Debian LTS Linux Distribution - Page 5.5
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
prometheus-alertmanager package, a component of Prometheus, an application used for event monitoring and alerting, was vulnerable to stored XSS type attack.
It has been found that the update of freerdp2 (see DLA-3606-1) exposed a bug in vinagre, which causes crashes and breaks RDP connections with the symtoms of hangs and black screens.
It has been found that the update of freerdp2 (see DLA-3606-1) exposed a bug in gnome-boxes, which breaks RDP connections with the symtoms of hangs and black screens.
Multiple vulnerabilties have been found in freelrdp2, a free implementation of the Remote Desktop Protocol (RDP). The vulnerabilties potentially allows buffer overreads, buffer overflows, interger overflows, use-after-free, DoS vectors.
A couple of security issues were reported in grub2 package, which is GRand Unified Bootloader v2, that could cause out-of-bounds write and heap-based buffer overflow.
Multiple issues were discovered in qemu, a fast processor emulator. CVE-2020-24165
Several vulnerabilities were found in libXpm, the X Pixmap (XPM) image library. CVE-2023-43786
Several vulnerabilities were found in libx11, the X11 client-side library. CVE-2023-43785
A SQL Injection vulnerability was found in PostgreSQL, an object-relational SQL database management system. An extension script is vulnerable if it uses @extowner@, @extschema@,
Several vulnerabilities were discovered in Exim, a mail transport agent, which could result in remote code execution if the SPA/NTLM authenticators are used.
Two buffer overflow vulnerabilities were found in libvpx, a multimedia library for the VP8 and VP9 video codecs, which could result in the execution of arbitrary code if a specially crafted VP8 or VP9 media stream is processed.
A security vulnerability was found in the Open VMware Tools. A malicious actor that has been granted Guest Operation Privileges in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias.
Intel® released the INTEL-SA-00766 advisory about potential security vulnerabilities in some Intel® PROSet/Wireless WiFi and Killer⢠WiFi products may allow escalation of privilege or denial of service. The full advisory is available at [1]
Several cases of improper input validation were fixed in Apache Traffic Server, a reverse and forward proxy server. For Debian 10 buster, these problems have been fixed in version
Two issues have been found in cups, the Common UNIX Printing System(tm). CVE-2023-4504
Several vulnerabilities were fixed in gerbv, a viewer for the Gerber format for printed circuit board (PCB) design. CVE-2021-40393
Multiple security vulnerabilities were found in Jetty, a Java based web server and servlet engine. The org.eclipse.jetty.servlets.CGI class has been deprecated. It is potentially
A buffer overflow in VP8 media stream processing has been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.
Security issues were discovered in python-reportlab, a Python library for generating PDFs and graphics, which could lead to remote code execution or authorization bypass.
Santos Gallegos discovered a blind local file inclusion in python-git, a Python library to interact with Git repositories, which could lead to denial of service or potentially information disclosure.