Find the information you need for your favorite open source distribution .
Jonathan Schlue discovered a vulnerability in Salt, a powerful remote execution manager. A user who has control of the source, and source_hash URLs can gain full file system access as root on a salt minion.
Two issues have been found in netkit-rsh, client and server programs for remote shell connections. Due to insufficient input validation in path names sent by server, a
An issue has been found in axis, a SOAP implementation in Java. The issue is related to a cross-site scripting (XSS) attack in the default servlet/services.
Two issues have been found in atftp, an advanced TFTP client. Both are related to sending crafted requests to the server and triggering a denial-of-service due to for example a buffer overflow.
Several vulnerabilities were discovered in NTFS-3G, a read-write NTFS driver for FUSE. A local user can take advantage of these flaws for local root privilege escalation.
Multiple issues have been discovered in ffmpeg - tools for transcoding, streaming and playing of multimedia files. CVE-2020-20445
Jacob Champion discovered two vulnerabilities in the PostgreSQL database system, which could result in man-in-the-middle attacks. For Debian 9 stretch, these problems have been fixed in version
Several vulnerabilities were discovered in Icinga 2, a general-purpose monitoring application. An attacker could retrieve sensitive information such as service passwords and ticket salt by querying the web API, or by intercepting unsufficiently checked encrypted
Multiple security vulnerabilities have been discovered in Salt, a powerful remote execution manager, that allow for local privilege escalation on a minion, server side template injection attacks, insufficient checks for eauth credentials, shell and command injections or incorrect validation of
