Debian Linux Security Advisory 4483-1 - Two security issues have been discovered in LibreOffice.
8a8647cc7bb2c4ae00c94ccdad86b50eDebian Linux Security Advisory 4482-1 - Multiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary code, cross-site scripting, spoofing, information disclosure, denial of service or cross-site request forgery.
98a6d07eeef8d662beb2fa0f236cb9d3Debian Linux Security Advisory 4481-1 - Harsh Jaiswal discovered a remote shell execution vulnerability in ruby-mini-magick, a Ruby library providing a wrapper around ImageMagick or GraphicsMagick, exploitable when using MiniMagick::Image.open with specially crafted URLs coming from unsanitized user input.
d13f864cfef099af22088b79edee68a4Debian Linux Security Advisory 4480-1 - Multiple vulnerabilities were discovered in the HyperLogLog implementation of Redis, a persistent key-value database, which could result in denial of service or potentially the execution of arbitrary code.
e5f6048460ebffda11af0a60dbde63a3Debian Linux Security Advisory 4479-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, cross-site scripting, spoofing, information disclosure, denial of service or cross-site request forgery.
1e90e6a1c90fc8275f2fadb11f5d1fc8Debian Linux Security Advisory 4478-1 - Two vulnerabilities were discovered in the DOSBox emulator, which could result in the execution of arbitrary code on the host running DOSBox when running a malicious executable in the emulator.
d2099dfe1b04d9593f8a45054f2331ddDebian Linux Security Advisory 4477-1 - Fang-Pen Lin discovered a stack-based buffer-overflow flaw in ZeroMQ, a lightweight messaging kernel library. A remote, unauthenticated client connecting to an application using the libzmq library, running with a socket listening with CURVE encryption/authentication enabled, can take advantage of this flaw to cause a denial of service or the execution of arbitrary code.
0975c0781cc125d9675f4d734f053aabDebian Linux Security Advisory 4476-1 - Three security issues were found in Django, a Python web development framework, which could result in denial of service, incomplete sanitization of clickable links or missing redirects of HTTP requests to HTTPS.
87af8c2663aa991c6a2708adceac437cDebian Linux Security Advisory 4475-1 - Joran Dirk Greef discovered that overly long nonces used with ChaCha20-Poly1305 were incorrectly processed and could result in nonce reuse. This doesn't affect OpenSSL-internal uses of ChaCha20-Poly1305 such as TLS.
34429fca7bf584e4a71f6062c8f3cac3Debian Linux Security Advisory 4474-1 - A sandbox escape was found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code if combined with additional vulnerabilities.
ca6538055b670bc57db4e583fc68d053Debian Linux Security Advisory 4473-1 - Multiple security issues were found in the rdesktop RDP client, which could result in denial of service and the execution of arbitrary code.
75b07f0ee0ad87cfe77b494582c2bf8cDebian Linux Security Advisory 4472-1 - It was discovered that Expat, an XML parsing C library, did not properly handled XML input including XML names that contain a large number of colons, potentially resulting in denial of service.
20ab5a65af5e963ef5f71f0f43577b78Debian Linux Security Advisory 4471-1 - Multiple security issues have been found in Thunderbird which may lead to the execution of arbitrary code if malformed email messages are read.
6f3730ce82e081cc510350dd42e43f3aDebian Linux Security Advisory 4467-2 - The update for vim released as DSA 4467-1 introduced a regression which broke syntax highlighting in some circumstances. Updated vim packages are now available to correct this issue.
41025ce3aa7aa964e514dc517ea80991Debian Linux Security Advisory 4470-1 - Two vulnerabilities have been discovered in pdns, an authoritative DNS server which may result in denial of service via malformed zone records and excessive NOTIFY packets in a master/slave setup.
ff8f17b50af1f0bb3cb6636d1fe40756Debian Linux Security Advisory 4469-1 - Two vulnerabilities were discovered in Libvirt, a virtualisation abstraction library, allowing an API client with read-only permissions to execute arbitrary commands via the virConnectGetDomainCapabilities API, or read or execute arbitrary files via the virDomainSaveImageGetXMLDesc API.
112429be2cb9aff9f7f6af408bbabcfeDebian Linux Security Advisory 4468-1 - A path traversal vulnerability due to an unsanitized POST parameter was discovered in php-horde-form, a package providing form rendering, validation, and other functionality for the Horde Application Framework. An attacker can take advantage of this flaw for remote code execution.
8986d8b459935d9effe1ace9426849dbDebian Linux Security Advisory 4447-2 - DSA 4447-1 shipped updated CPU microcode for most types of Intel CPUs as mitigations for the MSBDS, MFBDS, MLPDS and MDSUM hardware vulnerabilities.
bbe31bf3c26fcbb16b3badcbbc342b48Debian Linux Security Advisory 4465-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
a2e7d7ad8cd5265b8a90186bcd82ff4dDebian Linux Security Advisory 4464-1 - Multiple security issues have been found in Thunderbird which may lead to the execution of arbitrary code if malformed email messages are read.
bd7c71ca7bb27b5c0fbe7260ac8e8038Debian Linux Security Advisory 4463-1 - Two vulnerabilities were discovered in the ZNC IRC bouncer which could result in remote code execution (CVE-2019-12816) or denial of service via invalid encoding (CVE-2019-9917).
cdce5eea36ea51910b5234a62d1b5d32Debian Linux Security Advisory 4462-1 - Joe Vennix discovered an authentication bypass vulnerability in dbus, an asynchronous inter-process communication system. The implementation of the DBUS_COOKIE_SHA1 authentication mechanism was susceptible to a symbolic link attack. A local attacker could take advantage of this flaw to bypass authentication and connect to a DBusServer with elevated privileges.
9816094dce3bede2d44f5d97fcc1650eDebian Linux Security Advisory 4461-1 - Harrison Neil discovered that the getACL() command in Zookeeper, a service for maintaining configuration information, did not validate permissions, which could result in information disclosure.
320d44544c7e5d8996a5f53b011401a4Debian Linux Security Advisory 4460-1 - Multiple security vulnerabilities have been discovered in MediaWiki, a website engine for collaborative work, which may result in authentication bypass, denial of service, cross-site scripting, information disclosure and bypass of anti-spam measures.
7c86f41444ebb88239c5b0b50bd85cc6Debian Linux Security Advisory 4459-1 - Multiple security issues were discovered in the VLC media player, which could result in the execution of arbitrary code or denial of service if a malformed file/stream is processed.
f078ccd9f1f0600e3f13ca2d01e4383e
© 2019 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed