5998 matches found
Updated ruby-nokogiri packages fix security vulnerability
Nokogiri did not type-check all inputs into the XML and HTML4 SAX parsers, allowing specially crafted untrusted inputs to cause illegal memory access errors segfault or reads from unrelated memory. Version 1.13.6 contains a patch for this issue. As a workaround, ensure the untrusted input is a...
Updated nvidia390 packages fix security vulnerabilities
Updated nvidia390 packages fix security vulnerabilities: NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer, where an unprivileged regular user on the network can cause an out-of-bounds write through a specially crafted shader, which may lead to code execution, denial of...
Updated ffmpeg packages fix security vulnerability
This update provides ffmpeg version 4.3.4, which fixes several security vulnerabilities and other bugs which were corrected upstream...
Updated opencontainers-runc packages fix security vulnerability
A bug was found in runc where runc exec --cap executed processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capabilities to elevate those capabilities to the permitted set during execve2. This bug did n...
Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 5.15.41 and fixes at least the following security issues: A flaw was found in unrestricted eBPF usage by the BPFBTFLOAD, leading to a possible out-of-bounds memory write in the Linux kernel BPF subsystem due to the way a user loads BTF. This flaw allows a...
Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.15.41 and fixes at least the following security issues: A flaw was found in unrestricted eBPF usage by the BPFBTFLOAD, leading to a possible out-of-bounds memory write in the Linux kernel BPF subsystem due to the way a user loads BTF. This flaw allo...
Updated microcode packages fix security vulnerabilities
Updated microcodes for Intel processors, fixing various functional issues, and at least the following security issues: Sensitive information accessible by physical probing of JTAG interface for some IntelR Processors with SGX may allow an unprivileged user to potentially enable information...
Updated htmldoc packages fix security vulnerability
There is a vulnerability in htmldoc 1.9.16. In imageloadjpeg function image.cxx when it calls malloc,'img-width' and 'img-height' they are large enough to cause an integer overflow. So, the malloc function may return a heap blosmaller than the expected size, and it will cause a buffer...
Updated python-django packages fix security vulnerability
Potential SQL injection in QuerySet.annotate, aggregate, and extra CVE-2022-28346 Potential SQL injection via QuerySet.explainoptions on PostgreSQL QuerySet.explain CVE-2022-28347...
Updated python-oslo-utils packages fix security vulnerability
oslo.utils could be made to expose sensitive information if it received a specially crafted input CVE-2022-0718...
Updated chromium-browser-stable packages fix security vulnerability
The chromium-browser-stable package has been updated to the 101.0.4951.64 version, fixing many bugs and 13 CVE. Some of them are listed below: 1316990 High CVE-2022-1633: Use after free in Sharesheet. Reported by Khalil Zhani on 2022-04-18 1314908 High CVE-2022-1634: Use after free in Browser UI...
Updated python-waitress packages fix security vulnerability
When using Waitress versions 2.1.0 and prior behind a proxy that does not properly validate the incoming HTTP request matches the RFC7230 standard, Waitress and the frontend proxy may disagree on where one request starts and where it ends. This would allow requests to be smuggled via the front-en...
Updated xmlrpc-c packages fix security vulnerability
xmltokimpl.c in Expat aka libexpat before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context. CVE-2022-25235...
Updated curl packages fix security vulnerability
CERTINFO never-ending busy-loop. CVE-2022-27781 TLS and SSH connection too eager reuse. CVE-2022-27782...
Updated clamav packages fix security vulnerability
Infinite loop vulnerability in the CHM file parser. Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions. CVE-2022-20770 Infinite loop vulnerability in the TIFF file parser. Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior...
Updated golang-github-prometheus-client packages fix security vulnerability
HTTP server is susceptible to a Denial of Service through unbounded cardinality, and potential memory exhaustion, when handling requests with non-standard HTTP methods...
Updated python-django-registration packages fix security vulnerability
Sensitive data could be included in error reports CVE-2021-21416...
Updated python-nbxmpp packages fix security vulnerability
Missing input sanitising in python-nbxmpp, a Jabber/XMPP Python library, could result in denial of service in clients based on it such as Gajim...
Updated fish packages fix security vulnerability
Arbitrary Code Execution. CVE-2022-20001...
Updated cairo packages fix security vulnerability
cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote attackers to cause a denial of service out-of-bounds read because of mishandling of an unexpected malloc0 call. CVE-2017-9814...
Updated freetype2 packages fix security vulnerability
FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfntinitface. CVE-2022-27404 FreeType commit 53dfdcd8198d2b3201a23c4bad9190519ba918db was discovered to contain a segmentation violation via the function FNTSizeRequest...
Updated python-rencode packages fix security vulnerability
The rencode package through 1.0.6 for Python allows an infinite loop in typecode decoding such as via ;\x2f\x7f, enabling a remote attack that consumes CPU and memory. CVE-2021-40839...
Updated python-twisted packages fix security vulnerability
CVE-2022-21712: It was discovered that Twisted incorrectly filtered HTTP headers when clients are being redirected to another origin. A remote attacker could use this issue to obtain sensitive information. CVE-2022-21716: It was discovered that Twisted incorrectly processed SSH handshake data on...
Updated python-ujson packages fix security vulnerability
UltraJSON aka ujson through 5.1.0 has a stack-based buffer overflow in BufferAppendIndentUnchecked called from encode. Exploitation can, for example, use a large amount of indentation. CVE-2021-45958...
Updated cifs-utils packages fix security vulnerability
In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges. CVE-2022-27239 cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains = equal sign...
Updated sqlite3 packages fix security vulnerability
DISPUTED A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report because a sqlite3.exe user already has full privileges e.g., is intentional...
Updated slurm packages fix security vulnerability
Incorrect Access Control that leads to Information Disclosure. CVE-2022-29500 Incorrect Access Control that leads to Escalation of Privileges and code execution. CVE-2022-29501...
Updated libcaca packages fix security vulnerability
libcaca is affected by a Divide By Zero issue via img2txt, which allows a remote malicious user to cause a Denial of Service. CVE-2022-0856...
Updated openssl packages fix security vulnerability
The crehash script allows command injection. CVE-2022-1292...
Updated gerbv packages fix security vulnerability
An information disclosure vulnerability exists in the pick-and-place rotation parsing functionality of Gerbv 2.7.0 and dev commit b5f1eacd, and Gerbv forked 2.8.0. A specially-crafted pick-and-place file can exploit the missing initialization of a structure to leak memory contents. An attacker ca...
Updated libxml2 packages fix security vulnerability
In libxml2 before 2.9.14, several buffer handling functions in buf.c xmlBuf and tree.c xmlBuffer don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer...
Updated python-pillow packages fix security vulnerability
pathgetbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path. CVE-2022-22815 pathgetbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path. CVE-2022-22816 PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary...
Updated golang packages fix security vulnerability
encoding/pem: fix stack overflow in Decode. A large more than 5 MB PEM input can cause a stack overflow in Decode, leading the program to crash CVE-2022-24675 crypto/elliptic: tolerate all oversized scalars in generic P-256. A crafted scalar input longer than 32 bytes can cause P256.ScalarMult or...
Updated ruby-nokogiri packages fix security vulnerability
Fix for possible DOS by regex. CVE-2022-24836...
Updated rsyslog packages fix security vulnerability
Potential heap buffer overflow in TCP syslog server receiver components CVE-2022-24903...
Updated lighttpd packages fix security vulnerability
In lighttpd 1.4.46 through 1.4.63, the modextforwardForwarded function of the modextforward plugin has a stack-based buffer overflow 4 bytes representing -1, as demonstrated by remote denial of service daemon crash in a non-default configuration. The non-default configuration requires handling of...
Updated dcraw packages fix security vulnerability
A buffer over-read in cropmaskedpixels in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information. CVE-2018-19565 A heap buffer over-read in parsetiffifd in dcraw through 9.28 could be used by...
Updated thunderbird packages fix security vulnerability
Incorrect security status shown after viewing an attached email. CVE-2022-1520 Fullscreen notification bypass using popups. CVE-2022-29914 Bypassing permission prompt in nested browsing contexts. CVE-2022-29909 Leaking browser history with CSS variables. CVE-2022-29916 iframe sandbox bypass...
Updated firefox packages fix security vulnerability
Documents in deeply-nested cross-origin browsing contexts could have obtained permissions granted to the top-level origin, bypassing the existing prompt and wrongfully inheriting the top-level permissions CVE-2022-29909. Firefox did not properly protect against top-level navigations for an iframe...
Updated curl packages fix security vulnerability
OAUTH2 bearer bypass in connection re-use. CVE-2022-22576 Credential leak on redirect. CVE-2022-27774 Bad local IPv6 connection reuse. CVE-2022-27775 Auth/cookie leak on redirect. CVE-2022-27776...
Updated chromium-browser-stable packages fix security vulnerability
Use after free in Vulkan. CVE-2022-1477 Use after free in SwiftShader. CVE-2022-1478 Use after free in ANGLE. CVE-2022-1479 Use after free in Sharing. CVE-2022-1481 Inappropriate implementation in WebGL. CVE-2022-1482 Heap buffer overflow in WebGPU. CVE-2022-1483 Heap buffer overflow in Web UI...
Updated firefox/nss/rootcerts packages fix security vulnerability
NSSToken objects were referenced via direct points, and could have been accessed in an unsafe way on different threads, leading to a use-after-free and potentially exploitable crash CVE-2022-1097. After a VR Process is destroyed, a reference to it may have been retained and used, leading to a...
Updated thunderbird packages fix security vulnerabilities
The updated thunderbird packages fix security vulnerabilities: Use-after-free in NSSToken objects CVE-2022-1097. Use-after-free after VR Process destruction CVE-2022-1196. OpenPGP revocation information was ignored CVE-2022-1197. Denial of Service via complex regular expressions CVE-2022-24713...
Updated kernel packages fix security vulnerabilities
This kernel update is based on upstream 5.15.35 and fixes at least the following security issues: A denial of service DOS issue was found in the Linux kernel smb2ioctlqueryinfo function in the fs/cifs/smb2ops.c Common Internet File System CIFS due to an incorrect return from the memdupuser...
Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.15.35 and fixes at least the following security issues: A denial of service DOS issue was found in the Linux kernel smb2ioctlqueryinfo function in the fs/cifs/smb2ops.c Common Internet File System CIFS due to an incorrect return from the memdupuser...
Updated virtualbox packages fix security vulnerabilities
Updated virtualbox packages fix security vulnerabilities: Vulnerability in the Oracle VM VirtualBox prior to 6.1.34 contains an easily exploitable vulnerability that allows a high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM...
Updated libdxfrw packages fix security vulnerability
A code execution vulnerability exists in the dwgCompressor::decompress18 functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dwg file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability. CVE-2021-21898 A code...
Updated librecad packages fix security vulnerability
A buffer overflow vulnerability in CDataMoji of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an attacker to achieve Remote Code Execution using a crafted JWW document. CVE-2021-45341 A buffer overflow vulnerability in CDataList of the jwwlib component of LibreCAD 2.2.0-rc3 and olde...
Updated libinput packages fix security vulnerability
libinput could be made to crash or expose sensitive information. CVE-2022-1215...
Updated gzip/xz packages fix security vulnerability
zgrep, xzgrep: arbitrary-file-write vulnerability. CVE-2022-1271...