Debian Linux Security Advisory 5154-1 - The following vulnerabilities have been discovered in the WebKitGTK web engine.
d89c986dad135c4b020e1569304fd9fcf1ca18635b990c078672265e4e4f2108Debian Linux Security Advisory 5155-1 - The following vulnerabilities have been discovered in the WPE WebKit web engine.
58329a2304858e7f7ff1a5798915babc0de6a56ece925a10075316ff32fecc1eDebian Linux Security Advisory 5156-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure or spoofing.
1df252f1ad15bfe073f060379fbf06d38e704930a7979aef38a2827b05310ed3Debian Linux Security Advisory 5157-1 - Jeffrey Bencteux reported two vulnerabilities in cifs-utils, the Common Internet File System utilities, which can result in escalation of privileges (CVE-2022-27239) or an information leak (CVE-2022-29869).
e9e99e95a503b8fd17bc9925f7fa0a417a022dff508cb9dbbc61b6e4de1d414eDebian Linux Security Advisory 5158-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.
5c2531aaacd74c4fb215c2123cd84acf5167f7deff68e48f25570583cf1f5dc9Debian Linux Security Advisory 5159-1 - Elton Nokaj discovered that incorrect error handling in Bottle, a WSGI framework for Python, could result in the disclosure of sensitive information.
7a52b54f351e6c4a85017cf5307237ee70bafba1b5ef267c6ad643ff105a80e3Debian Linux Security Advisory 5160-1 - Several vulnerabilities were discovered in NTFS-3G, a read-write NTFS driver for FUSE. A local user can take advantage of these flaws for local root privilege escalation.
fd5df599e9a2419df99e4181fc1ac456fd2742d2031a7d7fb96495c11bdd498fDebian Linux Security Advisory 5161-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
eebb8217aef2d4f3e2465f6dfc1ee816598f41dcba98e4335ef3537950a2ab17Debian Linux Security Advisory 5162-1 - Two vulnerabilities were discovered that the containerd container runtime, which could result in denial of service or incomplete restriction of capabilities.
45ccecc0795e7e966ac9683f563b4827e05d859e1534f7867681d2cc64e3e308Debian Linux Security Advisory 5163-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
f53c7417209cb4b647af481dcc601803bc979e78ef0499ade38d664d51382643Debian Linux Security Advisory 5164-1 - It was discovered that exo, a support library for the Xfce desktop environment, would allow executing remote .desktop files. In some scenario, an attacker could use this vulnerability to trick an user an execute arbitrary code on the platform with the privileges of that user.
7da8037671ac1bb32fe9a96c26515daf188a9ca6916f473102ee044bc8fb14c5Debian Linux Security Advisory 5165-1 - Multiple vulnerabilities were discovered in the VLC media player, which could result in the execution of arbitrary code or denial of service if a malformed file is opened.
acbe2827ba78d8ac9d9f7d5e78354bc5989b137fc1096e6ef06d2674d2193273Debian Linux Security Advisory 5166-1 - Two security issues were discovered in the Simple Linux Utility for Resource Management (SLURM), a cluster resource management and job scheduling system, which could result in privilege escalation.
214a6a00f3b7b0c70bbfe43be16de469e5b02c90f56dca397ed39c280613611cDebian Linux Security Advisory 5167-1 - Matthias Gerstner discovered that the --join option of Firejail, a sandbox to restrict an application environment, was susceptible to local privilege escalation to root.
e1fe9a48f76b3f99e79dd819199b64ca618e956c2df4de52b08ee9465697cfb0Debian Linux Security Advisory 5168-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
193485698a16c4f46f489552c38627ceddc355bfff0559badea6408ae262242bDebian Linux Security Advisory 5169-1 - It was discovered that the c_rehash script included in OpenSSL did not sanitise shell meta characters which could result in the execution of arbitrary commands.
25695a8fea8e3f567226ee9953cdcf95ee99ad75b984a86999b78293364562f4Debian Linux Security Advisory 5170-1 - Multiple vulnerabilities were discovered in Node.js, which could result in HTTP request smuggling, a bypass of certificate verification or prototype pollution.
02c22c0c690787980900a20bd2fbcd3897504bf8d273ec8ab1b192278ce7ab7bDebian Linux Security Advisory 5171-1 - Multiple security issues were discovered in the Squid proxy caching server.
6914ec792d5e2d459734b0e281bf0351dd12d3bb469796cfef359da197d04493Debian Linux Security Advisory 5172-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or spoofing.
be9c89a83cd7bd3722589f290e03a21e16bc12e03d582f9b993d694564b6c815Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.
4a0b42a62272c8f07cfba8f5f2fc43a5c072a30d0dbee47732bb2f06ecd7e44fRed Hat Security Advisory 2022-5214-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include buffer overflow, information leakage, privilege escalation, and use-after-free vulnerabilities.
ae303be6ead12de097f5e045c71ccc4d79caf6c0f11ef0e37f02bd5693cbd48dRed Hat Security Advisory 2022-5224-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow, information leakage, privilege escalation, and use-after-free vulnerabilities.
cf2209ef5b5bf17b9c809a07608c00d1e4d6b97951545747f05996c767fc8084The No cON Name 2022 call for papers has been announced. It will be held in Barcelona, Spain, from November 24th through the 26th, 2022.
d8182cfe16d9ccbd8e7da1be7700730af253ceafe0069e08c13e7dd297ae1bfcRed Hat Security Advisory 2022-5236-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include privilege escalation and use-after-free vulnerabilities.
6ccb4193a00621b9d88afc6a8a376c75e88b9c390886b6ac1884dcf6a26d4980AnyDesk version 7.0.9 suffers from an arbitrary file write vulnerability via a symlink attack.
a24a864d0cf210e9aa4cf317353b4651dcf88793c38af3fcf86fc7d93525574a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed