Using a specially-crafted repository, Git can be tricked into using its local clone optimization even when using a non-local transport. Though Git will abort local clones whose source $GIT_DIR/objects directory contains symbolic links, the objects directory itself may still be a symbolic link. These two may be combined to include arbitrary files based on known paths on the
The password_verify() function may accept some invalid Blowfish hashes as valid. If such invalid hash ever ends up in the password database, it may lead to an application allowing any password for this entry as valid. (CVE-2023-0567) The core path resolution function allocates a buffer one byte too small.
Client memory disclosure when connecting, with Kerberos, to modified server. (CVE-2022-41862) References: - https://bugs.mageia.org/show_bug.cgi?id=31531
Integer Overflow or Wraparound vulnerability in apr_encode functions of Apache Portable Runtime (APR) allows an attacker to write beyond bounds of a buffer. (CVE-2022-24963) References:
Arbitrary code execution when loading configuration files (CVE-2022-39286) References: - https://bugs.mageia.org/show_bug.cgi?id=31156 - https://www.debian.org/lts/security/2022/dla-3195
When the host header does not match a configured host twisted.web.vhost.NameVirtualHost will return a NoResource resource which renders the Host header unescaped into the 404 response allowing HTML and script injection. (CVE-2022-39348)
Remote code execution, but requires user action to open a notebook. (CVE-2021-32797), and other bug fixes. References: - https://bugs.mageia.org/show_bug.cgi?id=30699
CVE-2019-13590: sox-fmt validation CVE-2021-3643 and CVE-2021-23210: voc validation CVE-2021-23159 and CVE-2021-23172: hcom validation CVE-2021-33844: wav validation CVE-2021-40426: sphere validation
Executed config files from the current working directory, which could result in cross-user attacks if run from a directory multiple users may write to. (CVE-2022-21699) References:
User Interface lockup with messages combining S/MIME and OpenPGP. (CVE-2023-0616) Content security policy leak in violation reports using iframes. (CVE-2023-25728)
An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled (CVE-2023-0767). The Content-Security-Policy-Report-Only header could allow an attacker to leak
Type confusion leading to arbitrary code execution using crafted web page (CVE-2023-23529) References: - https://bugs.mageia.org/show_bug.cgi?id=31555
HTTP multi-header compression denial of service. (CVE-2023-23916) References: - https://bugs.mageia.org/show_bug.cgi?id=31554 - https://curl.se/docs/CVE-2023-23916.html
nodejs qs before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node process hang for an Express application because an __ proto__ key can be used. In many typical Express use cases, an unauthenticated remote attacker can place the attack payload in the query string of the URL that is used to visit the application, such
Denial of service due to heap-based buffer overflow issue in UPX in PackTmt::pack() in p_tmt.cpp file. (CVE-2023-23456) Denial of service due to segmentation fault in UPX in PackLinuxElf64::invert_pt_dynamic() in p_lx_elf.cpp. (CVE-2023-23457)
Avoid unintentionally using binaries from CWD (CVE-2022-23853) Fix a possible DOS involving the Qt SQL ODBC driver plugin (CVE-2023-24607) Also fixes a regression that prevented Akonadi from working with kmail
Tss2_RC_SetHandler and Tss2_RC_Decode both index into layer_handler with an 8 bit layer number, but the array only has TPM2_ERROR_TSS2_RC_LAYER_COUNT entries, so trying to add a handler for higher-numbered layers or decode a response code with such a layer number reads/writes past the end of the buffer. (CVE-2023-22745)
Security fix for an XSS vulnerability in the drag-and-drop upload functionality (PMASA-2023-01) Additional bugfixes including - issue #17506 Fix error when configuring 2FA without XMLWriter or Imagick
Mark Esler and David Fernandez Gonzalez discovered that EditorConfig Core C incorrectly handled memory when handling certain inputs. An attacker could possibly use this issue to cause applications using EditorConfig Core C to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-0341)
Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2022-42826) (CVE-2023-23517) (CVE-2023-23518) References: - https://bugs.mageia.org/show_bug.cgi?id=31504
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
