6011 matches found
Updated kitty packages fix security vulnerability
In Kitty before 0.26.2, insufficient validation in the desktop notification escape sequence can lead to arbitrary code execution. The user must display attacker-controlled content in the terminal, then click on a notification popup. CVE-2022-41322...
Updated dbus packages fix security vulnerability
A syntactically invalid type signature with incorrectly nested parentheses and curly brackets would cause an assertion failure in debug builds. Similar messages could potentially result in a crash or incorrect message processing in a production build, although we are not aware of a practical...
Updated php packages fix security vulnerability
Core Fixed bug GH-9323 Crash in ZENDRETURN/GC/zendcallfunction Fixed bug GH-9361 Segmentation fault on script exit 9379. Fixed bug GH-9407 LSP error in eval'd code refers to wrong class for static type. Fixed bug 81727: Don't mangle HTTP variable names that clash with ones that have a specific...
Updated golang packages fix security vulnerability
In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error. CVE-2022-27664 JoinPath and URL.JoinPath do not remove ../ path elements appended to a relative path...
Updated chromium-browser-stable packages fix security vulnerability
The chromium-browser-stable package has been updated to the new 106 branch with the 106.0.5249.61 version, fixing many bugs and 20 vulnerabilities; it brings as well some improvements. Some of the security fixes are: High CVE-2022-3304: Use after free in CSS. High CVE-2022-3201: Insufficient...
Updated bash packages fix security vulnerability
Bash has been updated to version 5.1.16 using a patch from Fedora to fix a security issue by adding a null check in the parameterbracetransform function...
Updated firejail packages fix security vulnerability
root escalation in --join logic CVE-2022-31214...
Updated libjpeg packages fix security vulnerability
The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary PPM file into a grayscale buffer and loading a 16-bit binary PGM file into an RGB buffer. This is related to a heap-based buffer overflow in the getwordrgbrow function in rdppm.c. CVE-2021-468...
Updated squid packages fix security vulnerability
Exposure of Sensitive Information in Cache Manager. CVE-2022-41317 Buffer Over Read in SSPI and SMB Authentication. CVE-2022-41318...
Updated python-mako packages fix security vulnerability
Denial of service attack via crafted regular expressions. CVE-2022-40023...
Updated expat packages fix security vulnerability
libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. CVE-2022-40674...
Updated nodejs packages fix security vulnerability
DNS rebinding in --inspect on macOS CVE-2022-32212 Bypass via obs-fold mechanic CVE-2022-32213 HTTP Request Smuggling Due to Incorrect Parsing of Header Fields CVE-2022-35256...
Updated perl-HTTP-Daemon packages fix security vulnerability
Request smuggling in HTTP::Daemon CVE-2022-31081...
Updated thunderbird packages fix security vulnerability
Improperly formed beacon events can disrupt or impede the matrix-js-sdk from functioning properlyCVE-2022-39236 Too permissive key forwarding strategy allowing impersonation CVE-2022-39249 Trusting/verifying the user identity under the control of the homeserver instead of the intended one...
Updated webkit2 packages fix security vulnerability
A buffer overflow issue which may lead to arbitrary code execution was addressed with improved memory handling. CVE-2022-32886 Visiting a website that frames malicious content may lead to UI spoofing. he issue was addressed with improved UI handling. CVE-2022-32891 A buffer overflow issue which m...
Updated thunderbird packages fix security vulnerabilities
When injecting an HTML base element, some requests would ignore the CSP's base-uri settings and accept the injected element's base instead CVE-2022-40956. By injecting a cookie with certain special characters, an attacker on a shared subdomain which is not a secure context could set and thus...
Updated tcpreplay packages fix security vulnerability
tcprewrite in Tcpreplay 4.4.1 has a reachable assertion in getlayer4v6 in common/get.c. CVE-2022-27939 tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in getipv6next in common/get.c. CVE-2022-27940 tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in getl2lenprotocol...
Updated google-gson packages fix security vulnerability
The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace method in internal classes, which may lead to DoS attacks. CVE-2022-25647...
Updated redis packages fix security vulnerability
Redis is an in-memory database that persists on disk. By exploiting weaknesses in the Lua script execution environment, an attacker with access to Redis prior to version 7.0.0 or 6.2.7 can inject Lua code that will execute with the potentially higher privileges of another Redis user. The Lua scri...
Updated open-vm-tools packages fix security vulnerability
A malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine CVE-2022-31676...
Updated sofia-sip packages fix security vulnerability
An attacker can send a message with evil sdp to FreeSWITCH, which may a cause a crash due to an out-of-bounds access. CVE-2022-31001 An attacker can send a message with evil sdp to FreeSWITCH, which may cause a crash. CVE-2022-31002 An out-of-bounds write. CVE-2022-31003...
Updated firefox packages fix security vulnerabilities
When injecting an HTML base element, some requests would ignore the CSP's base-uri settings and accept the injected element's base instead CVE-2022-40956. By injecting a cookie with certain special characters, an attacker on a shared subdomain which is not a secure context could set and thus...
Updated libxslt packages fix security vulnerability
Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30560...
Updated freecad packages fix security vulnerability
Improper sanitization in the invocation of ODA File Converter from FreeCAD 0.19 allows an attacker to inject OS commands via a crafted filename. CVE-2021-45844...
Updated dpkg packages fix security vulnerability
A malicious source package could write files outside the unpack directory. CVE-2022-1664...
Updated gimp packages fix security vulnerability
An issue in gimplayerinvalidateboundary of GNOME GIMP 2.10.30 allows attackers to trigger an unhandled exception via a crafted XCF file, causing a Denial of Service DoS. CVE-2022-32990...
Updated ostree packages fix security vulnerability
A memory corruption issue that could be triggered when diffing binary files. CVE-2014-9862...
Updated libtiff packages fix security vulnerability
libtiff's tiffcrop utility has a uint32t underflow that can lead to out of bounds read and write. An attacker who supplies a crafted file to tiffcrop likely via tricking a user to run tiffcrop on it with certain parameters could cause a crash or in some cases, further exploitation. CVE-2022-2867...
Updated sdl2 packages fix security vulnerability
There is a heap overflow problem in video/SDLpixels.c in SDL Simple DirectMedia Layer 2.x to 2.0.18 versions. By crafting a malicious .BMP file, an attacker can cause the application using this library to crash, for denial of service, or for Code execution. CVE-2021-33657...
Updated zlib packages fix security vulnerability
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call...
Updated python-lxml packages fix security vulnerability
NULL pointer dereference due to state leak between parser runs CVE-2022-2309...
Updated curl packages fix security vulnerability
Control code in cookie denial of service. CVE-2022-35252...
Updated mediawiki packages fix security vulnerability
Username is not escaped in the "welcomeuser" message T308471. Bundled guzzlehttp/guzzle has been updated to 6.5.8, fixing several issues CVE-2022-29248, CVE-2022-31042, CVE-2022-31043, CVE-2022-31090, CVE-2022-31091...
Updated schroot packages fix security vulnerability
Schroot before 1.6.13 had too permissive rules on chroot or session names, allowing a denial of service on the schroot service for all users that may start a schroot session. CVE-2022-2787...
Updated wireshark packages fix security vulnerability
F5 Ethernet Trailer dissector infinite loop wnpa-sec-2022-06...
Updated SDL12 packages fix security vulnerability
There is a heap overflow problem in video/SDLpixels.c in SDL Simple DirectMedia Layer 2.x to 2.0.18 versions. By crafting a malicious .BMP file, an attacker can cause the application using this library to crash, denial of service or Code execution. CVE-2021-33657 SDL v1.2 was discovered to contai...
Updated libtar packages fix security vulnerability
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc0 for a variable gnulonglink, causing an out-of-bounds read. CVE-2021-33643 An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger...
Updated rpm packages fix security vulnerability
RPM does not require subkeys to have a valid binding signature CVE-2021-3521...
Updated gstreamer1.0-plugins-good packages fix security vulnerability
It was discovered that GStreamer Good Plugins incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. CVE-2022-1920, CVE-2022-1921 It was discovered that GStreamer Good Plugins incorrectly handled certain files. An attacker could possibly use this...
Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 5.15.65 and fixes at least the following security issues: An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpftailcall function with a key larger than the maxentries of the map. This flaw allows a local...
Updated jupyter-notebook packages fix security vulnerability
It was discovered that Jupyter Notebook incorrectly handled certain notebooks. An attacker could possibly use this issue of lack of Content Security Policy in Nbconvert to perform cross-site scripting XSS attacks on the notebook server. CVE-2018-19351 It was discovered that Jupyter Notebook...
Updated connman packages fix security vulnerability
In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer overflow in receiveddata to execute code. CVE-2022-32292 In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a...
Updated xpdf packages fix security vulnerability
In Xpdf prior to 4.04, the DCT JPEG decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc. CVE-2022-24106 Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc...
Updated chromium-browser-stable packages fix security vulnerability
The chromium-browser-stable package has been updated to the new 105 branch with the 105.0.5195.102 version, fixing many bugs and 25 vulnerabilities. Google is aware of reports that an exploit for CVE-2022-3075 exists in the wild. Some of the addressed CVE are listed below: High CVE-2022-3075:...
Updated ytnef packages fix security vulnerability
In ytnef 1.9.3, the TNEFSubjectHandler function in lib/ytnef.c allows remote attackers to cause a denial-of-service and potentially code execution due to a double free which can be triggered via a crafted file. CVE-2021-3403 In ytnef 1.9.3, the SwapWord function in lib/ytnef.c allows remote...
Updated webkit2 packages fix security vulnerability
Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2022-32893...
Updated python-ldap packages fix security vulnerability
It was discovered that Python LDAP incorrectly handled certain regular expressions. A remote attacker could possibly use this issue to cause a denial of service CVE-2021-46823...
Updated clamav packages fix security vulnerability
ClamAV 0.103.7 is a critical patch release with the following fixes: Upgrade the vendored UnRAR library to version 6.1.7. Fix logical signature "Intermediates" feature. Relax constraints on slightly malformed zip archives that contain overlapping file entries...
Updated thunderbird packages fix security vulnerability
Address bar spoofing via XSLT error handling CVE-2022-38472 Cross-origin XSLT Documents would have inherited the parent's permissions CVE-2022-38473 Memory safety bugs. CVE-2022-38478...
Updated postgresql packages fix security vulnerability
Autovacuum, REINDEX, and others omit "security restricted operation" sandbox CVE-2022-1552 Extension scripts replace objects not belonging to the extension CVE-2022-2625...