Debian Linux Security Advisory 5795-1 - Cedric Krier discovered that python-sql, a library to write SQL queries in a pythonic way, performed insufficient sanitizing which could result in SQL injection.
e6ae4b806618868271a568847282414626155e507e7451c60c2e232cc3aac875Debian Linux Security Advisory 5794-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service or information disclosure.
d38e317023dbf069ec3844471d1111a0cc4ddfa3e3de5ea812dcba5c6ee80347Debian Linux Security Advisory 5793-1 - Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.
a639a7d1289dbe3e7b752ce962df23b2b6678ccb48fe42b2380c790047568270Debian Linux Security Advisory 5792-1 - The following vulnerabilities have been discovered in the WebKitGTK web engine. Hafiizh and YoKo Kho discovered that visiting a malicious website may lead to address bar spoofing. Narendra Bhati discovered that a malicious website may exfiltrate data cross-origin.
6c18c5c48316e22ebdd4c277dc051b11216afc79e2f4ce344b61f3d3a8f4d3efDebian Linux Security Advisory 5791-1 - Elyas Damej discovered that a sandbox mechanism in ReportLab, a Python library to create PDF documents, could be bypassed which may result in the execution of arbitrary code when converting malformed HTML to a PDF document.
40f471c19c769dc43b6a721bbf7f55e00b564db69dcafda48f9c8375d8e96ac7Debian Linux Security Advisory 5790-1 - It was discovered that DOMPurify, a sanitizer for HTML, MathML and SVG was susceptible to nesting-based mXSS.
23913d3e979fc61eebe9070d04b073ddb60db7933133bb5fb757bcc16928b0f2Debian Linux Security Advisory 5789-1 - Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code.
e7fccad86bca93bda9c3bee7317c60c197d8f5c1e25808c962f2eea6506ee0a1Debian Linux Security Advisory 5788-1 - Damien Schaeffer discovered a use-after-free in the Mozilla Firefox web browser, which could result in the execution of arbitrary code.
71cf6e08a29d64dd05cec8da672d495e697c717f5050845adf6c9632bc54af0aDebian Linux Security Advisory 5787-1 - Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.
f4228d9be2e94b5178c0ed22259a02e549ea50feae6bfd6228876d967a2f1977Debian Linux Security Advisory 5729-2 - The fixes for CVE-2024-38474 and CVE-2024-39884 introduced two regressions in mod_rewrite and mod_proxy.
703eefdd0f2dd6fbb59ea885c38a5f69342264fef0c904ef54b8697717bf0ae6Debian Linux Security Advisory 5786-1 - Integer overflows flaws were discovered in the Compound Document Binary File format parser of libgsf, the GNOME Project G Structured File Library, which could result in the execution of arbitrary code if a specially crafted file is processed.
98c0d59e2d6c56f5374ef98a8c7336b85fff3f90be2ec312d6bc3af96e794ba8Debian Linux Security Advisory 5785-1 - Dom Walden discovered that the AbuseFilter extension in MediaWiki, a website engine for collaborative work, performed incomplete authorisation checks.
38742c4e799607f311ca3f650942c752a6b19f6597bc2e6819c3e789065b2193Debian Linux Security Advisory 5784-1 - Fabian Vogt reported that the PAM module in oath-toolkit, a collection of components to build one-time password authentication systems, does not safely perform file operations in users's home directories when using the usersfile feature (allowing to place the OTP state in the home directory of the to-be-authenticated user). A local user can take advantage of this flaw for root privilege escalation.
630b245f04eb1a7ff0cfa42251496c38ea3ce7b755c4c145ac3252c552e621aaDebian Linux Security Advisory 5783-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.
d6e973db117eecd0774e6df97f98106f30600a1abd447da40462c767ea65fcb3Debian Linux Security Advisory 5782-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
6b1995cd75513141f3e03b2f430413db5d1f10bd1835463af1502d9622c439b4Debian Linux Security Advisory 5781-1 - Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.
1ef039858c6f77289a0121b0f10830b4ab7779904de169e39eb4e8d6420d6fe6Debian Linux Security Advisory 5780-1 - Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in incorrect parsing of multipart/form-data, bypass of the cgi.force_direct directive or incorrect logging.
bfa3e5a0c7655d65e84e614bda3fc8f53d019f36e25c18e9829db943709ca29bDebian Linux Security Advisory 5779-1 - Simone Margaritelli reported that cups, the Common UNIX Printing System, does not properly sanitize IPP attributes when creating PPD files, which may result in the execution of arbitrary code.
83ecd659e56de14800ec1796cd224782a1142b21ab9254aa2e8f5a8461f8cfc3Debian Linux Security Advisory 5778-1 - Simone Margaritelli reported several vulnerabilities in cups-filters. Missing validation of IPP attributes returned from an IPP server and multiple bugs in the cups-browsed component can result in the execution of arbitrary commands without authentication when a print job is started.
5a1f56f676d00911fffdf604e18b71c26411856c8f03de47176c8199b8debba9Debian Linux Security Advisory 5777-1 - It was discovered that the Booth cluster ticket manager failed to correctly validate some authentication hashes.
e2ba56c0897ea23719114c79a7e1e668077245323fe2f33ce11a65f997355888Debian Linux Security Advisory 5776-1 - Albert Cervera discovered two missing authorisation checks in the Tryton application platform.
d8d4e782259fc7ccf5a546c723db85a3fbee2c67828b4a27c739de38071c2d8aDebian Linux Security Advisory 5775-1 - Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.
4ef90a203d4a92a51da2468a0cde68b6e452ea76592676b5c73bc801e84ae24fDebian Linux Security Advisory 5774-1 - It was discovered that ruby-saml, a SAML library implementing the client side of a SAML authorization, does not properly verify the signature of the SAML Response, which could result in bypass of authentication in an application using the ruby-saml library.
240177159ce0b76270aa0280d1ee5b1c3ee1ab29b2d1a466aa814c291e161d28Debian Linux Security Advisory 5773-1 - Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.
8898d709ae27812683b98775f6cd9542d1faa76d04a8943e6f4624dc1dd38dd4Debian Linux Security Advisory 5772-1 - Yufan You discovered that Libreoffice's handling of documents based on ZIP archives was susceptible to spoofing attacks when the repair mode attempts to address a malformed archive structure.
18dfdc4d2a3cb0f1b3ab7cdbfff7c30a72fd566aa85476c85c16480b7d706aa4
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed