Debian Linux Security Advisory 4843-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
b63fae8d21eadd6fb015db055e5e8e2055c3653fa769dcd8d9d46a56af24ab72Debian Linux Security Advisory 4844-1 - Moshe Kol and Shlomi Oberman of JSOF discovered several vulnerabilities in dnsmasq, a small caching DNS proxy and DHCP/TFTP server. They could result in denial of service, cache poisoning or the execution of arbitrary code.
e8796fb0d51a874f14fa08f40ef54df04e7a41a8ec5691ce2db533b0966e1ebfDebian Linux Security Advisory 4845-1 - Several vulnerabilities were discovered in OpenLDAP, a free implementation of the Lightweight Directory Access Protocol. An unauthenticated remote attacker can take advantage of these flaws to cause a denial of service (slapd daemon crash, infinite loops) via specially crafted packets.
93d9bd640781dd21a67eca3c27b1a0e8b18464cca9960cea70eccb7f6a636db7Debian Linux Security Advisory 4846-1 - Several vulnerabilities have been discovered in the chromium web browser.
5c0a1a187b9f8a05156e97de44f20d15cc23e6a90f1c97e6bec018b05c985138Debian Linux Security Advisory 4847-1 - A remote information leak vulnerability and a remote buffer overflow vulnerability were discovered in ConnMan, a network manager for embedded devices, which could result in denial of service or the execution of arbitrary code.
e6c4b376d3fc8f7e2f9e8a51b0edb8192c78ab02ff4cd8ee359c53f6c671d352Debian Linux Security Advisory 4848-1 - Multiple security issues were discovered in the implementation of the Go programming language, which could result in denial of service and the P-224 curve implementation could generate incorrect outputs.
beb05da7d25160a00b718beaaba0fb9e0dd6e57c21ea264f3447768133371b78Debian Linux Security Advisory 4849-1 - Roman Fiedler discovered a vulnerability in the OverlayFS code in firejail, a sandbox program to restrict the running environment of untrusted applications, which could result in root privilege escalation. This update disables OverlayFS support in firejail.
5cebbbf9494bd78be8d3a2cb5e6e70f124bb0474d52286e83dcaa8b6aa666789Debian Linux Security Advisory 4850-1 - It was discovered that zstd, a compression utility, temporarily exposed a world-readable version of its input even if the original file had restrictive permissions.
971cfa1b26f29f8d1a0b32ade924cd6212a8cb8aea8fba8944c763bcac2dc3c4Debian Linux Security Advisory 4851-1 - Thomas Akesson discovered a remotely triggerable vulnerability in the mod_authz_svn module in Subversion, a version control system. When using in-repository authz rules with the AuthzSVNReposRelativeAccessFile option an unauthenticated remote client can take advantage of this flaw to cause a denial of service by sending a request for a non-existing repository URL.
81cb5fe96ccd2e9181d3b976b7ee7b20538707d3127deded8638b9a2236761c6Debian Linux Security Advisory 4852-1 - Joakim Hindersson discovered that Open vSwitch, a software-based Ethernet virtual switch, allowed a malicious user to cause a denial-of-service by sending a specially crafted packet.
b81e9b7032ae9bce92891e5eb2a14ad8b78e5e60ca1e9332fc6c0b55fc38e1e1Debian Linux Security Advisory 4853-1 - It was discovered that SPIP, a website engine for publishing, would allow a malicious user to perform cross-site scripting attacks, access sensitive information, or execute arbitrary code.
f00cc707979cfe7422a2cf35b483c3d033afae999b15397ec9b9363fc6a64e62Debian Linux Security Advisory 4854-1 - Vulnerabilities have been discovered in the webkit2gtk web engine.
be381d581a9e46a25974b634d65ded4a24b1669637f63dc9d1bed0470b79c1faDebian Linux Security Advisory 4855-1 - Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. An overflow bug in the x64_64 Montgomery squaring procedure, an integer overflow in CipherUpdate and a NULL pointer dereference flaw X509_issuer_and_serial_hash() were found, which could result in denial of service.
97d32585c37fd8006093ec57a2913bfc6ae8b85626eb395c01aae4dc59e6947aDebian Linux Security Advisory 4856-1 - Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in denial of service, information disclosure, cookie forgery or incorrect encryption.
be2a91fc87e7e29c4dd5af1cb4a667a713a1b5063f638d8c6ad302b66aa2a3ffDebian Linux Security Advisory 4857-1 - A buffer overflow vulnerability was discovered in the SPNEGO implementation affecting the GSSAPI security policy negotiation in BIND, a DNS server implementation, which could result in denial of service (daemon crash), or potentially the execution of arbitrary code.
0d5f699225d63d98310a1b39eec5904606fd5c723c4bc622c2e54f1635238966Debian Linux Security Advisory 4858-1 - Several vulnerabilities have been discovered in the chromium web browser.
06e041eb0996b6bf6de349afabb9921c5d0e7f815b82714c950fc912a4954e80Debian Linux Security Advisory 4859-1 - It was discovered that zstd, a compression utility, was vulnerable to timeframe, a world-readable version of its input even if the original file had restrictive permissions.
0f40c2be124fe4e129eb1875cd1e8aece49dfe999146fb100904aec18582840dDebian Linux Security Advisory 4860-1 - A vulnerability in the Certificate List Exact Assertion validation was discovered in OpenLDAP, a free implementation of the Lightweight Directory Access Protocol. An unauthenticated remote attacker can take advantage of this flaw to cause a denial of service (slapd daemon crash) via specially crafted packets.
e6d572d1741ea0e53922e0ddb5e0817baa079772df52005a2a3f4434a186b812Debian Linux Security Advisory 4861-1 - Felix Weinmann reported a flaw in the handling of combining characters in screen, a terminal multiplexer with VT100/ANSI terminal emulation, which can result in denial of service, or potentially the execution of arbitrary code via a specially crafted UTF-8 character sequence.
569d4df0108d39054a602652829a1fa05af2ce0f91699542d0f207bc9e1d1522Debian Linux Security Advisory 4862-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or information disclosure.
58e9f63ccd4b647aef2aec8484c3dda953d32a4ae7a76fe75ce16305e18aac17Debian Linux Security Advisory 4863-1 - Two vulnerabilities were discovered in Node.js, which could result in denial of service or DNS rebinding attacks.
56c3871a90994e8fc6eb8e6378eb9ce00442b53e24dda4d8a67326e482b2be17Debian Linux Security Advisory 4864-1 - Beast Glatisant and Jelmer Vernooij reported that python-aiohttp, a async HTTP client/server framework, is prone to an open redirect vulnerability. A maliciously crafted link to an aiohttp-based web-server could redirect the browser to a different website.
321114aef666b4091333abafeca13121fe248807de9356cb302fcd5cbe17a923Debian Linux Security Advisory 4865-1 - Multiple security issues were discovered in Docker, a Linux container runtime, which could result in denial of service, an information leak or privilege escalation.
7dc2d80b850f6bd28a9e9f63dfe2208b8767f34538778cfff1dac3efbf2d1d04Debian Linux Security Advisory 4866-1 - Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code or information disclosure.
6799803f6b184aa6dd8507e9afb88c97a9fb03cbd4498085740a1123c157048aUbuntu Security Notice 4754-2 - USN-4754-1 fixed a vulnerability in Python. The fix for CVE-2021-3177 introduced a regression in Python 2.7. This update reverts the security fix pending further investigation. It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service.
015592afe732b3ada83a567c482dde3ef51b5013b20d3697d12c66d5d49169f3
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed