Debian LTS Linux Distribution - Page 7.75
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
It was discovered that there was a potential buffer overflow in strongswan, a IPsec-based VPN (Virtual Private Network) server. A vulnerability related to processing public Diffie-Hellman key
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information leaks or clickjacking.
A vulnerability was found in GnuTLS, a secure communications library, which may facilitate a timing attack to compromise a cryptographic system. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding. Only
Multiple vulnerabilities were fixed in GIMP, the GNU Image Manipulation Program. CVE-2022-30067
Several security vulnerabilities have been discovered in Wordpress, a popular content management framework, which may lead to exposure of sensitive information to an unauthorized actor in WordPress or allowing unauthenticated attackers to discern the email addresses of users who have published public
Several security vulnerabilities have been discovered in ActiveMQ, a Java message broker. CVE-2020-13920
A flaw was discovered in Netty, a Java NIO client/server socket framework. The HTTP/2 protocol implementation allowed a denial of service (server resource consumption) because request cancellation can reset many streams quickly. This problem is also known as Rapid Reset Attack.
A buffer overflow vulnerability has been found in lwip, a small independent implementation of the TCP/IPv4/IPv6 protocol suite, which allows an attacker to access information via a crafted ICMPv6 package. This vulnerability has been assigned CVE-2020-22283.
Debian Bug : 1001062 1021659 Multiple vulnerabilties have been found in freelrdp2, a free implementation of the Remote Desktop Protocol (RDP). The vulnerabilties potentially allows
A buffer overflow was found in the RAR code used by libclamunrar, which could result in arbitrary code execution when processing malicious RAR archives.
It was discovered that there was a potential cross-site scripting (XSS) in ruby-sanitize, a whitelist-based HTML sanitizer. Using carefully crafted input, an attacker may have be able to sneak
Several vulnerabilities have been discovered in the PostgreSQL database system. CVE-2023-5868
The audiofile library allows the processing of audio data to and from audio files of many common formats (currently AIFF, AIFF-C, WAVE, NeXT/Sun, BICS, and raw data).
It was discovered that python-urllib3, a user-friendly HTTP client library for Python, did not remove the HTTP request body when an HTTP redirect response using status 301, 302, or 303 after the request had its method changed from one that could accept a request body, like POST,
It was discovered that there was a race condition in Tang, a network-based cryptographic binding server. This flaw resulted in a small time window whereby newly-generated private keys were readable by other processes on the same machine.
The recent update of jetty9, released as DLA 3641-1, caused a regression in PuppetDB, a major component of Puppet that helps you manage and automate the configuration of servers. More specifically another package, trapperkeeper- webserver-jetty9-clojure, still used the deprecated SslContextFactory class
Two vulnerabilities were fixed in Apache Traffic Server, a reverse and forward proxy server. CVE-2023-41752
It was discovered there was a potential remote code execution vulnerability in phppgadmin, a web-based administration tool for the PostgreSQL database server. This issue concerned the deserialisation of untrusted data which may have led to remote code execution because
It was discovered that there was an arbitrary file overwrite vulnerability in pmix, a library used in parallel/cluster computing. Attackers could have obtained ownership of arbitrary files via a