to 110.0.5481.177 to fix vulnerabilities including CVE-2023-0927 Use after free in Web Payments API. CVE-2023-0928 Use after free in SwiftShader. CVE-2023-0929 Use after free in Vulkan. CVE-2023-0930 Heap buffer overflow in Video. CVE-2023-0931 Use after free in Video...
Updated libraw packages fix security vulnerability
Buffer Overflow vulnerability in LibRaw linux/unix v0.20.0 allows attacker to escalate privileges via the LibRawbufferdatastream::getschar, int in /src/libraw/src/librawdatastream.cpp. CVE-2021-32142...
Updated nodejs packages fix security vulnerability
The following CVEs are fixed in this release: CVE-2023-23918: Node.js Permissions policies can be bypassed via process.mainModule High CVE-2023-23920: Node.js insecure loading of ICU data through ICUDATA environment variable Low More detailed information on each of the vulnerabilities can be foun...
Updated tar packages fix security vulnerability
GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in fromheader in list.c via a V7 archive in which mtime has approximately 11 whitespace...
Updated crmsh packages fix security vulnerability
Privilege escalation CVE-2021-3020 and other fixes...
Updated binwalk packages fix security vulnerability
Remote code execution using crafted PFS filesystem. CVE-2022-4510...
Updated vim packages fix security vulnerability
A null pointer dereference issue was discovered in function guix11createblankmouse in guix11.c in vim 8.1.2269 thru 9.0.0339 allows attackers to cause denial of service or other unspecified impacts. CVE-2022-47024 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1225...
Updated ipython packages fix security vulnerability
Executed config files from the current working directory, which could result in cross-user attacks if run from a directory multiple users may write to. CVE-2022-21699...
Updated postgresql packages fix security vulnerability
Client memory disclosure when connecting, with Kerberos, to modified server. CVE-2022-41862...
Updated sox packages fix security vulnerability
CVE-2019-13590: sox-fmt validation CVE-2021-3643 and CVE-2021-23210: voc validation CVE-2021-23159 and CVE-2021-23172: hcom validation CVE-2021-33844: wav validation CVE-2021-40426: sphere validation CVE-2022-31650: aiff validation CVE-2022-31651: reject implausible rate...
Updated gnutls packages fix security vulnerability
Timing side channel in the RSA decryption implementation of the GNU TLS library. CVE-2023-0361...
Updated apache-commons-fileupload packages fix security vulnerability
Denial of service with a malicious upload or series of uploads. CVE-2023-24998...
Updated python-twisted packages fix security vulnerability
When the host header does not match a configured host twisted.web.vhost.NameVirtualHost will return a NoResource resource which renders the Host header unescaped into the 404 response allowing HTML and script injection. CVE-2022-39348...
Updated jupyter-core packages fix security vulnerability
Arbitrary code execution when loading configuration files CVE-2022-39286...
Updated php packages fix security vulnerability
The passwordverify function may accept some invalid Blowfish hashes as valid. If such invalid hash ever ends up in the password database, it may lead to an application allowing any password for this entry as valid. CVE-2023-0567 The core path resolution function allocates a buffer one byte too...
Updated python-cryptography packages fix security vulnerability
Cipher.updateinto would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects such as 'bytes' to be mutated, thus violating fundamental rules of Python and resulting in corrupted output. This now correctly raises an...
Updated sofia-sip packages fix security vulnerability
The configsortlist function is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow and thus may cause a denial of service. CVE-2022-47516...
Updated python-jupyterlab packages fix security vulnerability
Remote code execution, but requires user action to open a notebook. CVE-2021-32797, and other bug fixes...
Updated apr packages fix security vulnerability
Integer Overflow or Wraparound vulnerability in aprencode functions of Apache Portable Runtime APR allows an attacker to write beyond bounds of a buffer. CVE-2022-24963...