Gentoo Linux Security Advisory 202401-24 - Multiple denial of service vulnerabilities have been discovered in Nettle. Versions greater than or equal to 3.9.1 are affected.
b2b7995a3b3d102f3ba61b008faa0a4d374977257cf19d57646d6514262afae4Gentoo Linux Security Advisory 202401-23 - A buffer overread vulnerability has been found in libuv. Versions greater than or equal to 1.41.1 are affected.
a1d98c5d3663ab5a3cd31b313c33b2ba88d065e8f085e2993c77fdeb8f968599Gentoo Linux Security Advisory 202401-22 - Multiple vulnerabilities have been discovered in libspf2, the worst of which can lead to remote code execution. Versions greater than or equal to 1.2.11 are affected.
4df9712baaacd6e6f669da956478624a2d0582ad60f2fbd6ecdc17e27f5e2396Gentoo Linux Security Advisory 202401-21 - A vulnerability has been found in KTextEditor where local code can be executed without user interaction. Versions greater than or equal to 5.90.0-r2 are affected.
e18be6e0e589094dc0bf306aff7478ea2c316df15ee6a9d58fbe76bb8bbd6803Gentoo Linux Security Advisory 202401-20 - A vulnerability has been found in QPDF which can lead to a heap-based buffer overflow. Versions greater than or equal to 10.1.0 are affected.
69b3736c24b0845bb03eb0957955a8f6ad32fc45aa1950f917fb02f5a73d2d4eGentoo Linux Security Advisory 202401-19 - Multiple vulnerabilities have been found in Opera, the worst of which can lead to remote code execution. Versions greater than or equal to 73.0.3856.284 are affected.
d555786617084799df45cfbed82ca07fb4afd6fa168f910245e907df3e94c1a2GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.
f74fc5954b27d4ec6dfbb11dea987888b5b124289a3703afcada0ee520f4173eUbuntu Security Notice 6579-2 - USN-6579-1 fixed a vulnerability in Xerces-C++. This update provides the corresponding update for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.04 and Ubuntu 23.10. It was discovered that Xerces-C++ was not properly handling memory management operations when parsing XML data containing external DTDs, which could trigger a use-after-free error. If a user or automated system were tricked into processing a specially crafted XML document, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code.
6b8afe9c3f76e059a150804fa723c661478617df43e76e0f814143028a21e93bUbuntu Security Notice 6583-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.7.44 in Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information:
0082e9e9a88f33ff401159113f071dd4630bada8baaebcf81fd8b16b81a9f296Ubuntu Security Notice 6585-1 - Fabian Bäumer, Marcus Brinkmann, Joerg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being downgraded. This issue is known as the Terrapin attack. This update adds protocol extensions to mitigate this issue.
d368df4c0d357987893502f341336db0f44b79a83468cb12d62846d219bc5e7bUbuntu Security Notice 6584-1 - Philipp Jeitner and Haya Shulman discovered that Libspf2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. It was discovered that Libspf2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
486e45e1623fd297d952a83d392ee0ab81d01bc53495bad464db7ee92f739a3aUbuntu Security Notice 6581-1 - It was discovered that GNU binutils was not properly performing bounds checks in several functions, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service, expose sensitive information or execute arbitrary code. It was discovered that GNU binutils incorrectly handled memory management operations in several of its functions, which could lead to excessive memory consumption due to memory leaks. An attacker could possibly use these issues to cause a denial of service.
f59dca768c623409e354e28333e5c3d985139d888916565968db33cdc71152c7Red Hat Security Advisory 2024-0256-03 - An update for python3 is now available for Red Hat Enterprise Linux 8.
15c3b178f8fee1cbc445035de871e25288649c5781612a83fd68e85f42a2666cRed Hat Security Advisory 2024-0255-03 - An update for.NET 6.0 is now available for Red Hat Enterprise Linux 7. Issues addressed include bypass, denial of service, and information leakage vulnerabilities.
c3b8ebb04990b508a88474523bab8687332f945b40f5ded1942ac55e5a9a966fRed Hat Security Advisory 2024-0254-03 - An update for rsync is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a buffer over-read vulnerability.
7a24cbb4322b6221eaddcf1077f0869f9fcf4a232d146de8a289931c145d8858Red Hat Security Advisory 2024-0253-03 - An update for sqlite is now available for Red Hat Enterprise Linux 8. Issues addressed include a buffer overflow vulnerability.
6c775f9944647a287d06ff7ba3d87e442f72522f488e8d6a5da8762868c02e2bRed Hat Security Advisory 2024-0252-03 - An update for krb5 is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include bypass and cross site request forgery vulnerabilities.
d61da2c121b751ae21f9658eb6dd9d4e748b91cf53d65ff7171ed809205f5b3cUbuntu Security Notice 6582-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
efacb4bdb05b573622a6891d651f7f79948338036201cc4c73c3478731777aeeMailCarrier version 2.51 remote denial of service exploit.
8d7ecacd83b4b1b521a71b23531e9e47816a0daa81b52e8212fa585f7d4ae53aUbuntu Security Notice 6580-1 - It was discovered that w3m incorrectly handled certain HTML files. An attacker could possibly use this issue to cause a crash or execute arbitrary code.
f8d794f17780f4bd0df84db08bae50da6a56925ccc89d293edc51618ed8d80dcLightFTP version 1.1 remote denial of service exploit.
44982ff8d2df3f166c03d5a967d77f762d6994bee1f7757b01fe4c9887521198
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed