Gentoo Linux Security Advisory 202401-34 - Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. Versions greater than or equal to 120.0.6099.109 are affected.
7972c2b3410fb4ff7bc260ff0dcbf543f3953812125be87b697341fdd176fb86Gentoo Linux Security Advisory 202401-33 - Multiple vulnerabilities have been found in WebKitGTK+, the worst of which may lead to remote code execution. Versions greater than or equal to 2.42.2:4 are affected.
aa36ce21418779dc73ee4b50c45088af85854e82235821b227c27d737eef992fDebian Linux Security Advisory 5611-1 - The Qualys Research Labs discovered several vulnerabilities in the GNU C Library's __vsyslog_internal() function (called by syslog() and vsyslog()). A heap-based buffer overflow (CVE-2023-6246), an off-by-one heap overflow (CVE-2023-6779) and an integer overflow (CVE-2023-6780) can be exploited for privilege escalation or denial of service.
b706fe5111adeb5e4961a0c6b856dd95656c158ab3611e3f050084786321653fGentoo Linux Security Advisory 202401-32 - Multiple vulnerabilities have been discovered in libaom, the worst of which can lead to remote code execution. Versions greater than or equal to 3.2.0 are affected.
a52cd36be2d1302497da4fc21f25b35c4aacc7187ee873bcd2b79d101c6ef6dcUbuntu Security Notice 6591-2 - USN-6591-1 fixed vulnerabilities in Postfix. A fix with less risk of regression has been made available since the last update. This update updates the fix and aligns with the latest configuration guidelines regarding this vulnerability.
4babe964a075f29aecde00f0223d7790a3f252d1959a3b8d3883b4b8fdb53043Gentoo Linux Security Advisory 202401-31 - Multiple vulnerabilities have been found in containerd, the worst of which could result in privilege escalation. Versions greater than or equal to 1.6.14 are affected.
340e890e584a72be161ce1a3ca689044b98f4c14c7bc18bb98943aa01d4f4ea1Gentoo Linux Security Advisory 202401-30 - Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution. Versions greater than or equal to 21.1.11 are affected.
545eafd3a0b182303f26482ca1690edf1334c8c351327115bef40159e3e46634Ubuntu Security Notice 6609-2 - Lin Ma discovered that the netfilter subsystem in the Linux kernel did not properly validate network family support while creating a new netfilter table. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could cause a denial of service or possibly expose sensitive information.
90e5bb44984356d7a386775f103d92a062be991ce97239a371424c2e4b094982Ubuntu Security Notice 6617-1 - It was discovered that libde265 could be made to write out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that libde265 could be made to write out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code.
9e3e8cbd9c3a3debf8e66f4b40678f8bde1c3f0e39247249c77cb21c1b7d84c0Ubuntu Security Notice 6618-1 - It was discovered that Pillow incorrectly handled certain long text arguments. An attacker could possibly use this issue to cause Pillow to consume resources, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. Duarte Santos discovered that Pillow incorrectly handled the environment parameter to PIL.ImageMath.eval. An attacker could possibly use this issue to execute arbitrary code.
6448149912590caa887d2ebc19423b952b66138a002ef70624bb7db6564df7f6Ubuntu Security Notice 6587-3 - USN-6587-1 fixed vulnerabilities in X.Org X Server. The fix was incomplete resulting in a possible regression. This update fixes the problem. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the DeviceFocusEvent and ProcXIQueryPointer APIs. An attacker could possibly use this issue to cause the X Server to crash, obtain sensitive information, or execute arbitrary code. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled reattaching to a different master device. An attacker could use this issue to cause the X Server to crash, leading to a denial of service, or possibly execute arbitrary code. Olivier Fourdan and Donn Seeley discovered that the X.Org X Server incorrectly labeled GLX PBuffers when used with SELinux. An attacker could use this issue to cause the X Server to crash, leading to a denial of service. Olivier Fourdan discovered that the X.Org X Server incorrectly handled the curser code when used with SELinux. An attacker could use this issue to cause the X Server to crash, leading to a denial of service. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the XISendDeviceHierarchyEvent API. An attacker could possibly use this issue to cause the X Server to crash, or execute arbitrary code. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled devices being disabled. An attacker could possibly use this issue to cause the X Server to crash, or execute arbitrary code.
b4b93cec425e2cc7f4d786e873efc8d2eb7ef34f9060a322512d712a2d7cef3dUbuntu Security Notice 6616-1 - It was discovered that OpenLDAP was not properly performing bounds checks when executing functions related to LDAP URLs. An attacker could possibly use this issue to cause a denial of service.
58feec907b4e16ef949d9778289eb726ad1bb84fbd2113fcdc82d8e1f2846ccaUbuntu Security Notice 6615-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.36 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.10. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.
bd770e0968e25cce6026743b39dc98126dd79d99593c23336f6af6d650a7c809Red Hat Security Advisory 2024-0623-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include bypass, out of bounds write, and privilege escalation vulnerabilities.
94da229e0778cef2393fa04d7d141d6ceec01830329850fefb2c5b3ca1cbd3ceRed Hat Security Advisory 2024-0622-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include bypass, out of bounds write, and privilege escalation vulnerabilities.
8a05e1fc907765631dca8fbe20bdd4e765e8d85aee85a27e19db16bcf8e02f03Red Hat Security Advisory 2024-0621-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a buffer overflow vulnerability.
f18175acaf0693f798700213fb7cd51ba2f962066dc66fe91c7091c47f6c9685Red Hat Security Advisory 2024-0616-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include bypass, out of bounds write, and privilege escalation vulnerabilities.
11ec3f97d17b54390effbe856ad7b6741234a4b768b997538593b2db45a729b7Red Hat Security Advisory 2024-0615-03 - An update for firefox is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include bypass, out of bounds write, and privilege escalation vulnerabilities.
a5e1d5f924682a160b3c35b384caf550997766e1d210bd72cd0fd95cde821730Red Hat Security Advisory 2024-0614-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include a buffer overflow vulnerability.
95ebac90019eaa1a93aba2483b95e229e8df3f6018c0f6813960fc7c5cd016ceRed Hat Security Advisory 2024-0609-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8. Issues addressed include bypass, out of bounds write, and privilege escalation vulnerabilities.
433bd4d58e5da3994eb7f8d0ea3e59c85f80ac4a7019a50b8e9da12cae352fe5Red Hat Security Advisory 2024-0608-03 - An update for firefox is now available for Red Hat Enterprise Linux 8. Issues addressed include bypass, out of bounds write, and privilege escalation vulnerabilities.
f0aa9c26566e9bd461b35c53ec37e7d9fc5448982fed8a6494b6dcca8dcbd1a3Red Hat Security Advisory 2024-0607-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 8. Issues addressed include a buffer overflow vulnerability.
5748db682b1ab1d886a62fa8246b580e5e8a06ce10cafd796093d972cb650400Red Hat Security Advisory 2024-0606-03 - An update for openssh is now available for Red Hat Enterprise Linux 8. Issues addressed include a code execution vulnerability.
0d25beb100b05b6a8c8a5fdfee0301113431217df46c78cc1f31d355bbf50f2dRed Hat Security Advisory 2024-0605-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include bypass, out of bounds write, and privilege escalation vulnerabilities.
97938b61b5786f819eec5e9f8f4b7894258097d9c919509902d5216ec8be4edfRed Hat Security Advisory 2024-0604-03 - An update for firefox is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include bypass, out of bounds write, and privilege escalation vulnerabilities.
c9c59601f85a9f11b5e5591d7d99cc59d34ddd30772285c3463d1c0109ff1a88
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed