Intercom, Inc. Security Vulnerabilities

Photon OS 1.0: Binutils PHSA-2017-0010

An update of the binutils package has been...

Slackware 14.1 / 14.2 : mariadb (SSA:2019-032-01)

New mariadb packages are available for Slackware 14.1 and 14.2 to fix security...

Debian DSA-4375-1 : spice - security update

Christophe Fergeau discovered an out-of-bounds read vulnerability in spice, a SPICE protocol client and server library, which might result in denial of service (spice server crash), or possibly, execution of arbitrary...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-5565-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5565-1 advisory. It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a...

Photon OS 2.0: Wget PHSA-2017-2.0-0008

An update of the wget package has been...

Photon OS 2.0: Gettext PHSA-2018-2.0-0116

An update of the gettext package has been...

Photon OS 2.0: Libtiff PHSA-2018-2.0-0016

An update of the libtiff package has been...

Photon OS 1.0: Binutils PHSA-2018-1.0-0112

An update of the binutils package has been...

Photon OS 2.0: Freetype2 PHSA-2018-2.0-0058

An update of the freetype2 package has been...

Photon OS 2.0: Perl PHSA-2018-2.0-0084

An update of the perl package has been...

Photon OS 1.0: Shadow PHSA-2018-1.0-0171

An update of the shadow package has been...

Photon OS 2.0: Librelp PHSA-2018-2.0-0039

An update of the librelp package has been...

Photon OS 1.0: Glibc PHSA-2017-0041

An update of the glibc package has been...

Photon OS 1.0: Grub2 PHSA-2016-0012

An update of the grub2 package has been...

Photon OS 1.0: Libxml2 PHSA-2017-0001

An update of the libxml2 package has been...

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : Netplan regression (USN-6851-2)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6851-2 advisory. USN-6851-1 fixed vulnerabilities in Netplan. The update lead to the discovery of a regression in netplan which caused systemctl...

Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6497-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6497-1 advisory. A flaw was found in KVM. An improper check in svm_set_x2apic_msr_interception() may allow direct access to host x2apic msrs when the guest resets...

Photon OS 1.0: Systemd PHSA-2017-0041

An update of the systemd package has been...

Photon OS 1.0: Tcpdump PHSA-2017-0033

An update of the tcpdump package has been...

Debian DSA-4382-1 : rssh - security update

Nick Cleaton discovered two vulnerabilities in rssh, a restricted shell that allows users to perform only scp, sftp, cvs, svnserve (Subversion), rdist and/or rsync operations. Missing validation in the rsync support could result in the bypass of this restriction, allowing the execution of...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : snapd vulnerability (USN-4728-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 20.10 host has packages installed that are affected by a vulnerability as referenced in the USN-4728-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...

Debian DLA-1640-1 : tmpreaper security update

It was discovered that tmpreaper, a program that cleans up files in directories based on their age, is vulnerable to a race condition. This vulnerability might be exploited by local attackers to perform privilege escalation. For Debian 8 'Jessie', this problem has been fixed in version...

Debian DLA-1636-1 : aria2 security update

It was discovered that aria2 (the lightweight command-line download utility) can store passed user credentials in a log file when using the --log option. This might allow local users to obtain sensitive information by reading this file. For Debian 8 'Jessie', this problem has been fixed in version....

Photon OS 2.0: Ruby PHSA-2018-2.0-0013

An update of the ruby package has been...

Photon OS 1.0: Libgcrypt PHSA-2018-1.0-0182

An update of the libgcrypt package has been...

Photon OS 2.0: Strongswan PHSA-2018-2.0-0075

An update of the strongswan package has been...

Photon OS 2.0: Libtiff PHSA-2018-2.0-0060

An update of the libtiff package has been...

Photon OS 1.0: Perl PHSA-2018-1.0-0175

An update of the perl package has been...

Photon OS 1.0: Net PHSA-2018-1.0-0126

An update of the net package has been...

Photon OS 2.0: Libgcrypt PHSA-2018-2.0-0091

An update of the libgcrypt package has been...

Photon OS 2.0: Strongswan PHSA-2018-2.0-0086

An update of the strongswan package has been...

Photon OS 2.0: Binutils PHSA-2018-2.0-0021

An update of the binutils package has been...

Photon OS 1.0: Freetype2 PHSA-2018-1.0-0148

An update of the freetype2 package has been...

Photon OS 1.0: Pycrypto PHSA-2018-1.0-0126

An update of the pycrypto package has been...

Photon OS 1.0: Curl PHSA-2018-1.0-0186

An update of the curl package has been...

Debian DSA-4363-1 : python-django - security update

It was discovered that malformed URLs could spoof the content of the default 404 page of Django, a Python web development...

Ubuntu 23.10 / 24.04 LTS : Rack vulnerabilities (USN-6837-1)

The remote Ubuntu 23.10 / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6837-1 advisory. It was discovered that Rack incorrectly handled Multipart MIME parsing. A remote attacker could possibly use this issue to cause Rack to...

Photon OS 1.0: Rsyslog PHSA-2017-0030

An update of the rsyslog package has been...

Photon OS 1.0: Ruby PHSA-2017-0029

An update of the ruby package has been...

Photon OS 1.0: Systemd PHSA-2017-0044

An update of the systemd package has been...

CVE-2024-2026

The Passster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's content_protector shortcode in all versions up to, and including, 4.2.6.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated....

Debian DSA-4380-1 : golang-1.8 - security update

A vulnerability was discovered in the implementation of the P-521 and P-384 elliptic curves, which could result in denial of service and in some cases key recovery. In addition this update fixes two vulnerabilities in 'go get', which could result in the execution of arbitrary shell...

Debian DLA-1656-1 : agg security update

A stack overflow vulnerability was discovered in AGG, the AntiGrain Geometry graphical toolkit, that may lead to code execution if a malformed file is processed. Since AGG only provides a static library, the desmume and exactimage packages were rebuilt against the latest security update. For...

Photon OS 2.0: Go PHSA-2018-2.0-0034

An update of the go package has been...

Photon OS 1.0: Go PHSA-2018-1.0-0117

An update of the go package has been...

Photon OS 1.0: Ruby PHSA-2018-1.0-0100

An update of the ruby package has been...

Photon OS 2.0: Go PHSA-2018-2.0-0026

An update of the go package has been...

Photon OS 2.0: Curl PHSA-2018-2.0-0096

An update of the curl package has been...

KrebsOnSecurity Threatened with Defamation Lawsuit Over Fake Radaris CEO

On March 8, 2024, KrebsOnSecurity published a deep dive on the consumer data broker Radaris, showing how the original owners are two men in Massachusetts who operated multiple Russian language dating services and affiliate programs, in addition to a dizzying array of people-search websites. The...

Ubuntu 12.04 LTS : openjdk-6 vulnerabilities (USN-2972-1)

Multiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service, expose sensitive data over the network, or possibly execute arbitrary code. (CVE-2016-0686, CVE-2016-0687,.....