Debian LTS Linux Distribution - Page 8
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
Multiple vulnerabilities were fixed in GIMP, the GNU Image Manipulation Program. CVE-2022-30067
Several security vulnerabilities have been discovered in Wordpress, a popular content management framework, which may lead to exposure of sensitive information to an unauthorized actor in WordPress or allowing unauthenticated attackers to discern the email addresses of users who have published public
Several security vulnerabilities have been discovered in ActiveMQ, a Java message broker. CVE-2020-13920
A flaw was discovered in Netty, a Java NIO client/server socket framework. The HTTP/2 protocol implementation allowed a denial of service (server resource consumption) because request cancellation can reset many streams quickly. This problem is also known as Rapid Reset Attack.
A buffer overflow vulnerability has been found in lwip, a small independent implementation of the TCP/IPv4/IPv6 protocol suite, which allows an attacker to access information via a crafted ICMPv6 package. This vulnerability has been assigned CVE-2020-22283.
Debian Bug : 1001062 1021659 Multiple vulnerabilties have been found in freelrdp2, a free implementation of the Remote Desktop Protocol (RDP). The vulnerabilties potentially allows
A buffer overflow was found in the RAR code used by libclamunrar, which could result in arbitrary code execution when processing malicious RAR archives.
It was discovered that there was a potential cross-site scripting (XSS) in ruby-sanitize, a whitelist-based HTML sanitizer. Using carefully crafted input, an attacker may have be able to sneak
Several vulnerabilities have been discovered in the PostgreSQL database system. CVE-2023-5868
The audiofile library allows the processing of audio data to and from audio files of many common formats (currently AIFF, AIFF-C, WAVE, NeXT/Sun, BICS, and raw data).
It was discovered that python-urllib3, a user-friendly HTTP client library for Python, did not remove the HTTP request body when an HTTP redirect response using status 301, 302, or 303 after the request had its method changed from one that could accept a request body, like POST,
It was discovered that there was a race condition in Tang, a network-based cryptographic binding server. This flaw resulted in a small time window whereby newly-generated private keys were readable by other processes on the same machine.
The recent update of jetty9, released as DLA 3641-1, caused a regression in PuppetDB, a major component of Puppet that helps you manage and automate the configuration of servers. More specifically another package, trapperkeeper- webserver-jetty9-clojure, still used the deprecated SslContextFactory class
Two vulnerabilities were fixed in Apache Traffic Server, a reverse and forward proxy server. CVE-2023-41752
It was discovered there was a potential remote code execution vulnerability in phppgadmin, a web-based administration tool for the PostgreSQL database server. This issue concerned the deserialisation of untrusted data which may have led to remote code execution because
It was discovered that there was an arbitrary file overwrite vulnerability in pmix, a library used in parallel/cluster computing. Attackers could have obtained ownership of arbitrary files via a
A vulnerability has been identified in h2o, a high-performance web server with support for HTTP/2. A security vulnerability CVE-2023-44487 was discovered that could potentially
Multiple vulnerabilities have been discovered in Request Tracker, an extensible trouble-ticket tracking system. CVE-2023-41259
Two remotely exploitable security vulnerabilities were discovered in Jetty 9, a Java based web server and servlet engine. The HTTP/2 protocol implementation did not sufficiently verify if HPACK header