Debian Linux Security Advisory 5376-1 - Multiple vulnerabilities have been discovered in the Apache HTTP server, which may result in HTTP response splitting or denial of service.
e7656527650776cefd2ce56651b8e7692943c0d30562f0041bf42d1330f3c976Debian Linux Security Advisory 5356-2 - One of the security fixes released as DSA 5356 introduced a regression in the processing of specific WAV files. Updated sox packages are available to correct this issue.
e1babfd23fbc696770c5e3ea11e225dd0d9ca59dab909793c30fb2526b1cfa4fDebian Linux Security Advisory 5375-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service, the execution of arbitrary code or spoofing.
943bb672c5f5a142c518592167667218e9e53d058b0660c6d0458c7636cb77caDebian Linux Security Advisory 5374-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or spoofing.
ef900a452c188015da475ec656d55f96626688e7c22638f3904a9534481df7d1Debian Linux Security Advisory 5373-1 - Dave McDaniel discovered that the SQLite3 bindings for Node.js were susceptible to the execution of arbitrary JavaScript code if a binding parameter is a crafted object.
be782c388a489c999750974e659e9b01cb240c9b62f2c79d5206b4142b32021dDebian Linux Security Advisory 5372-1 - Multiple vulnerabilities were discovered in rails, the Ruby based server-side MVC web application framework, which could result in XSS, data disclosure and open redirect.
44ed6f4160efe547c9a47f4f62db177c265c289c98a029bb8114b3fa4bca4f1fDebian Linux Security Advisory 5371-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
0f6a986bb12975949c5f0a377c9c2edaab1560f19c398911f89ca72a911defc8Debian Linux Security Advisory 5370-1 - Ronald Crane discovered that missing input saniting in the apr_encode functions of apr, the Apache Portable Runtime library, may result in denial of service or potentially the execution of arbitrary code.
06258aeb56f6c7338c9fdd57a615e5a5d0b7d38557dfd44abd33e40b95560519Debian Linux Security Advisory 5369-1 - It was discovered that an integer overflow in the RFC3164 parser of syslog-ng, a system logging daemon, may result in denial of service via malformed syslog messages.
7fcd01524147068679cf73804f7bfbb263956232325d680e69f2e0f05209c763Debian Linux Security Advisory 5368-1 - It was discovered that the libreswan IPsec implementation could be forced into a crash/restart via malformed IKEv2 packets after peer authentication, resulting in denial of service.
74882477fb28107aed943fa993f4c9b0d3b7991a4336bac07118bf09e48d93ebDebian Linux Security Advisory 5367-1 - It was discovered that SPIP, a website engine for publishing, would allow a malicious user to execute arbitrary code.
1d4b1b1ced26b5ac97eb9419c445bb93b485a6908145b4ed3c2bfbf29a5223b3Debian Linux Security Advisory 5366-1 - The Qualys Research Labs reported an authorization bypass (CVE-2022-41974) and a symlink attack (CVE-2022-41973) in multipath-tools, a set of tools to drive the Device Mapper multipathing driver, which may result in local privilege escalation.
449a42da9bb4b8caeb5d67f7cec2a182bd6252f94c98c628487a48466106f6b0Debian Linux Security Advisory 5365-1 - Patrick Monnerat discovered that Curl's support for "chained" HTTP compression algorithms was susceptible to denial of service.
2cfddea329a31bcbbff3f27ed3f37c97897bb7bdb2d77df616068add33038c0bDebian Linux Security Advisory 5364-1 - Ronald Crane discovered that missing input saniting in the apr_base64 functions of apr-util, the Apache Portable Runtime utility library, may result in denial of service or potentially the execution of arbitrary code.
0fd080fc2d20d8613ace2e272ac779ee75f49f96590d76bbadc9811f312aedf2Debian Linux Security Advisory 5363-1 - Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in denial of service or incorrect validation of BCrypt hashes.
7ae7c33c3e28b6f24a8453dc72dcd9277d8782ff1546367e81b1eee017a28724Debian Linux Security Advisory 5362-1 - An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may lead to a segmentation fault and denial of service. This occurs in bgp_capability_msg_parse in bgpd/bgp_packet.c.
a6c42c4fa46b453dd5a470c4e086922ae874af1bd2bd96fd5186bf71571228ebDebian Linux Security Advisory 5361-1 - Several flaws were found in tiffcrop, a program distributed by tiff, the Tag Image File Format (TIFF) library and tools. A specially crafted tiff file can lead to an out-of-bounds write or read resulting in a denial of service.
1404aec50e3d5d5f0e7677de3be642069da3ce8f1fbe90f9a1854a9dd500dc50Debian Linux Security Advisory 5360-1 - Xi Lu discovered that missing input sanitising in Emacs (in etags, the Ruby mode and htmlfontify) could result in the execution of arbitrary shell commands.
82d11ef9e76f7318d8a66038c6614675b087dfdc2b8d50aad0fe55d3dd74b5c7Debian Linux Security Advisory 5359-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
7843617dec4bb3e700e21f91ba5248a0b767d9fd5d3e9747c378549fa4f68f46Debian Linux Security Advisory 5358-1 - Multiple security vulnerabilities have been discovered in Asterisk, an Open Source Private Branch Exchange. Buffer overflows and other programming errors could be exploited for launching a denial of service attack or the execution of arbitrary code.
af27f2dc4d2e27bc3dbab6aae8f01920efe10398bf7112aa8d1bf8bfe6bb6c8cDebian Linux Security Advisory 5357-1 - yvvdwf found a data exfiltration vulnerability while performing local clone from malicious repository even using a non-local transport. Joern Schneeweisz found a path traversal vulnerability in git-apply that a path outside the working tree can be overwritten as the acting user.
1d3b09b9eb94b59ea608248a20c9b4e2bc7dca85f2496bce60579f548dcd692dDebian Linux Security Advisory 5356-1 - Multiple security issues were discovered in Sox, the Swiss Army knife of sound processing programs, which could result in denial of service or potentially the execution of arbitrary code if a malformed audio file is processed.
4547d5396d52db93554a168ee672328c338504ca678dde0458f28eb06373a9ddDebian Linux Security Advisory 5355-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.
0f4b7e99ba15bbfd85f7386e545fc53f7d8d15979fc3bb26c7f05c85596889daDebian Linux Security Advisory 5354-1 - Multiple security vulnerabilities were discovered in snort, a flexible Network Intrusion Detection System, which could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or bypass filtering technology on an affected device and ex-filtrate data from a compromised host.
70bd678158e429e420784d3be6dfb3a7fad6ffbaabdcee832e1d3f20de7066c1Debian Linux Security Advisory 5353-1 - Christian Holler discovered that incorrect handling of PKCS 12 Safe Bag attributes in nss, the Mozilla Network Security Service library, may result in execution of arbitrary code if a specially crafted PKCS 12 certificate bundle is processed.
068c59397fcd13600b29d512e21b00e1a4fc98e267e2b38fdc5820e8281a93e7
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed