what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 6,678 RSS Feed

Operating System: Debian

Debian Security Advisory 5344-1
Posted Feb 8, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5344-1 - Helmut Grohne discovered a flaw in Heimdal, an implementation of Kerberos 5 that aims to be compatible with MIT Kerberos. The backports of fixes for CVE-2022-3437 accidentally inverted important memory comparisons in the arcfour-hmac-md5 and rc4-hmac integrity check handlers for gssapi, resulting in incorrect validation of message integrity codes.

tags | advisory
systems | linux, debian
advisories | CVE-2022-45142
SHA-256 | 7c5ace0a61c41b914bf85d0ce46cb1382133026bec34cdba70e3112755a5d2d6
Debian Security Advisory 5343-1
Posted Feb 8, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5343-1 - Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit, which may result in incomplete encryption, side channel attacks, denial of service or information disclosure.

tags | advisory, denial of service, vulnerability, info disclosure
systems | linux, debian
advisories | CVE-2022-2097, CVE-2022-4304, CVE-2022-4450, CVE-2023-0215, CVE-2023-0286
SHA-256 | 4916517dff3b6d3fb82a697282b6e0fd5fe217beb0223ca7d7db63be7baf4ac1
Debian Security Advisory 5342-1
Posted Feb 7, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5342-1 - Jan-Niklas Sohn discovered that a user-after-free flaw in the X Input extension of the X.org X server may result in privilege escalation if the X server is running under the root user.

tags | advisory, root
systems | linux, debian
advisories | CVE-2023-0494
SHA-256 | d9cd986f6b68c068a98e8f263690e16240a4bad3bcee76be602630f0b4931e29
Debian Security Advisory 5341-1
Posted Feb 7, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5341-1 - Multiple vulnerabilities have been discovered in the WebKitGTK web engine. Francisco Alonso discovered that processing maliciously crafted web content may lead to arbitrary code execution. YeongHyeon Choi, Hyeon Park, SeOk JEON, YoungSung Ahn, JunSeo Bae and Dohyun Lee discovered that processing maliciously crafted web content may lead to arbitrary code execution.

tags | advisory, web, arbitrary, vulnerability, code execution
systems | linux, debian
advisories | CVE-2022-42826, CVE-2023-23517, CVE-2023-23518
SHA-256 | 212adcea258405c894269cd25e16fe7f3b2e83a0c7c6ce5cef79396b0daf8325
Debian Security Advisory 5340-1
Posted Feb 7, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5340-1 - Multiple vulnerabilities have been discovered in the WebKitGTK web engine. Francisco Alonso discovered that processing maliciously crafted web content may lead to arbitrary code execution. YeongHyeon Choi, Hyeon Park, SeOk JEON, YoungSung Ahn, JunSeo Bae and Dohyun Lee discovered that processing maliciously crafted web content may lead to arbitrary code execution.

tags | advisory, web, arbitrary, vulnerability, code execution
systems | linux, debian
advisories | CVE-2022-42826, CVE-2023-23517, CVE-2023-23518
SHA-256 | 7323df2630b7f04b8478335b4fa0c1fb95f5d7a7d242de527b89c6fa32c63eb3
Debian Security Advisory 5339-1
Posted Feb 6, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5339-1 - Ikeda Soji reported that libhtml-stripscripts-perl, a Perl module for removing scripts from HTML, is prone to a regular expression denial of service, due to catastrophic backtracking for HTML content with specially crafted style attributes.

tags | advisory, denial of service, perl
systems | linux, debian
advisories | CVE-2023-24038
SHA-256 | bf8cb8b66ff079009ce37d09bcafe99b7218495bbb1c7dae58b492f0c5bb6b15
Apache Tomcat On Ubuntu Log Init Privilege Escalation
Posted Feb 6, 2023
Authored by h00die, Dawid Golunski | Site metasploit.com

This Metasploit module targets a vulnerability in Tomcat versions 6, 7, and 8 on Debian-based distributions where these older versions provide a vulnerable tomcat init script that allows local attackers who have already gained access to the tomcat account to escalate their privileges from the tomcat user to root and fully compromise the target system.

tags | exploit, local, root
systems | linux, debian
advisories | CVE-2016-1240
SHA-256 | 0ac41921eb75c8008e9f94786db836a9f76e614d54c6925c606eecf1de5fb188
Debian Security Advisory 5338-1
Posted Feb 2, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5338-1 - Guillaume Espanel, Pierre Libeau, Arnaud Morin and Damien Rannou discovered that missing input sanitising in the handling of VMDK images in Cinder, the OpenStack block storage system, may result in information disclosure.

tags | advisory, info disclosure
systems | linux, debian
advisories | CVE-2022-47951
SHA-256 | c604abec12f33da162e6c4871d2162415ea1379e4e8220b00729b55a718ac756
Debian Security Advisory 5337-1
Posted Feb 2, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5337-1 - Guillaume Espanel, Pierre Libeau, Arnaud Morin and Damien Rannou discovered that missing input sanitising in the handling of VMDK images in OpenStack Compute (codenamed Nova) may result in information disclosure.

tags | advisory, info disclosure
systems | linux, debian
advisories | CVE-2022-47951
SHA-256 | 41d1c5abc2a1a62c08ba3eb73066cbcbc458374ae26b3e2144ac64570b6837b0
Debian Security Advisory 5336-1
Posted Feb 2, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5336-1 - Guillaume Espanel, Pierre Libeau, Arnaud Morin and Damien Rannou discovered that missing input sanitizing in the handling of VMDK images in Glance, the OpenStack image registry and delivery service, may result in information disclosure.

tags | advisory, registry, info disclosure
systems | linux, debian
advisories | CVE-2022-47951
SHA-256 | bc6ab4a0b7055df6421e280d8c79365890cc6208df474d9e8eea9c6511672a72
Debian Security Advisory 5335-1
Posted Feb 2, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5335-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service or spoofing.

tags | advisory, java, denial of service, spoof, vulnerability
systems | linux, debian
advisories | CVE-2022-21618, CVE-2022-21619, CVE-2022-21624, CVE-2022-21628, CVE-2022-39399, CVE-2023-21835, CVE-2023-21843
SHA-256 | 38f95ee57d63d0e8b884ef1127b64a2ad246bd3ea2088d67b53d2f1ae8e3140b
Debian Security Advisory 5334-1
Posted Jan 30, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5334-1 - Martin van Kervel Smedshammer discovered that varnish, a state of the art, high-performance web accelerator, is prone to a HTTP/2 request forgery vulnerability.

tags | advisory, web
systems | linux, debian
advisories | CVE-2022-45060
SHA-256 | 252078af082c9fffe4f816b645478a49bd303397f4456b2a82cf40274f3aa196
Debian Security Advisory 5332-1
Posted Jan 30, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5332-1 - Multiple issues were found in Git, a distributed revision control system. An attacker may trigger remote code execution, cause local users into executing arbitrary commands, leak information from the local filesystem, and bypass restricted shell.

tags | advisory, remote, arbitrary, shell, local, code execution
systems | linux, debian
advisories | CVE-2022-23521, CVE-2022-24765, CVE-2022-29187, CVE-2022-39253, CVE-2022-39260, CVE-2022-41903
SHA-256 | da3283ba137fd88f874430e108ec655e6a4a13b1797054b92dadf3a00e03641d
Debian Security Advisory 5333-1
Posted Jan 30, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5333-1 - Several buffer overflow, divide by zero or out of bounds read/write vulnerabilities were discovered in tiff, the Tag Image File Format (TIFF) library and tools, which may cause denial of service when processing a crafted TIFF image.

tags | advisory, denial of service, overflow, vulnerability
systems | linux, debian
advisories | CVE-2022-1354, CVE-2022-1355, CVE-2022-1622, CVE-2022-1623, CVE-2022-2056, CVE-2022-2057, CVE-2022-2058, CVE-2022-2519, CVE-2022-2520, CVE-2022-2521, CVE-2022-2867, CVE-2022-2868, CVE-2022-2869, CVE-2022-2953
SHA-256 | e8e33bb105428cea88e46086e63362e8bad0286aef80d357f8678c42d5b9f9b6
Debian Security Advisory 5331-1
Posted Jan 30, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5331-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service or spoofing.

tags | advisory, java, denial of service, spoof, vulnerability
systems | linux, debian
advisories | CVE-2022-21619, CVE-2022-21624, CVE-2022-21626, CVE-2022-21628, CVE-2022-39399, CVE-2023-21835, CVE-2023-21843
SHA-256 | 6cb75512f22c4b10076ab44d7a5c8a9b721c51a7afe86c31ff28c113d4b380f1
Debian Security Advisory 5330-1
Posted Jan 30, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5330-1 - Two vulnerabilities were discovered in Curl, an easy-to-use client-side URL transfer library, which could result in denial of service or information disclosure.

tags | advisory, denial of service, vulnerability, info disclosure
systems | linux, debian
advisories | CVE-2022-32221, CVE-2022-43552
SHA-256 | c6fc6848e50216229db276b6a61ea17d23706f3f9aadd8dd9c2779ef72f1c34e
Debian Security Advisory 5328-1
Posted Jan 27, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5328-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

tags | advisory, denial of service, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2023-0471, CVE-2023-0472, CVE-2023-0473, CVE-2023-0474
SHA-256 | 91c35b4374630099df6e3e88101b38be86922f1f9a29a741ff7a332e18ff8403
Debian Security Advisory 5329-1
Posted Jan 27, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5329-1 - Several vulnerabilities were discovered in BIND, a DNS server implementation, which may result in denial of service against named.

tags | advisory, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2022-3094, CVE-2022-3736, CVE-2022-3924
SHA-256 | ba64112fea14b7f12cde8326a8cfc48e62b9135aea71c2d573ae11c8f1f09c61
Debian Security Advisory 5327-1
Posted Jan 25, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5327-1 - Sebastien Meriot discovered that the S3 API of Swift, a distributed virtual object store, was susceptible to information disclosure.

tags | advisory, info disclosure
systems | linux, debian
advisories | CVE-2022-47950
SHA-256 | 20319f5694f359b3f5e6755bbc554332f58cee3bf53b49ff6c8a343c2b78a07a
Debian Security Advisory 5326-1
Posted Jan 25, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5326-1 - Multiple vulnerabilities were discovered in Node.js, which could result in HTTP request smuggling, bypass of host IP address validation and weak randomness setup.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2022-32212, CVE-2022-32213, CVE-2022-32214, CVE-2022-32215, CVE-2022-35255, CVE-2022-35256, CVE-2022-43548
SHA-256 | 72e5be8502372f25a305cf0e5e848f49100f6c4c07231ed340c9052cb558a635
Debian Security Advisory 5325-1
Posted Jan 24, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5325-1 - It was discovered that SPIP, a website engine for publishing, would allow a malicious user to SQL injection attacks, or bypass authorization access.

tags | advisory, sql injection
systems | linux, debian
SHA-256 | 22c7169c00d84e1a0d28755fee189ae87a60630052483debb57ec686b0541e8c
Debian Security Advisory 5324-1
Posted Jan 24, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5324-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2022-2873, CVE-2022-3545, CVE-2022-3623, CVE-2022-36280, CVE-2022-41218, CVE-2022-45934, CVE-2022-4696, CVE-2022-47929, CVE-2023-0179, CVE-2023-0266, CVE-2023-0394, CVE-2023-23454, CVE-2023-23455
SHA-256 | 4738a5dd5b6f53a56ab15c9bc642f4b021b4a873119259aea80dd67e167ed354
Debian Security Advisory 5323-1
Posted Jan 20, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5323-1 - It was discovered that the CompareTool of iText, a Java PDF library which uses the external ghostscript software to compare PDFs at a pixel level, allowed command injection when parsing a specially crafted filename.

tags | advisory, java
systems | linux, debian
advisories | CVE-2021-43113
SHA-256 | 313b77c59c1f5cfeb179c460ce914a4540b0ef907c09eba7848df15bdf973f2a
Debian Security Advisory 5322-1
Posted Jan 19, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5322-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure or spoofing.

tags | advisory, web, arbitrary, spoof, info disclosure
systems | linux, debian
advisories | CVE-2022-46871, CVE-2022-46877, CVE-2023-23598, CVE-2023-23601, CVE-2023-23602, CVE-2023-23603, CVE-2023-23605
SHA-256 | eb4baacbcf64fe1cdd00c7283b49fcb3f7f1bbde124afc14c22a6e4c843a15ee
Debian Security Advisory 5321-1
Posted Jan 18, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5321-1 - Matthieu Barjole and Victor Cutillas discovered that sudoedit in sudo, a program designed to provide limited super user privileges to specific users, does not properly handle '--' to separate the editor and arguments from files to edit. A local user permitted to edit certain files can take advantage of this flaw to edit a file not permitted by the security policy, resulting in privilege escalation.

tags | advisory, local
systems | linux, debian
advisories | CVE-2023-22809
SHA-256 | fed19510b58aa2b08c2e6cd8afc7e6d9a748bc823a0346d85f06d484c9fb17fb
Page 1 of 268
Back12345Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    9 Files
  • 7
    Feb 7th
    33 Files
  • 8
    Feb 8th
    34 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close