908999 matches found
DSA-5468-1 webkit2gtk - security update
Bulletin has no description...
CVE-2023-34634
Greenshot 1.2.10 and below allows arbitrary code execution because .NET content is insecurely deserialized when a .greenshot file is opened...
ASB-A-272783039
In SDPAddAttribute of sdpdb.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote proximal/adjacent code execution with no additional execution privileges needed. User interaction is not needed for exploitation...
GHSA-Q9VM-29PH-P7MP phpMyFAQ Stored Cross-site Scripting vulnerability
Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.16...
CVE-2023-38488 Kirby vulnerable to field injection in the KirbyData text storage handler
Kirby is a content management system. A vulnerability in versions prior to 3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, and 3.9.6 affects all Kirby sites that might have potential attackers in the group of authenticated Panel users or that allow external visitors to update a Kirby content file e.g. via a...
CVE-2023-37477 Command injection in firewall ip functionality in 1Panel
1Panel is an open source Linux server operation and maintenance management panel. An OS command injection vulnerability exists in 1Panel firewall functionality. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger...
ALSA-2023:4100 Important: bind9.16 security update
The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...
RLSA-2023:3923 Critical: go-toolset and golang security update
Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. The golang packages provide the Go programming language compiler. Security Fixes: golang: cmd/go: go command may generate unexpected code at build time when using cgo CVE-2023-29402 golang:...
CVE-2023-30586
A privilege escalation vulnerability exists in Node.js 20 that allowed loading arbitrary OpenSSL engines when the experimental permission model is enabled, which can bypass and/or disable the permission model. The attack complexity is high. However, the crypto.setEngine API can be used to bypass...
ASB-A-274005916
Bulletin has no description...
ASB-A-261723753
In PreferencesHelper.java, an uncaught exception may cause the device to get stuck in a boot loop. This could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
GHSA-76F7-9V52-V2FW Remote Code Execution for 2.4.1 and earlier
Impact OpenTSDB is vulnerable to Remote Code Execution vulnerability by writing user-controlled input to Gnuplot configuration file and running Gnuplot with the generated configuration. Patches Patched in 07c4641471c6f5c2ab5aab615969e97211eb50d9 and further refined in...
GHSA-GH24-9QJJ-MR67 Microsoft Security Advisory CVE-2023-33126: .NET Remote Code Execution Vulnerability
Microsoft Security Advisory CVE-2023-33126: .NET Remote Code Execution Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update thei...
GHSA-X469-CV7M-77R9 .NET Remote Code Execution Vulnerability
Microsoft Security Advisory CVE-2023-33128: .NET Remote Code Execution Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0. This advisory also provides guidance on what developers can do to update their application...
ALSA-2023:3592 Important: .NET 7.0 security, bug fix, and enhancement update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.107 and .NET Runtime 7.0.7. The...
GO-2023-1840 Unsafe behavior in setuid/setgid binaries in runtime
On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits. This can be dangerous in certain cases, such as when dumping memory state, or assuming the status of standard i/o file descriptors. If a setuid/setgid binary is executed with standard I...
CVE-2023-34109 User input results in Unbounded resource consumption in @zxcvbn-ts/core
zxcvbn-ts is an open source password strength estimator written in typescript. This vulnerability affects users running on the nodeJS platform which are using the second argument of the zxcvbn function. It can result in an unbounded resource consumption as the user inputs array is extended with...
DLA-3446-1 linux-5.10 - security update
Bulletin has no description...
RLSA-2023:3319 Important: go-toolset:Rocky Linux8 security update
Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: golang: html/template: improper handling of JavaScript whitespace CVE-2023-24540 For more details about the security issues, including the impact, a CVSS score, acknowledgment...
GHSA-MGC4-WQV7-4PXM SwiftNIO vulnerable to HTTP request smuggling using malformed Transfer-Encoding header
Impact Affected SwiftNIO systems are vulnerable to request smuggling attacks, in which they parse a given HTTP message differently from other network parties, potentially seeing a different number of requests than other servers. This can lead to failures of authentication, routing, and other...
ALSA-2023:2932 Important: edk2 security update
EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fixes: openssl: X.400 address type confusion in X.509 GeneralName CVE-2023-0286 openssl: timing attack in RSA Decryption...
CVE-2023-30256
Cross Site Scripting vulnerability found in Webkil QloApps v.1.5.2 allows a remote attacker to obtain sensitive information via the back and emailcreate parameters in the AuthController.php file...
CVE-2023-25568 Boxo bitswap/server: DOS unbounded persistent memory leak
Boxo, formerly known as go-libipfs, is a library for building IPFS applications and implementations. In versions 0.4.0 and 0.5.0, if an attacker is able allocate arbitrary many bytes in the Bitswap server, those allocations are lasting even if the connection is closed. This affects users acceptin...
ALSA-2023:2453 Moderate: libtpms security update
The libtpms is a library providing Trusted Platform Module TPM functionality for virtual machines. Security Fixes: tpm: TCG TPM2.0 implementations vulnerable to memory corruption CVE-2023-1017 tpm2: TCG TPM2.0 implementations vulnerable to memory corruption CVE-2023-1018 For more details about th...
GHSA-7V2V-9RM4-7M8F Shopware Has Improper Control of Generation of Code in Twig rendered views
Impact We fixed with CVE-2023-22731 Twig filters to only be executed with allowed functions. It is possible to pass PHP Closures as string or an array and array crafted PHP Closures was not checked against allow list Patches The problem has been fixed with 6.4.20.1 with an improved override...
CVE-2023-29018 OpenFeature Operator vulnerable to Cluster-level Privilege Escalation
The OpenFeature Operator allows users to expose feature flags to applications. Assuming the pre-existence of a vulnerability that allows for arbitrary code execution, an attacker could leverage the lax permissions configured on open-feature-operator-controller-manager to escalate the privileges o...
RLSA-2023:1673 Important: httpd:2.4 security update
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: HTTP request splitting with modrewrite and modproxy CVE-2023-25690 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...
RLSA-2023:0965 Moderate: php security update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php 8.0.27. BZ2161667 Security Fixes: XKCP: buffer overflow in the SHA-3 reference implementation CVE-2022-37454 php: standard insecure cook...
DSA-5381-1 tomcat9 - security update
Bulletin has no description...
GHSA-232P-VWFF-86MP Docker Swarm encrypted overlay network may be unauthenticated
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component dockerd, which is developed as moby/moby is commonly referred to as Docker. Swarm Mode, which is...
ALSA-2023:1583 Moderate: nodejs:18 security, bug fix, and enhancement update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 18.14.2. Security Fixes: glob-parent: Regular Expression Denial of Service...
ASB-A-242040055
In retrieveServiceLocked of ActiveServices.java, there is a possible way to dynamically register a BroadcastReceiver using permissions of System App due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction ...
ASB-A-243130512
In multiple functions of RunningTasks.java, there is a possible privilege escalation due to a missing privilege check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
GHSA-6G43-88CP-W5GV Prototype pollution in matrix-react-sdk
Impact In certain configurations, data sent by remote servers containing special strings in key locations could cause modifications of the Object.prototype, disrupting matrix-react-sdk functionality, causing denial of service and potentially affecting program logic. This is part 2, where...
DSA-5373-1 node-sqlite3 - security update
Bulletin has no description...
GHSA-XM67-587Q-R2VW wasmtime vulnerable to miscompilation of `i8x16.select` with the same inputs on x86_64
Impact Wasmtime's code generation backend, Cranelift, has a bug on x8664 platforms for the WebAssembly i8x16.select instruction which will produce the wrong results when the same operand is provided to the instruction and some of the selected indices are greater than 16. There is an off-by-one...
DSA-5371-1 chromium - security update
Bulletin has no description...
GO-2023-1621 Incorrect calculation on P256 curves in crypto/internal/nistec
The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars a scalar larger than the order of the curve. This does not impact usages of crypto/ecdsa or crypto/ecdh...
CVE-2023-26492 Directus vulnerable to Server-Side Request Forgery On File Import
Directus is a real-time API and App dashboard for managing SQL database content. Directus is vulnerable to Server-Side Request Forgery SSRF when importing a file from a remote web server POST to /files/import. An attacker can bypass the security controls by performing a DNS rebinding attack and...
ASB-A-261470730
Bulletin has no description...
ALSA-2023:0979 Important: kernel-rt security and bug fix update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: use-after-free caused by l2capreassemblesdu in net/bluetooth/l2capcore.c CVE-2022-3564 kernel: stack overflow in doprocdointvec an...
RLSA-2023:0848 Moderate: php:8.0 security update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php 8.0. BZ2161666 Security Fixes: XKCP: buffer overflow in the SHA-3 reference implementation CVE-2022-37454 php: standard insecure cookie...
ALSA-2023:0837 Moderate: systemd security and bug fix update
The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes...
PYSEC-2023-47
Buffer Overflow vulnerability in Saltstack v.3003 and before allows attacker to execute arbitrary code via the func variable in salt/salt/modules/status.py file...
CVE-2023-22578
Due to improper artibute filtering in the sequalize js library, can a attacker peform SQL injections...
GO-2023-1519 Command injection in github.com/rancher/wrangler
A command injection vulnerability exists in the Wrangler Git package. Specially crafted commands can be passed to Wrangler that will change their behavior and cause confusion when executed through Git, resulting in command injection in the underlying host. A workaround is to sanitize input passed...
GHSA-C2JC-4FPR-4VHG @sideway/formula contains Regular Expression Denial of Service (ReDoS) Vulnerability
Impact User-provided strings to formula's parser might lead to polynomial execution time. Patches Users should upgrade to 3.0.1+. Workarounds None...
DLA-3308-1 webkit2gtk - security update
Bulletin has no description...
GHSA-PX2F-CQRF-F2QG CSRF vulnerability in Jenkins TestQuality Updater Plugin
A cross-site request forgery CSRF vulnerability in Jenkins TestQuality Updater Plugin 1.3 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified username and password...
ALSA-2023:0338 Moderate: libxml2 security update
The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: integer overflows with XMLPARSEHUGE CVE-2022-40303 libxml2: dict corruption caused by entity reference cycles CVE-2022-40304 For more details about the security issues,...