6011 matches found
Updated python-cairosvg packages fix security vulnerability
CairoSVG is an SVG converter based on Cairo, a 2D graphics library. Prior to version 2.7.0, Cairo can send requests to external hosts when processing SVG files. A malicious actor could send a specially crafted SVG file that allows them to perform a server-side request forgery or denial of service...
Updated perl-Cpanel-JSON-XS packages fix security vulnerability
Fixes some bugs including a security vulnerability when decoding hash keys without ending ':'...
Updated dino packages fix security vulnerability
When a Dino client receives a specifically crafted message from an unauthorized sender, it would use information from that message to add, update or remove entries in the user’s personal bookmark store without requiring further user interaction. CVE-2023-28686...
Updated tigervnc/x11-server packages fix security vulnerability
DeepCopyPointerClasses use-after-free leads to privilege elevation. CVE-2023-0494...
Updated perl-Net-Server packages fix security vulnerability
Net-Server, when the reverse-lookups option is enabled, does not check if the hostname resolves to the source IP address, which might allow remote attackers to bypass ACL restrictions via the hostname parameter. CVE-2013-1841...
Updated xapian packages fix security vulnerability
Xapian database corruption on disk full is possible. It doesn't happen in every case as ENOSPC needs to happen on a particular operation during the commit but then not happen on a repeat attempt at that operation. bdo1032398...
Updated snort packages fix security vulnerability
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured File Policy for HTTP. The vulnerability is due to incorrect detection of modified HTTP packets used in chunked responses. An attacker...
Updated python-flask-security packages fix security vulnerability
Open redirect CVE-2021-23385...
Updated ruby-rack packages fix security vulnerability
A denial of service vulnerability in the Range header parsing component of Rack = 1.5.0. A Carefully crafted input can cause the Range header parsing component in Rack to take an unexpected amount of time, possibly resulting in a denial of service attack vector. Any applications that deal with...
Updated gssntlmssp packages fix security vulnerability
Multiple out-of-bounds read when decoding NTLM fields. CVE-2023-25563 Memory corruption when decoding UTF16 strings. CVE-2023-25564 Incorrect free when decoding target information. CVE-2023-25565 Memory leak when parsing usernames. CVE-2023-25566 Out-of-bounds read when decoding target informatio...
Updated vim packages fix security vulnerability
Divide By Zero in GitHub repository vim/vim prior to 9.0.1367. CVE-2023-1127 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1376. CVE-2023-1170 Incorrect Calculation of Buffer Size in GitHub repository vim/vim prior to 9.0.1378. CVE-2023-1175...
Updated golang packages fix security vulnerability
A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. CVE-2022-41723 Large handshake records may cause panics in crypto/tls. CVE-2022-41724 Denial of service from excessive...
Updated libtiff packages fix security vulnerability
LibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948, allowing attackers to cause a denial-of-service via a crafted tiff file. CVE-2022-4645...
Updated unarj packages fix security vulnerability
Buffer overflow in unarj before 2.63a-r2 allows remote attackers to execute arbitrary code via an arj archive that contains long filenames. CVE-2004-0947 Directory traversal vulnerability in the -x extract command line option in unarj allows remote attackers to overwrite arbitrary files via an ar...
Updated firefox packages fix security vulnerability
Sometimes, when invalidating JIT code while following an iterator, the newly generated code could be overwritten incorrectly. This could lead to a potentially exploitable crash CVE-2023-25751. When accessing throttled streams, the count of available bytes needed to be checked in the calling...
Updated thunderbird packages fix security vulnerability
Incorrect code generation during JIT compilation. CVE-2023-25751 Potential out-of-bounds when accessing throttled streams. CVE-20223-25752 Invalid downcast in Worklets. CVE-2023-28162 URL being dragged from a removed cross-origin iframe into the same tab triggered navigation. CVE-2023-28164 Memor...
Updated python-owslib packages fix security vulnerability
XML External Entity XXE Injection CVE-2023-27476...
Updated libmicrohttpd packages fix security vulnerability
In the MHDPostProcessor, malformed inputs can be used to crash the server for denial-of-service...
Updated flatpak packages fix security vulnerability
If a malicious Flatpak app is run on a Linux virtual console such as /dev/tty1, it can copy text from the virtual console and paste it back into the virtual console's input buffer, from which the command might be run by the user's shell after the Flatpak app has exited. This is similar to...
Updated sqlite3 packages fix security vulnerability
SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE. CVE-2022-46908...
Updated heimdal packages fix security vulnerability
The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding "!= 0" comparisons to the result of memcmp. When these patches were backported a logic inversion sneaked in causing the validation of message integrity codes in gssapi/arcfour to b...
Updated xfig packages fix security vulnerability
A potential buffer overflow exists in the file src/whelp.c at line 55. Specifically, the length of the string returned by getenv"LANG" may become very long and cause a buffer overflow while executing the sprintf function. This vulnerability could potentially allow an attacker to execute arbitrary...
Updated apache packages fix security vulnerability
Some modproxy configurations on Apache HTTP Server allow a HTTP request smuggling attack. Configurations are affected when modproxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the user-supplied request-target URL data an...
Updated woodstox-core packages fix security vulnerability
Denial of service using crafted input. CVE-2022-40152...
Updated perl-HTML-StripScripts packages fix security vulnerability
The HTML-StripScripts module through 1.06 for Perl allows hssattvalstyle ReDoS because of catastrophic backtracking for HTML content with certain style attributes. CVE-2023-24038...
