Debian Linux Security Advisory 4695-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or a timing attack on cryptographic keys.
b695facb6dd8cc0b879476ce552b9c195948f4bc518c27cb5f63cf8e335ff6e1Debian Linux Security Advisory 4696-1 - Two vulnerabilities were discovered in Node.js, which could result in denial of service and potentially the execution of arbitrary code.
d8516cb50b72042afd3677ce970bc7873ca8cf7463bb3f2d29ebe7a93cbe32c0Debian Linux Security Advisory 4697-1 - A flaw was reported in the TLS session ticket key construction in GnuTLS, a library implementing the TLS and SSL protocols. The flaw caused the TLS server to not securely construct a session ticket encryption key considering the application supplied secret, allowing a man-in-the-middle attacker to bypass authentication in TLS 1.3 and recover previous conversations in TLS 1.2.
1895794b8fd81d9f052729b86087ff5d07fc51243bab11c512c5cb216d4bdb51Debian Linux Security Advisory 4698-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
6b0461d5fdc0442553e93411732b13c0f292cb8ee0cf3b5b3b0228efca950d91Debian Linux Security Advisory 4699-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
5c9b08156b9df614e0b461fd3ef88e61fe9ad766f6bfda59ca0dca4bd59df181Debian Linux Security Advisory 4700-1 - Matei Badanoiu and LoRexxar@knownsec discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, did not correctly process and sanitize requests. This would allow a remote attacker to perform a Cross-Side Scripting (XSS) attack leading to the execution of arbitrary code.
b99b9b11ff30b56084ed6513563f9c002ec060e4d60de71d6f65480ab9c34ebaDebian Linux Security Advisory 4701-1 - This update ships updated CPU microcode for some types of Intel CPUs and provides mitigations for the Special Register Buffer Data Sampling (CVE-2020-0543), Vector Register Sampling (CVE-2020-0548) and L1D Eviction Sampling (CVE-2020-0549) hardware vulnerabilities.
a7594ff915e8d7978545559a945ae55a7a497237c23303947c12d184661628a7Debian Linux Security Advisory 4702-1 - Multiple security issues have been found in Thunderbird which could result in the setup of a non-encrypted IMAP connection, denial of service or potentially the execution of arbitrary code.
d513edf1d7468e2dab27753b936d34950fbe909c5cde81e5cccba7e63432acc9Debian Linux Security Advisory 4703-1 - Three vulnerabilities have been found in the MySQL Connector/J JDBC driver.
5f6677d80ef74722ef5b261d5eb4b0f0e79cc30c234cde1af79d87b5bba81acdDebian Linux Security Advisory 4704-1 - A vulnerability was discovered in the VLC media player, which could result in the execution of arbitrary code or denial of service if a malformed video file is opened.
2a557cfcf78c7acd2ec602d5b2e752157487b49f0ffa224afb7182fe571f5b6fDebian Linux Security Advisory 4705-1 - It was discovered that Django, a high-level Python web development framework, did not properly sanitize input. This would allow a remote attacker to perform SQL injection attacks, Cross-Site Scripting (XSS) attacks, or leak sensitive information.
96e9fef81f25045e7f4233b281f2a1d7cf7dd3dbdc7336b1d810347bcd7b080dDebian Linux Security Advisory 4706-1 - It was discovered that Drupal, a fully-featured content management framework, was suspectible to cross site request forgery.
a491617785b890ea92ce09baf399fbb286886c5b5d2a6d9303667fc1fb4dc396Debian Linux Security Advisory 4707-1 - Damian Poddebniak and Fabian Ising discovered two security issues in the STARTTLS handling of the Mutt mail client, which could enable MITM attacks.
639617a725f0d3746c602a062ffb6cc8802633a4e5c6ec51c1cdc11b187128fcDebian Linux Security Advisory 4708-1 - Damian Poddebniak and Fabian Ising discovered two security issues in the STARTTLS handling of the Neomutt mail client, which could enable MITM attacks.
e4ede39d2fad5c01e10e9c24595ba8d69fe05122bc7a634e5637330330c0f06cDebian Linux Security Advisory 4709-1 - Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform various Cross-Side Scripting (XSS) attacks, create open redirects, escalate privileges, and bypass authorization access.
70e424455b9518837066a3cc76957691676f2e232ecdb9d44800de9194a21af0Debian Linux Security Advisory 4710-1 - A vulnerability was discovered in Apache Traffic Server, a reverse and forward proxy server, which could result in denial of service via malformed HTTP/2 headers.
fa2687f7a95d99d910fc74880c9275b86f7e9535d6bdc1b4a02379f6a71cdd41Debian Linux Security Advisory 4711-1 - Several vulnerabilities were discovered in coturn, a TURN and STUN server for VoIP.
94e74ee6e965430d2e69c9021feb0e95c097ca0170c9498a6756dfe99f8b5ed7Debian Linux Security Advisory 4712-1 - Handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or potentially the execution of arbitrary code if malformed image files are processed.
b442fec96018f2e85386811aa674d59a7d8358e77e88772714fbddc8ec4b1f1dWindscribe version 1.83 suffers from an unquoted service path vulnerability.
3a69097c69131501de9a2d82ddd6f5a72a10ad74914c97973bbec4417c602330OpenEMR version 5.0.1 suffers from a remote code execution vulnerability.
30c2dce13c4d30c1351faa3934ffc815807ae3f57ed30e9c09176e6fe07bef30
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed