Debian LTS Linux Distribution
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
Several issues have been found in openvswitch, a production quality, multilayer, software-based, Ethernet virtual switch.
Alex Birnberg discovered a cross-site scripting (XSS) vulnerability in the Horde Application Framework, more precisely its Text Filter API. An attacker could take control of a user's mailbox by sending a crafted e-mail.
Several issues have been found in unrar-free, an unarchiver for .rar files. CVE-2017-14120
An issue has been found in libbsd, a library with utility functions from BSD systems. A non-NUL terminated symbol name in the string table might result in an
Several vulnerabilities were discovered in QEMU, a fast processor emulator (notably used in KVM and Xen HVM virtualization). An attacker could trigger a denial-of-service (DoS), information leak, and possibly execute arbitrary code with the privileges of the QEMU
Mechanize is an open-source Ruby library that makes automated web interaction easy. In Mechanize, from v2.0.0 until v2.7.7, there is a command injection vulnerability.
Busybox, utility programs for small and embedded systems, was affected by several security vulnerabilities. The Common Vulnerabilities and Exposures project identifies the following issues.
xterm through Patch #365 allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted UTF-8 character sequence.
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
Several security vulnerabilities have been corrected in unbound, a validating, recursive, caching DNS resolver. Support for the unbound DNS server has been resumed, the sources can be found in the unbound1.9 source package.
Roman Fiedler discovered a vulnerability in the OverlayFS code in firejail, a sandbox program to restrict the running environment of untrusted applications, which could result in root privilege escalation. This update disables OverlayFS support in firejail.
Claudio Bozzato of Cisco Talos discovered an exploitable integer overflow vulnerability in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools. An integer overflow can occur while walking through tiles that could be exploited to corrupt memory and execute arbitrary code. In order
A remote information leak vulnerability and a remote buffer overflow vulnerability were discovered in ConnMan, a network manager for embedded devices, which could result in denial of service or the execution of
Two issues have been found in slirp, a SLIP/PPP emulator using a dial up shell account.
Various overflow errors were identified and fixed. CVE-2020-27814
CVE-2020-0256 In LoadPartitionTable of gpt.cc, there is a possible out of bounds write due to a missing bounds check. This
Multiple vulnerabilites were discovered in privoxy, a privacy enhancing HTTP proxy, like memory leaks, dereference of a NULL-pointer, et al.
Several vulnerabilities were fixed in Wireshark, a network sniffer. CVE-2019-13619
CVE-2020-8695 Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to
CVE-2020-8020 An improper neutralization of input during web page generation vulnerability in open-build-service allows remote attackers to