Ragic, Inc. Security Vulnerabilities

Photon OS 2.0: Libtiff PHSA-2018-2.0-0016

An update of the libtiff package has been...

Photon OS 2.0: Wget PHSA-2017-2.0-0008

An update of the wget package has been...

Photon OS 1.0: Binutils PHSA-2018-1.0-0112

An update of the binutils package has been...

Photon OS 2.0: Librelp PHSA-2018-2.0-0039

An update of the librelp package has been...

Photon OS 2.0: Perl PHSA-2018-2.0-0084

An update of the perl package has been...

Photon OS 2.0: Freetype2 PHSA-2018-2.0-0058

An update of the freetype2 package has been...

Photon OS 1.0: Shadow PHSA-2018-1.0-0171

An update of the shadow package has been...

CVE-2024-2501

The Hubbub Lite – Fast, Reliable Social Sharing Buttons plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.33.1 via deserialization of untrusted input via the 'dpsp_maybe_unserialize' function. This makes it possible for authenticated attackers, with....

Photon OS 1.0: Ruby PHSA-2017-0002

An update of the ruby package has been...

Photon OS 1.0: Ruby PHSA-2017-0034

An update of the ruby package has been...

Photon OS 1.0: Freetype2 PHSA-2017-0041

An update of the freetype2 package has been...

Photon OS 1.0: Openjre PHSA-2016-0015

An update of the openjre package has been...

Debian DSA-4365-1 : tmpreaper - security update

Stephen Roettger discovered a race condition in tmpreaper, a program that cleans up files in directories based on their age, which could result in local privilege...

Debian DSA-4364-1 : ruby-loofah - security update

It was discovered that ruby-loofah, a general library for manipulating and transforming HTML/XML documents and fragments, performed insufficient sanitising of SVG...

Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6497-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6497-1 advisory. A flaw was found in KVM. An improper check in svm_set_x2apic_msr_interception() may allow direct access to host x2apic msrs when the guest resets...

Photon OS 1.0: Ruby PHSA-2017-0037

An update of the ruby package has been...

Photon OS 1.0: Openssh PHSA-2016-0014

An update of the openssh package has been...

Photon OS 1.0: Pycrypto PHSA-2017-0026

An update of the pycrypto package has been...

Debian DSA-4380-1 : golang-1.8 - security update

A vulnerability was discovered in the implementation of the P-521 and P-384 elliptic curves, which could result in denial of service and in some cases key recovery. In addition this update fixes two vulnerabilities in 'go get', which could result in the execution of arbitrary shell...

CVE-2022-40538

Transient DOS due to reachable assertion in modem while processing sib with incorrect values from...

Photon OS 2.0: Curl PHSA-2018-2.0-0096

An update of the curl package has been...

Photon OS 1.0: Cairo PHSA-2017-0039

An update of the cairo package has been...

Photon OS 2.0: Libtiff PHSA-2017-2.0-0007

An update of the libtiff package has been...

Photon OS 1.0: Openldap PHSA-2017-0024

An update of the openldap package has been...

Debian DSA-4375-1 : spice - security update

Christophe Fergeau discovered an out-of-bounds read vulnerability in spice, a SPICE protocol client and server library, which might result in denial of service (spice server crash), or possibly, execution of arbitrary...

Slackware 14.0 / 14.1 / 14.2 : zsh (SSA:2019-013-01)

New zsh packages are available for Slackware 14.0, 14.1, and 14.2 to fix security...

Debian DLA-1631-1 : libcaca security update

Several vulnerabilities were discovered in libcaca, a graphics library that outputs text: integer overflows, floating point exceptions or invalid memory reads may lead to a denial of service (application crash) if a malformed image file is processed. For Debian 8 'Jessie', these problems have been....

CVE-2023-52644

In the Linux kernel, the following vulnerability has been resolved: wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled When QoS is disabled, the queue priority value will not map to the correct ieee80211 queue since there is only one queue. Stop/wake queue 0 when QoS is...

Photon OS 1.0: Tcpdump PHSA-2017-0033

An update of the tcpdump package has been...

Photon OS 1.0: Systemd PHSA-2017-0041

An update of the systemd package has been...

Debian DSA-4382-1 : rssh - security update

Nick Cleaton discovered two vulnerabilities in rssh, a restricted shell that allows users to perform only scp, sftp, cvs, svnserve (Subversion), rdist and/or rsync operations. Missing validation in the rsync support could result in the bypass of this restriction, allowing the execution of...

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : Netplan regression (USN-6851-2)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6851-2 advisory. USN-6851-1 fixed vulnerabilities in Netplan. The update lead to the discovery of a regression in netplan which caused systemctl...

Photon OS 1.0: Glibc PHSA-2017-0041

An update of the glibc package has been...

Photon OS 1.0: Grub2 PHSA-2016-0012

An update of the grub2 package has been...

Photon OS 1.0: Libxml2 PHSA-2017-0001

An update of the libxml2 package has been...

Photon OS 2.0: Libgcrypt PHSA-2018-2.0-0091

An update of the libgcrypt package has been...

Photon OS 2.0: Strongswan PHSA-2018-2.0-0086

An update of the strongswan package has been...

Photon OS 1.0: Perl PHSA-2018-1.0-0175

An update of the perl package has been...

Photon OS 1.0: Net PHSA-2018-1.0-0126

An update of the net package has been...

Photon OS 2.0: Binutils PHSA-2018-2.0-0021

An update of the binutils package has been...

Photon OS 1.0: Freetype2 PHSA-2018-1.0-0148

An update of the freetype2 package has been...

Photon OS 1.0: Curl PHSA-2018-1.0-0186

An update of the curl package has been...

Photon OS 1.0: Pycrypto PHSA-2018-1.0-0126

An update of the pycrypto package has been...

Debian DSA-4363-1 : python-django - security update

It was discovered that malformed URLs could spoof the content of the default 404 page of Django, a Python web development...

CVE-2024-2501

The Hubbub Lite – Fast, Reliable Social Sharing Buttons plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.33.1 via deserialization of untrusted input via the 'dpsp_maybe_unserialize' function. This makes it possible for authenticated attackers, with....

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : snapd vulnerability (USN-4728-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 20.10 host has packages installed that are affected by a vulnerability as referenced in the USN-4728-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...

Debian DLA-1640-1 : tmpreaper security update

It was discovered that tmpreaper, a program that cleans up files in directories based on their age, is vulnerable to a race condition. This vulnerability might be exploited by local attackers to perform privilege escalation. For Debian 8 'Jessie', this problem has been fixed in version...

Debian DLA-1636-1 : aria2 security update

It was discovered that aria2 (the lightweight command-line download utility) can store passed user credentials in a log file when using the --log option. This might allow local users to obtain sensitive information by reading this file. For Debian 8 'Jessie', this problem has been fixed in version....

Photon OS 2.0: Ruby PHSA-2018-2.0-0013

An update of the ruby package has been...

Photon OS 1.0: Libgcrypt PHSA-2018-1.0-0182

An update of the libgcrypt package has been...