Debian Linux Security Advisory 4339-1 - Multiple vulnerabilities were discovered in Ceph, a distributed storage replay attacks and calculated signatures incorrectly, "ceph mon" did not validate capabilities for pool operations (resulting in potential corruption or deletion of snapshot images) and a format string vulnerability in libradosstriper could result in denial of service.
7d33268d994527eabee05d8428f919cbDebian Linux Security Advisory 4338-1 - Integer overflows in the processing of packets in network cards emulated by QEMU, a fast processor emulator, could result in denial of service.
15d509051fcf2fb66ea41acb025d14f0Debian Linux Security Advisory 4337-1 - safety errors may lead to the execution of arbitrary code or denial of service.
84df8a853d0cd691f2c1c1877e3e51a8Debian Linux Security Advisory 4336-1 - Several vulnerabilities were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which may result in denial of service, disclosure of existence and size of arbitrary files, or the execution of arbitrary code if a malformed Postscript file is processed (despite the dSAFER sandbox being enabled).
5272b35e98151ec03cae17c1cae7ca73Debian Linux Security Advisory 4335-1 - Three vulnerabilities were discovered in Nginx, a high-performance web and reverse proxy server, which could in denial of service in processing HTTP/2 (via excessive memory/CPU usage) or server memory disclosure in the ngx_http_mp4_module module (used for server-side MP4 streaming).
4d4bf37877010a706d4c0cec4789a57bDebian Linux Security Advisory 4334-1 - Multiple vulnerabilities were discovered in MuPDF, a PDF, XPS, and e-book viewer which could result in denial of service or the execution of arbitrary code if malformed documents are opened.
0d4bb0b6144acb743c6577accc5c3e20Debian Linux Security Advisory 4333-1 - Nick Rolfe discovered multiple buffer overflows in the Icecast multimedia streaming server which could result in the execution of arbitrary code.
a1bafaabade89c2cdb1b4dbed96a1cc8Debian Linux Security Advisory 4332-1 - Several vulnerabilities have been discovered in the interpreter for the Ruby language.
e9c4818aa6963d8109d3854620683e24Debian Linux Security Advisory 4331-1 - Two vulnerabilities were discovered in cURL, an URL transfer library.
e8fcc8f27143451b9ef99f43058db435Debian Linux Security Advisory 4330-1 - Several vulnerabilities have been discovered in the chromium web browser.
274f4b9bed0ab00b97cda6b9faf28b97Debian Linux Security Advisory 4329-1 - It was discovered that incorrect connection setup in the server for Teeworlds, an online multi-player platform 2D shooter, could result in denial of service via forged connection packets (rendering all game server slots occupied).
037c269942e30b2051e7265dd555f60fDebian Linux Security Advisory 4321-2 - The update of Graphicsmagick in DSA-4321-1 introduced a change in the handling of case-sensitivity in an internal API function which could affect some code built against the GraphicsMagick libraries. This update restores the previous behaviour.
d87fe6eb77217ab097495ad5a68ce443Debian Linux Security Advisory 4328-1 - Narendra Shinde discovered that incorrect command-line parameter validation in the Xorg X server may result in arbitrary file overwrite, which can result in privilege escalation.
717e73ef11d1e58f8ce34149755577d3Debian Linux Security Advisory 4327-1 - Multiple memory safety errors and use-after-frees in Thunderbird may lead to the execution of arbitrary code or denial of service.
e1857fff050d1a013315f409a3b46c9eDebian Linux Security Advisory 4326-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in denial of service, sandbox bypass, incomplete TLS identity verification, information disclosure or the execution of arbitrary code.
7c35625696991fdc77cb84e7b2071292Debian Linux Security Advisory 4325-1 - It was discovered that mosquitto, an MQTT broker, was vulnerable to remote denial-of-service attacks that could be mounted using various vectors.
8d66bb64922936a311efc49687b450cfDebian Linux Security Advisory 4324-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could result in the execution of arbitrary code, privilege escalation or information disclosure.
76d22f63eab5d95a897899812b146f6fDebian Linux Security Advisory 4313-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
5fd4d689901d47cfeb472487907f8ce0Debian Linux Security Advisory 4312-1 - Several vulnerabilities were discovered in tinc, a Virtual Private Network (VPN) daemon.
34034712cf93ba832540dc5745a8900aDebian Linux Security Advisory 4311-1 - joernchen of Phenoelit discovered that git, a fast, scalable, distributed revision control system, is prone to an arbitrary code execution vulnerability via a specially crafted .gitmodules file in a project cloned with --recurse-submodules.
1f8a5f684261b89f6eecc6b077fa556fDebian Linux Security Advisory 4310-1 - Two security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code inside the sandboxed content process.
b88ceaa2ffe174a5b82e94d946d662e0Debian Linux Security Advisory 4309-1 - Google's OSS-Fuzz revealed an exploitable bug in the gmp plugin caused by the patch that fixes CVE-2018-16151 and CVE-2018-16151 (DSA-4305-1).
da84be61cf0df9d48949f7771d2671b5Debian Linux Security Advisory 4308-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
a1995d1e6eb105061c1bda57627f1054Debian Linux Security Advisory 4307-1 - to initialize Expat's hash salt, two denial of service issues were found in difflib and poplib and a buffer overflow in PyString_DecodeEscape.
acf1f4f8778776ac275f78fc6fabea12Debian Linux Security Advisory 4306-1 - Multiple security issues were discovered in Python: ElementTree failed to initialize Expat's hash salt, two denial of service issues were found in difflib and poplib and the shutil module was affected by a command injection vulnerability.
59ac7d08f42ae08ee8581f5c3f9f8e4e
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed