Debian Linux Security Advisory 5617-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
fc899430ebda7fcd3a6599b53dfe6281119ed904cdfca2a5fa83b6eeff455142Debian Linux Security Advisory 5616-1 - It was discovered that ruby-sanitize, a whitelist-based HTML sanitizer, insufficiently sanitized style elements, which may result in cross-site scripting.
cb1891138c71065ba8a31de094547c27038e14dbb35d632d940934fd3474f59cDebian Linux Security Advisory 5615-1 - It was discovered that runc, a command line client for running applications packaged according to the Open Container Format (OCF), was susceptible to multiple container break-outs due to an internal file descriptor leak.
a959e4508099a43ffce4457a32f3fdcb636129404d0c2704c808e2edae17a68fDebian Linux Security Advisory 5614-1 - Two vulnerabilities were discovered in zbar, a library for scanning and decoding QR and bar codes, which may result in denial of service, information disclosure or potentially the execution of arbitrary code if a specially crafted code is processed.
8622812f88e985e7306821abbdc0f758934b8fa49410f0223dd4e05e28a1acdbDebian Linux Security Advisory 5613-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in side channel attacks, leaking sensitive data to log files, denial of service or bypass of sandbox restrictions.
f609441d6fb4c40057305e6428732ca7ac0e44c809f5eb956a054b02d0ed1ef4Debian Linux Security Advisory 5612-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
5e76bed3819f315e7a0c764d370439b3892001d90b2731baafa780fd5607d130Debian Linux Security Advisory 5611-1 - The Qualys Research Labs discovered several vulnerabilities in the GNU C Library's __vsyslog_internal() function (called by syslog() and vsyslog()). A heap-based buffer overflow (CVE-2023-6246), an off-by-one heap overflow (CVE-2023-6779) and an integer overflow (CVE-2023-6780) can be exploited for privilege escalation or denial of service.
b706fe5111adeb5e4961a0c6b856dd95656c158ab3611e3f050084786321653fDebian Linux Security Advisory 5610-1 - Multiple security issues were discovered in Redis, a persistent key-value database, which could result in the execution of arbitrary code or ACL bypass.
6a575e49865251ebf28406b8b02755df04cae2bd061603790e201c0c1917a8a9Debian Linux Security Advisory 5609-1 - Several vulnerabilities were discovered in the Slurm Workload Manager, a cluster resource management and job scheduling system, which may result in privilege escalation, denial of service, bypass of message hash checks or opening files with an incorrect set of extended groups.
f57d906dddf94852997ecaf61e4354f8e39782336cb81672d34166c0cb2789b8Debian Linux Security Advisory 5608-1 - A heap-based buffer overflow during tile list parsing was discovered in the AV1 video codec parser for the GStreamer media framework, which may result in denial of service or potentially the execution of arbitrary code if a malformed media file is opened.
28de5aaa27d710a8206df6a847735e65dc15308d136f5b7b5aa81eb3f826812dDebian Linux Security Advisory 5607-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
a6de00e749bc7cbb1d4b7f49c1c267ef1cff9abe7a509d66795892bdafd34351Debian Linux Security Advisory 5606-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, phishing, clickjacking, privilege escalation, HSTS bypass or bypass of content security policies.
62d054980f489d3898ce1066f25faf04fd13bf8be86866e7e9ef0b8a86cbb08dDebian Linux Security Advisory 5605-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.
3e1353cf49f58df9c0eadb078695f94c105539b37d5c31fad27ab66818139a86Debian Linux Security Advisory 5604-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in side channel attacks, leaking sensitive data to log files, denial of service or bypass of sandbox restrictions.
25108b8a08605a9bce524bb051d237998769db2d9c500fc6fcae6a5d10cb1173Debian Linux Security Advisory 5603-1 - Several vulnerabilities were discovered in the Xorg X server, which may result in privilege escalation if the X server is running privileged or denial of service.
65170e720390016746938ce39410c03723012788646a60ef3f1d3cd9788338a3Debian Linux Security Advisory 5602-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. An exploit for CVE-2024-0519 exists in the wild.
45e1bf24562fc069454170dc81c0c1b115ade42f764860a6f6a63c8ba8f0f761Debian Linux Security Advisory 5601-1 - Fabian Baeumer, Marcus Brinkmann and Joerg Schwenk discovered that the SSH protocol is prone to a prefix truncation attack, known as the "Terrapin attack". This attack allows a MITM attacker to effect a limited break of the integrity of the early encrypted SSH transport protocol by sending extra messages prior to the commencement of encryption, and deleting an equal number of consecutive messages immediately after encryption starts.
74939800a29d48ded37e9813459aa6b29068a867d2c407034d466d7a7bb36ee5Debian Linux Security Advisory 5600-1 - Fabian Baeumer, Marcus Brinkmann and Joerg Schwenk discovered that the SSH protocol is prone to a prefix truncation attack, known as the "Terrapin attack". This attack allows a MITM attacker to effect a limited break of the integrity of the early encrypted SSH transport protocol by sending extra messages prior to the commencement of encryption, and deleting an equal number of consecutive messages immediately after encryption starts.
8cfe6e2a5aa62ff4c70ee28350070f1ea5a4506b8305130470d356424e8fe7c6Debian Linux Security Advisory 5599-1 - Fabian Baeumer, Marcus Brinkmann and Joerg Schwenk discovered that the SSH protocol is prone to a prefix truncation attack, known as the "Terrapin attack". This attack allows a MITM attacker to effect a limited break of the integrity of the early encrypted SSH transport protocol by sending extra messages prior to the commencement of encryption, and deleting an equal number of consecutive messages immediately after encryption starts.
a0c9e4b89d0e004e7f26020948eef0d8e208379ab02cce69468a0e02ce7ea9b2Debian Linux Security Advisory 5598-1 - A security issue was discovered in Chromium, which could result in the execution of arbitrary code, denial of service, or information disclosure.
fc63d222e51570fb223395a2aa8d1fb25f8cd15178ff88be15918e0297228dc0Debian Linux Security Advisory 5597-1 - It was discovered that Exim, a mail transport agent, can be induced to accept a second message embedded as part of the body of a first message in certain configurations where PIPELINING or CHUNKING on incoming connections is offered.
c07124cdc31734b4be52276427c0adc4c564e3e489e29e0b9d3007047f785ba9Debian Linux Security Advisory 5596-1 - Multiple security vulnerabilities have been discovered in Asterisk, an Open Source Private Branch Exchange.
c9359b6983497697c00903ccf8711da8c38c58bb9a04feff50dc4b063da49212Debian Linux Security Advisory 5595-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
72ee96f98d942b476c2ea37011c4d11f0573ac25aa0b2dedd32a66c7be41c7a6Debian Linux Security Advisory 5594-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
14c6c74cd19f5de7ddf98f535462c89656d00f4606e765c1a9e334df63a6e08fDebian Linux Security Advisory 5593-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
0cdb7688a71fd9cbf7b4849b0d1c056005ac011c07a4a27e51fd8802f6459e2f
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed