CarolinaCon Online 2 will be hosted April 29th to May 1st, 2022. The conference will be virtual and submitted talks will be live streamed.
fff7bbd7db49ebd9315d7d680ff911339bafb26146b0e7b53c22f7e97b628388Debian Linux Security Advisory 5034-1 - Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code, spoofing, information disclosure, downgrade attacks on SMTP STARTTLS connections or misleading display of OpenPGP/MIME signatures.
f888fa76ca31bfbcac032ef3035755456561fe803b0f061a25f987500c7081acDebian Linux Security Advisory 5035-1 - Two vulnerabilities have been discovered in the Apache HTTP server.
74130339f145e6082d22a1c8764d36b4c4c38ffa489b04b343398f32762844feDebian Linux Security Advisory 5036-1 - It was discovered that sphinxsearch, a fast standalone full-text SQL search engine, could allow arbitrary files to be read by abusing a configuration option.
f6ca287511afa80a759cca94970f295545542cf2b9cd3186543025a1d1fa3633Debian Linux Security Advisory 5037-1 - It was discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, did not properly sanitize HTML messages. This would allow an attacker to perform Cross-Side Scripting (XSS) attacks.
3cfd37c51848a3388ff17f5e35ac72a031f6545fee19d28d0c674f22610b9162Debian Linux Security Advisory 5038-1 - Multiple security issues were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which could result in denial of service and potentially the execution of arbitrary code if malformed document files are processed.
8118539f74ac5b1e783e259df9494968eea591d2544d8258e7061f42b0b5d591Debian Linux Security Advisory 5039-1 - Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform SQL injection, run unchecked SQL queries, bypass hardening, or perform Cross-Site Scripting (XSS) attacks.
01b9104ccc078857a13fed75219322b0d655fb12af3483b26cde82257f6685dbDebian Linux Security Advisory 5040-1 - An out-of-bounds memory access was discovered in the mod_extforward plugin of the lighttpd web server, which may result in denial of service.
6ae0bee24b3fa0261c1a634e286b84e2ba07b194259137498d04562447491d39Debian Linux Security Advisory 5041-1 - Multiple vulnerabilities were discovered in Cloudflare's RPKI validator, which could result in denial of service or path traversal.
6501077000a8d7bd5cc465108de012893b05f400bec7e3756eb05f619b4e0f8eDebian Linux Security Advisory 5042-1 - Several vulnerabities have been discovered in Epiphany, the GNOME web browser, allowing XSS attacks under certain circumstances.
c62d322224b9b05e638776dbec7bc7082e10acd4711c173697e1440ee7bc2bc7Debian Linux Security Advisory 5043-1 - It was discovered that lxml, a Python binding for the libxml2 and libxslt libraries, does not properly sanitize its input, which could lead to cross-site scripting.
a8d807e93d87d97831c28d5c6085137ec6ad160335517638fc8d0ced2399a762Debian Linux Security Advisory 5044-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure, denial of service or spoofing.
560f64730304476a176e996a67496011b5835e842e6b6ef286aa31f8deb5accbDebian Linux Security Advisory 5045-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.
b5b712bc121125bdb22fb4cf2c36ff6973f0177db9f91a2b20e7998299898929Debian Linux Security Advisory 5046-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
bb9f366b760a6c6afdd6c59a73dfdc4163b417c499cd3ff8ba9d81ad81409363Debian Linux Security Advisory 5047-1 - Matthew Wild discovered that the WebSockets code in Prosody, a lightweight Jabber/XMPP server, was susceptible to denial of service.
95cdcadfcf4eba53853e02e647597f523c879b6b5845f4c39e4c880f1236d1d1Debian Linux Security Advisory 5047-2 - The update for prosody released as DSA 5047 introduced a memory leak. Updated prosody packages are now available to correct this issue.
96fefb856e62efe68dbf8800998097d1e05192294bbb8fd7cd4c06ff1812acdaDebian Linux Security Advisory 5048-1 - It was discovered that the libreswan IPsec implementation could be forced into a crash/restart via a malformed IKEv1 packet, resulting in denial of service.
49b5b11108f21bf2ed5a8aae985a66461fe0fcad63e28569d5fec535337acfb8Debian Linux Security Advisory 5049-1 - Several vulnerabilities were discovered in Flatpak, an application deployment framework for desktop apps.
92ec776b2618348db8f0707414a1552a17ec2b3bdae5344ada8ee04019205861Debian Linux Security Advisory 5050-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
201719841d62e63a9df601bb25c6296f57bb40b4ff04b69e300f0b1ed9ce5c7aDebian Linux Security Advisory 5051-1 - David Bouman discovered a heap-based buffer overflow vulnerability in the base64 functions of aide, an advanced intrusion detection system, which can be triggered via large extended file attributes or ACLs. This may result in denial of service or privilege escalation.
a61c163f7b03440c5d765bd482bcb5fc8719b94025c7b95fcfc636fcd4f926f0Debian Linux Security Advisory 5052-1 - Matthias Gerstner reported that usbview, a USB device viewer, does not properly handle authorization in the PolicyKit policy configuration, which could result in root privilege escalation.
643051febab856ffac9ccdcc18dff94250a46b8c0bd2687c029cf265641f2a33Debian Linux Security Advisory 5053-1 - Multiple security issues were discovered in Pillow, a Python imaging library, which could result in denial of service and potentially the execution of arbitrary code if malformed images are processed.
eb7ee0a33ad69e4c691b935d8f2a4204687cfc23d003bc4762aeb0f5ca630d8aDebian Linux Security Advisory 5054-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
6f82b495f63180c01d24cf831eba2701af542e66b8a0a834e02ec9e6e6b01a81Debian Linux Security Advisory 5055-1 - The Qualys Research Labs discovered two vulnerabilities in util-linux's libmount. These flaws allow an unprivileged user to unmount other users' filesystems that are either world-writable themselves or mounted in a world-writable directory (CVE-2021-3996), or to unmount FUSE filesystems that belong to certain other users (CVE-2021-3995).
791b25c542fdcab603dca3ab8f37b4738bb5bc7396bcf1400359e043d9abc116Debian Linux Security Advisory 5056-1 - Zhuowei Zhang discovered a bug in the EAP authentication client code of strongSwan, an IKE/IPsec suite, that may allow to bypass the client and in some scenarios even the server authentication, or could lead to a denial-of-service attack.
3f01304d6e75047f0ba8731c0afaaf92022fb1926f6d750bfd56f791a114d336
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed