Debian Linux Distribution - Page 9
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine. CVE-2023-28709
Multiple security issues were discovered in MediaWiki, a website engine for collaborative work, which could result in cross-site scripting, denial of service or information disclosure
Maxim Suhanov discovered multiple vulnerabilities in GURB2's code to handle NTFS filesystems, which may result in a Secure Boot bypass. For the oldstable distribution (bullseye), these problems have been fixed
It was discovered that missing input sanitising in the encoding support in libvpx, a multimedia library for the VP8 and VP9 video codecs, may result in denial of service.
Multiple security vulnerabilities were discovered in libx11, the X11 client-side library, which may result in denial of service or the execution of arbitrary code.
Multiple security vulnerabilities were discovered in libxpm, the X11 pixmap library, which may result in denial of service or the execution of arbitrary code.
A security issue was discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
The Qualys Research Labs discovered a buffer overflow in the dynamic loader's processing of the GLIBC_TUNABLES environment variable. An attacker can exploit this flaw for privilege escalation.
Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code. Debian follows the Thunderbird upstream releases. Support for the
Several vulnerabilities were discovered in Exim, a mail transport agent, which could result in remote code execution if the EXTERNAL or SPA/NTLM authenticators are used.
Several security vulnerabilities have been discovered in mosquitto, a MQTT compatible message broker, which may be abused for a denial of service attack. CVE-2021-34434
Clement Lecigne discovered a heap-based buffer overflow in libvpx, a multimedia library for the VP8 and VP9 video codecs, which may result in the execution of arbitrary code if a specially crafted VP8 media stream is processed.
A buffer overflow in VP8 media stream processing has been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.
Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
Multiple security vulnerabilities were found in Jetty, a Java based web server and servlet engine. The org.eclipse.jetty.servlets.CGI class has been deprecated. It is potentially
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code
Matteo Memelli reported an out-of-bounds read flaw when parsing CDP addresses in lldpd, an implementation of the IEEE 802.1ab (LLDP) protocol. A remote attacker can take advantage of this flaw to cause a denial of service via a specially crafted CDP PDU packet.
Several vulnerabilities were discovered in BIND, a DNS server implementation. CVE-2023-3341
Multiple security issues were discovered in Netatalk, an implementation of the Apple Filing Protocol (AFP) for offering file service (mainly) to macOS clients, which may result in the execution of arbitrary code or information disclosure.
Multiple security vulnerabilities have been found in xrdp, a remote desktop protocol server. Buffer overflows and out-of-bound writes may cause a denial of service or other unspecified impact.