Debian Linux Security Advisory 4455-1 - Several vulnerabilities were discovered in Heimdal, an implementation of Kerberos 5 that aims to be compatible with MIT Kerberos.
cef4f2ca45de7d4f8bbbcf6901f098feDebian Linux Security Advisory 4454-1 - Multiple security issues were discovered in QEMU, a fast processor emulator, which could result in denial of service, the execution of arbitrary code or information disclosure.
1915d439857f56d36281d791ff0376c7Debian Linux Security Advisory 4453-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in denial of service or sandbox bypass.
39c6985d2cf9c8e5184112ce198a5ec6Debian Linux Security Advisory 4451-1 - Thunderbird vulnerabilities may lead to the execution of arbitrary code or denial of service.
59a609958def5924c2510dc7835f61d8Debian Linux Security Advisory 4450-1 - A vulnerability was found in the WPA protocol implementation found in wpa_supplication (station) and hostapd (access point).
051eea8b1d736e59dcbab7e558126721Debian Linux Security Advisory 4452-1 - Multiple security issues were found in jackson-databind, a Java library to parse JSON and other data formats which could result in information disclosure or the execution of arbitrary code.
78383c177773161d5c52cb51063d681cDebian Linux Security Advisory 4449-1 - Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed.
22da8d2aeb5c71c9d95d9a6968d0cb4dDebian Linux Security Advisory 4448-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.
38f258bf454c1e2f51d5d76bae0e17afDebian Linux Security Advisory 4447-1 - This update ships updated CPU microcode for most types of Intel CPUs. It provides mitigations for the MSBDS, MFBDS, MLPDS and MDSUM hardware vulnerabilities.
42ad7ef47f02b6209e0522c7278c74efDebian Linux Security Advisory 4446-1 - It was discovered that the Lemonldap::NG web SSO system performed insufficient validation of session tokens if the "tokenUseGlobalStorage" option is enabled, which could grant users with access to the main session database access to an anonymous session.
82487030b1bdfa54572e5bdf7071d076Debian Linux Security Advisory 4444-1 - Multiple researchers have discovered vulnerabilities in the way the Intel processor designs have implemented speculative forwarding of data filled into temporary microarchitectural structures (buffers). This flaw could allow an attacker controlling an unprivileged process to read sensitive information, including from the kernel and all other processes running on the system or cross guest/host boundaries to read host memory.
a90af95859fa674e873c2c20ad74303fDebian Linux Security Advisory 4445-1 - It was discovered that incomplete validation in a Phar processing library embedded in Drupal, a fully-featured content management framework, could result in information disclosure.
2278382df11906292df91d00ec080e53Debian Linux Security Advisory 4443-1 - Isaac Boukris and Andrew Bartlett discovered that the S4U2Self Kerberos extension used in Samba's Active Directory support was susceptible to man-in-the-middle attacks caused by incomplete checksum validation.
5c7d3ea173eb8e6307e20eb9c3b6b097Debian Linux Security Advisory 4442-2 - The update for ghostscript released as DSA 4442-1 uncovered an issue in cups-filters which was using the undocumented Ghostscript internal "pdfdict" now hidden in the ghostscript update. Updated cups-filters packages are now available to correct this issue.
aea7e9f9fb64d1d69f574775507a925aDebian Linux Security Advisory 4442-1 - A vulnerability was discovered in Ghostscript, the GPL PostScript/PDF interpreter, which may result in denial of service or the execution of arbitrary code if a malformed Postscript file is processed (despite the - -dSAFER sandbox being enabled).
36022bbac88ed5bdae095ca17daa5e07Debian Linux Security Advisory 4441-1 - Multiple vulnerabilities were discovered in the Symfony PHP framework which could lead to cache bypass, authentication bypass, information disclosure, open redirect, cross-site request forgery, deletion of arbitrary files, or arbitrary code execution.
3994cc57d484b31139739cf58d57a4a5Debian Linux Security Advisory 4440-1 - Multiple vulnerabilities were found in the BIND DNS server.
1b177a9a6255e92e1a97bb618279d777Debian Linux Security Advisory 4439-1 - Dean Rasheed discovered that row security policies in the PostgreSQL database system could be bypassed.
05e6f05080e2aaad37540f6bd5f7777fDebian Linux Security Advisory 4438-1 - Denis Andzakovic discovered two vulnerabilities in atftp, the advanced TFTP server which could result in denial of service by sending malformed packets.
9c579192f5347d328ccaff71a93b02ffDebian Linux Security Advisory 4437-1 - It was discovered that a buffer overflow in the RTSP parser of the GStreamer media framework may result in the execution of arbitrary code if a malformed RSTP stream is opened.
3b3dfeceb9ba38bb1664c7973cfeaee1Debian Linux Security Advisory 4435-1 - A use-after-free vulnerability was discovered in the png_image_free() function in the libpng PNG library, which could lead to denial of service or potentially the execution of arbitrary code if a malformed image is processed.
91303436378ae37f2510c65fdc62ed5eDebian Linux Security Advisory 4436-1 - problems and missing or incomplete input sanitizing may result in denial of service, memory disclosure or the execution of arbitrary code if malformed TIFF or Postscript files are processed.
84c8daabb44c2ba7fe19e349dc65db85Debian Linux Security Advisory 4434-1 - A cross-site scripting vulnerability has been found in Drupal, a fully-featured content management framework.
fad7ec5b9301e51a47961b29cb334625Debian Linux Security Advisory 4433-1 - Several vulnerabilities have been discovered in the Rubygems included in the interpreter for the Ruby language, which may result in denial of service or the execution of arbitrary code.
cde89a6b98e0742a91f9ce6c76c269a6Debian Linux Security Advisory 4432-1 - Cedric Buissart discovered two vulnerabilities in Ghostscript, the GPL PostScript/PDF interpreter, which could result in bypass of file system restrictions of the dSAFER sandbox.
74501a2fc7ce5e59db2a3f6dcc401f5a
© 2019 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed