907426 matches found
RLSA-2022:7006 Moderate: java-1.8.0-openjdk security update
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: OpenJDK: excessive memory allocation in X.509 certificate parsing Security, 8286533 CVE-2022-21626 OpenJDK: HttpServer no connection count limit...
CVE-2022-42719
A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers able to inject WLAN frames to crash the kernel and potentially execute code...
GO-2022-1026 Incorrect validation of root DNSSEC public keys in github.com/peterzen/goresolver
DNSSEC validation is not performed correctly. An attacker can cause this package to report successful validation for invalid, attacker-controlled records. Root DNSSEC public keys are not validated, permitting an attacker to present a self-signed root key and delegation chain...
CVE-2022-35252
When curl is used to retrieve and parse cookies from a HTTPS server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings...
CVE-2022-40674
libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c...
ALSA-2022:6460 Moderate: kernel security, bug fix, and enhancement update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: Incomplete cleanup of multi-core shared buffers aka SBDR CVE-2022-21123 Incomplete cleanup of microarchitectural fill buffers aka SBDS CVE-2022-21125 Incomplete cleanup in specific special regist...
DLA-3107-1 sqlite3 - security update
Bulletin has no description...
GO-2022-0965 Unbounded recursion in JSON parsing in k8s.io/apimachinery
Unbounded recursion in JSON parsing allows malicious JSON input to cause excessive memory consumption or panics...
CVE-2022-39189
An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVMVCPUPREEMPTED situations...
DSA-5201-1 chromium - security update
Bulletin has no description...
GO-2022-0189 Remote command execution via "go get" with "-u" flag in cmd/go
The "go get" command is vulnerable to remote code execution when executed with the -u flag and the import path of a malicious Go package, or a package that imports it directly or indirectly. Specifically, it is only vulnerable in GOPATH mode, but not in module mode the distinction is documented a...
ASB-A-219498290
In get of PacProxyService.java, there is a possible system service crash due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation...
DSA-5173-1 linux - security update
Bulletin has no description...
CVE-2022-2286 Out-of-bounds Read in vim/vim
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0...
GO-2022-0400 Race condition in github.com/ntbosscher/gobase
A race condition can cause incorrect HTTP request routing...
DLA-3040-1 firefox-esr - security update
Bulletin has no description...
ASB-A-151095871
Bulletin has no description...
CVE-2022-22576
An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL-enabled protocol...
GHSA-286V-PCF5-25RC Nokogiri Implements libxml2 version vulnerable to null pointer dereferencing
A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest...
GO-2021-0319 Incorrect computation for some invalid field elements in crypto/elliptic
Some big.Int values that are not valid field elements negative or overflowing might cause Curve.IsOnCurve to incorrectly return true. Operating on those values may cause a panic or an invalid curve operation. Note that Unmarshal will never return such values...
GO-2022-0289 Misdirected I/O in syscall
When a Go program running on a Unix system is out of file descriptors and calls syscall.ForkExec including indirectly by using the os/exec package, syscall.ForkExec can close file descriptor 0 as it fails. If this happens or can be provoked repeatedly, it can result in misdirected I/O such as...
DSA-5139-1 openssl - security update
Bulletin has no description...
GHSA-9X97-X2P9-HVPF Fileutils Command Injection vulnerability
Ruby Gem Fileutils prior to v0.7.1 contains a Command Injection vulnerability in user supplied url variable that is passed to the shell...
GHSA-CV3F-PX9R-54HM Phusion Passenger information disclosure
In agent/Core/SpawningKit/Spawner.h in Phusion Passenger 5.1.10 fixed in Passenger Open Source 5.1.11 and Passenger Enterprise 5.1.10, if Passenger is running as root, it is possible to list the contents of arbitrary files on a system by symlinking a file named REVISION from the application root...
RLSA-2022:2200 Important: .NET 5.0 security, bug fix, and enhancement update
.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 5.0.214 and .NET Core...
RLSA-2022:2013 Moderate: openssh security, bug fix, and enhancement update
OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: openssh: privilege escalation when AuthorizedKeysCommand or AuthorizedPrincipalsCommand are...
RUSTSEC-2022-0018 Timing attack
Affecting versions did not compare tokens in constant time, which could make it possible for an attacker to guess the 2fa token of a user. This has been fixed by using using the crate constanttimeeq for comparison...
DSA-5133-1 qemu - security update
Bulletin has no description...
CVE-2022-1292
The crehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the...
DSA-5125-1 chromium - security update
Bulletin has no description...
CVE-2022-29153
HashiCorp Consul and Consul Enterprise up to 1.9.16, 1.10.9, and 1.11.4 may allow server side request forgery when the Consul client agent follows redirects returned by HTTP health check endpoints. Fixed in 1.9.17, 1.10.10, and 1.11.5...
DLA-2977-1 xz-utils - security update
Bulletin has no description...
DSA-5115-1 webkit2gtk - security update
Bulletin has no description...
DSA-5116-1 wpewebkit - security update
Bulletin has no description...
CVE-2022-26359
IOMMU: RMRR VT-d and unity map AMD-Vi handling issues This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Certain PCI devices in a system might be assigned Reserved Memory Regions specified via Reserved Memory Region...
GHSA-C2JG-HW38-JRQQ Inconsistent Interpretation of HTTP Requests in twisted.web
The Twisted Web HTTP 1.1 server, located in the twisted.web.http module, parsed several HTTP request constructs more leniently than permitted by RFC 7230: 1. The Content-Length header value could have a + or - prefix. 2. Illegal characters were permitted in chunked extensions, such as the LF \n...
DLA-2970-1 qemu - security update
Bulletin has no description...
DLA-2968-1 zlib - security update
Bulletin has no description...
CVE-2022-22719
A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Server 2.4.52 and earlier...
CVE-2020-36518
jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects...
GHSA-7F63-H6G3-7CWM Cross Site Scripting (XSS) in @finastra/ssr-pages
A cross site scripting XSS issue can occur when providing untrusted input to the redirect.link property as an argument to the buildMessagePageOptions function. References - https://github.com/Finastra/ssr-pages/pull/2 -...
GO-2021-0240 Panic when reading certain archives in archive/zip
NewReader and OpenReader can cause a panic or an unrecoverable fatal error when reading an archive that claims to contain a large number of files, regardless of its actual size...
CVE-2021-43299
Stack overflow in PJSUA API when calling pjsuaplayercreate. An attacker-controlled 'filename' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation...
GHSA-878W-7GXP-MC63 SQL Injection in Spring Cloud Task
In applications using Spring Cloud Task 2.2.4.RELEASE and below, may be vulnerable to SQL injection when exercising certain lookup queries in the TaskExplorer...
GHSA-C597-F74M-JGC2 Improper Certificate Validation and Improper Validation of Certificate with Host Mismatch in Keycloak
A flaw was found in Keycloak in versions before 10.0.0, where it does not perform the TLS hostname verification while sending emails using the SMTP server. This flaw allows an attacker to perform a man-in-the-middle MITM attack...
DLA-2898-1 nss - security update
Bulletin has no description...
DSA-5058-1 openjdk-17 - security update
Bulletin has no description...
DSA-5044-1 firefox-esr - security update
Bulletin has no description...
CVE-2021-44732
Mbed TLS before 3.0.1 has a double free in certain out-of-memory conditions, as demonstrated by an mbedtlssslsetsession failure...
CVE-2021-45046
It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map MDC input data when the logging configuration uses a non-default Pattern Layout with either a Context...