Updated ruby-git packages fix security vulnerability
ruby-git versions prior to v1.13.0 allows a remote authenticated attacker to execute an arbitrary ruby code by having a user to load a repository containing a specially crafted filename to the product. CVE-2022-46648, CVE-2022-47318...
Updated liferea packages fix security vulnerability
Remote code execution on feed enrichment. If "Extract full content from HTML5 and Google AMP" has been enabled for one or more feed subscriptions it is possible for a an attacker to inject a script command that runs with user priveleges. CVE-2023-1350...
Updated protobuf packages fix security vulnerability
Parsing vulnerability for the MessageSet type in the ProtocolBuffers for protobuf-python can lead to out of memory can lead to a Denial of Service against services receiving unsanitized input. CVE-2022-1941 A parsing issue with binary data in protobuf-java core and lite can lead to a denial of...
Updated libtpms packages fix security vulnerability
An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can lead to denial of service crashing the TPM chip/process ...
Updated libde265 packages fix security vulnerability
libde265 has been updated to version 1.0.11 to fix many security issues...
Updated jasper packages fix security vulnerability
Memory leak in function cmdoptsparse that can cause a crash or segmentation fault. CVE-2022-2963...
Updated mysql-connector-c++ packages fix security vulnerability
The program plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement. CVE-2022-24407...
Updated epiphany packages fix security vulnerability
In Epiphany aka GNOME Web through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts. CVE-2023-26081...
Updated libreswan packages fix security vulnerability
A change in the libreswan 4.2 Traffic Selector parsing code introduced a missing check that would reject palformed Traffic Selector payloads. As such, in such case the code stumbles on to hit a double free, leading to a crash and restart of the pluto daemon. No remote code execution. CVE-2023-230...
Updated redis packages fix security vulnerability
Specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. CVE-2023-25155 String matching commands like SCAN or KEYS with a specially crafted pattern to trigger a...
Updated dcmtk packages fix security vulnerability
Jinsheng Ba discovered that DCMTK incorrectly handled certain requests. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. CVE-2021-41687, CVE-2021-41688, CVE-2021-41689,...
Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.15.98 and fixes atleast the following security issues: A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines o...
Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 5.15.98 and fixes atleast the following security issues: A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB...
Updated tmux packages fix security vulnerability
Fixed a null pointer dereference in window.c. CVE-2022-47016...
Updated microcode packages fix security vulnerabilities
Updated microcode packages fix security vulnerabilities: Insufficient granularity of access control in out-of-band management in some IntelR Atom and Intel Xeon Scalable Processors may allow a privileged user to potentially enable escalation of privilege via adjacent network access CVE-2022-21216...
Updated chromium-browser-stable packages fix security vulnerability
High CVE-2023-1213: Use after free in Swiftshader. Reported by Jaehun Jeong@n3sk of Theori on 2023-01-30 High CVE-2023-1214: Type Confusion in V8. Reported by Man Yue Mo of GitHub Security Lab on 2023-02-03 High CVE-2023-1215: Type Confusion in CSS. Reported by Anonymous on 2023-02-17 High...
Updated vim packages fix security vulnerability
A null pointer dereference issue was discovered in function guix11createblankmouse in guix11.c in vim 8.1.2269 thru 9.0.0339 allows attackers to cause denial of service or other unspecified impacts. CVE-2022-47024 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1225...
Updated pkgconf packages fix security vulnerability
In pkgconf through 1.9.3, variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconftupleparse. For example, a .pc file containing a few hundred bytes can expand to one billion bytes. CVE-2023-24056...
Updated nodejs packages fix security vulnerability
The following CVEs are fixed in this release: CVE-2023-23918: Node.js Permissions policies can be bypassed via process.mainModule High CVE-2023-23920: Node.js insecure loading of ICU data through ICUDATA environment variable Low More detailed information on each of the vulnerabilities can be foun...
Updated crmsh packages fix security vulnerability
Privilege escalation CVE-2021-3020 and other fixes...
Updated libraw packages fix security vulnerability
Buffer Overflow vulnerability in LibRaw linux/unix v0.20.0 allows attacker to escalate privileges via the LibRawbufferdatastream::getschar, int in /src/libraw/src/librawdatastream.cpp. CVE-2021-32142...
Updated libtiff packages fix security vulnerability
Out-of-bounds read in tiffcrop in tools/tiffcrop.c:3488, allowing attackers to cause a denial-of-service via a crafted tiff file. CVE-2023-0795 Out-of-bounds read in tiffcrop in tools/tiffcrop.c:3592, allowing attackers to cause a denial-of-service via a crafted tiff file. CVE-2023-0796...
Updated tar packages fix security vulnerability
GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in fromheader in list.c via a V7 archive in which mtime has approximately 11 whitespace...
Updated chromium-browser-stable packages fix security vulnerability
Chromium updated Chromium to 110.0.5481.177 to fix vulnerabilities including CVE-2023-0927 Use after free in Web Payments API. CVE-2023-0928 Use after free in SwiftShader. CVE-2023-0929 Use after free in Vulkan. CVE-2023-0930 Heap buffer overflow in Video. CVE-2023-0931 Use after free in Video...
Updated binwalk packages fix security vulnerability
Remote code execution using crafted PFS filesystem. CVE-2022-4510...