Debian Linux Security Advisory 5245-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
bf60ece012a5fb91455e6049309baad6373f25ba811def84fdd72d5cad781e24Debian Linux Security Advisory 5246-1 - Marlon Starkloff discovered that twig, a template engine for PHP, did not correctly enforce sandboxing. This would allow a malicious user to execute arbitrary code.
bafe6fbd63e7ce336ce7f16d95873da98aa675c25a5d71e8b2d0b10a0af1e05aDebian Linux Security Advisory 5247-1 - Douglas Mendizabal discovered that Barbican, the OpenStack Key Management Service, incorrectly parsed requests which could allow an authenticated user to bypass Barbican access policies.
0d413d1d6f6432591be3a3d48216c92d4d62cd19a834ad7625f9ff5c141970bfDebian Linux Security Advisory 5249-1 - Lahav Schlesinger discovered a vulnerability in the revocation plugin of strongSwan, an IKE/IPsec suite.
001ab0bf44e202413c681162d6a7d7fcf47fe3d1980576d2c2a32989a5ee3e3aDebian Linux Security Advisory 5255-1 - An integer overflow flaw was discovered in the CRL parser in libksba, an X.509 and CMS support library, which could result in denial of service or the execution of arbitrary code.
5b80c721a5174b5f9be5b4356b1742a0911041872cc1d6159fd559f1608285e7Debian Linux Security Advisory 5254-1 - Multiple security issues were found in Django, a Python web development framework, which could result in denial of service, SQL injection or cross-site scripting.
f1deaa074be2780bc47f540868f469aef9215c48a81c548946be8c4d1bf75ee6Debian Linux Security Advisory 5250-1 - Evgeny Vereshchagin discovered multiple vulnerabilities in D-Bus, a simple interprocess messaging system, which may result in denial of service by an authenticated user.
c17db3125a645538d77cbf33babc4af9091a3054ec91dd36976ec447aabbc18bDebian Linux Security Advisory 5251-1 - Several vulnerabilities have been discovered in the ISC DHCP client, relay and server.
e75a1017009f4cad5bc08bfc50f14390812d8d810301608598ec114925f7bc11Debian Linux Security Advisory 5252-1 - It was discovered that insufficient validation of "vnd.libreoffice.command" URI schemes could result in the execution of arbitrary macro commands.
02baca49b53329fd1a22ea245384ae22aebba5a94a919a180cf0082dfcea82b9Debian Linux Security Advisory 5253-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
66cbec92e74c8792856040aad3136f685c8557a6136f41bb2dad3b0b6c2c812cDebian Linux Security Advisory 5223-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
eaccf2c4f13785f27ea55d281296ec9a704251dbe2c16cc511b155f0d5dbc78fDebian Linux Security Advisory 5224-1 - Two vulnerabilities were discovered in poppler, a PDF rendering library, which could result in denial of service or the execution of arbitrary code if a malformed PDF file or JBIG2 image is processed.
fff5c555e685acd923ce1cd2043a40d9c2db36d0eed0627070038e954e24e95cDebian Linux Security Advisory 5225-1 - A security issue was discovered in Chromium, which could result in the execution of arbitrary code.
98a8f68e6eeb765491847e5b3440d501a6818cac4dc84af5724f091a2bc33174Debian Linux Security Advisory 5226-1 - Two security issues were discovered in pcs, a corosync and pacemaker configuration tool.
6063675b6309f8ba39ab444e7fce5c743b477418ff598c15909fc9e571447b45Debian Linux Security Advisory 5227-1 - It was discovered that Gson, a Java library that can be used to convert Java Objects into their JSON representations and vice versa, was vulnerable to a de- serialization flaw. An application would de-serialize untrusted data without sufficiently verifying that the resulting data will be valid, letting the attacker to control the state or the flow of the execution. This can lead to a denial of service or even the execution of arbitrary code.
b6af2512c97e2e986859b67b105cb3eb62cba8bf639bf250fd2d00129989f97fDebian Linux Security Advisory 5228-1 - Several vulnerabilities were discovered in gdk-pixbuf, the GDK Pixbuf library.
2779b19645046756f046040b839f7910204298a4f8304bb68cd29482f89ab133Debian Linux Security Advisory 5229-1 - Two vulnerabilities were discovered in FreeCAD, a CAD/CAM program, which could result in the execution of arbitrary shell commands when opening a malformed file.
e221b714aa252c043fe261bba268b9bb76b8a4565c7895307eb7ff13412d67b8Debian Linux Security Advisory 5230-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
8340f3ab3bae220f6698fed84dcfba3c97ba7964c3362899da056ede5c1f36abDebian Linux Security Advisory 5231-1 - Several vulnerabilities were discovered in ConnMan, a network manager for embedded devices, which could result in denial of service or the execution of arbitrary code.
ce4def7ac6b137a13c8cf721dd5db4140415515ed52baee6a0d76baf78234bf0Debian Linux Security Advisory 5232-1 - It was discovered that the wordexp() function of tinygltf, a library to load/save glTF (GL Transmission Format) files was susceptible to command execution when processing untrusted files.
6d3bf5420ed67b1fc16a49e517a64ee582d74c3582eaa12ad4ef5cb2c1800fceDebian Linux Security Advisory 5233-1 - Maher Azzouzi discovered that missing input sanitising in the Enlightenment window manager may result in local privilege escalation to root.
038bc6131b6fd2cfa407d7ba8198b1856f3aa45cd0d7b1b66c8e56e410074926Debian Linux Security Advisory 5234-1 - An arbitrary code execution vulnerability was disovered in fish, a command line shell. When using the default configuraton of fish, changing to a directory automatically ran `git` commands in order to display information about the current repository in the prompt. Such repositories can contain per-repository configuration that change the behavior of git, including running arbitrary commands.
d6134612ed2eb603546e00e78930c6db0692023b8724bb62b9827ee351491ec4Debian Linux Security Advisory 5235-1 - Several vulnerabilities were discovered in BIND, a DNS server implementation.
9fd2bd0b8d48add568238f3194fca9fcb514629ef89a06fc88c357586fed0e7dDebian Linux Security Advisory 5236-1 - Rhodri James discovered a heap use-after-free vulnerability in the doContent function in Expat, an XML parsing C library, which could result in denial of service or potentially the execution of arbitrary code, if a malformed XML file is processed.
f673ba4a86fe72896d4316423099d0e96f4f5358812e777c79d4d4a321d08a6eDebian Linux Security Advisory 5237-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, CSP bypass or session fixation.
69842b76196deeb3b59a7b469816fe3cfbd6e3bc5d7e2ef801971d08ee2caa0f
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed