Letzte Aktivitäten

Package : util-linux

CVE ID : CVE-2024-28085

Debian Bug : 1067849



Skyler Ferrante discovered that the wall tool from util-linux does not properly handle escape sequences from command line arguments. A local attacker can take advantage of…

Package : xz-utils

CVE ID : CVE-2024-3094



Andres Freund discovered that the upstream source tarballs for xz-utils, the XZ-format compression utilities, are compromised and inject malicious code, at build time, into the resulting liblzma5…

Package : chromium

CVE ID : CVE-2024-2625 CVE-2024-2626 CVE-2024-2627 CVE-2024-2628

CVE-2024-2629 CVE-2024-2630 CVE-2024-2631 CVE-2024-2883

CVE-2024-2885 CVE-2024-2886 CVE-2024-2887



Security issues were discovered in Chromium, which could…

Package : samba

CVE ID : CVE-2022-2127 CVE-2022-3437 CVE-2023-4091 CVE-2023-34966

CVE-2023-34967 CVE-2023-34968



Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix, which might result in…

Package : cacti

CVE ID : CVE-2023-39360 CVE-2023-39513 CVE-2023-49084 CVE-2023-49085

CVE-2023-49086 CVE-2023-49088 CVE-2023-50250 CVE-2023-50569

Debian Bug : 1059254



Multiple security vulnerabilities have been discovered in Cacti, a web…

Package : firefox-esr

CVE ID : CVE-2024-29944



Manfred Paul discovered a flaw in the Mozilla Firefox web browser, allowing an attacker to inject an event handler into a privileged object that would allow arbitrary JavaScript execution in the…

Package : thunderbird

CVE ID : CVE-2023-5388 CVE-2024-0743 CVE-2024-1936 CVE-2024-2607

CVE-2024-2608 CVE-2024-2610 CVE-2024-2611 CVE-2024-2612

CVE-2024-2614 CVE-2024-2616



Multiple security issues were discovered in Thunderbird, which could…

Package : firefox-esr

CVE ID : CVE-2023-5388 CVE-2024-0743 CVE-2024-2607 CVE-2024-2608

CVE-2024-2610 CVE-2024-2611 CVE-2024-2612 CVE-2024-2614

CVE-2024-2616



Multiple security issues have been found in the Mozilla Firefox web browser, which…

Package : pdns-recursor



One of the upstream changes in the update released as DSA 5626 contained a regression in the zoneToCache function. Updated pdns-recursor packages are available to correct this issue.



For the stable distribution (bookworm),…

Package : php-dompdf-svg-lib

CVE ID : CVE-2023-50251 CVE-2023-50252 CVE-2024-25117



Three security issues were discovered in php-svg-lib, a PHP library to read, parse and export to PDF SVG files, which could result in denial of service,…

Package : fontforge

CVE ID : CVE-2024-25081 CVE-2024-25082

Debian Bug : 1064967



It was discovered that fontforge, a font editor, is prone to shell command injection vulnerabilities when processing specially crafted files.



For the oldstable…

Package : composer

CVE ID : CVE-2024-24821

Debian Bug : 1063603



It was discovered that composer, a dependency manager for the PHP language, processed files in the local working directory. This could lead to local privilege escalation or…

Package : openvswitch

CVE ID : CVE-2023-3966 CVE-2023-5366

Debian Bug : 1063492



Two vulnerabilities were discovered in Open vSwitch, a software-based Ethernet virtual switch, which could result in a bypass of OpenFlow rules or denial of…

Package : chromium

CVE ID : CVE-2024-2400



Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.



For the stable distribution (bookworm), this problem…

Package : libuv1

CVE ID : CVE-2024-24806

Debian Bug : 1063484



It was discovered that the uv_getaddrinfo() function in libuv, an asynchronous event notification library, incorrectly truncated certain hostnames, which may result in bypass…

Package : squid

CVE ID : CVE-2023-46724 CVE-2023-46846 CVE-2023-46847 CVE-2023-49285

CVE-2023-49286 CVE-2023-50269 CVE-2024-23638 CVE-2024-25617

CVE-2023-46848 CVE-2024-25111

Debian Bug : 1055252 1054537 1055250 1055251 1058721



Several…

Package : chromium

CVE ID : CVE-2024-2173 CVE-2024-2174 CVE-2024-2176



Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.



For the stable…

Package : yard

CVE ID : CVE-2024-27285



Aviv Keller discovered that the frames.html file generated by YARD, a documentation generation tool for the Ruby programming language, was vulnerable to cross-site scripting.



For the oldstable…

Package : chromium

CVE ID : CVE-2024-1938 CVE-2024-1939



Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.



For the stable distribution…

Package : knot-resolver

CVE ID : CVE-2023-46317 CVE-2023-50387 CVE-2023-50868



It was discovered that malformed DNSSEC records within a DNS zone could result in denial of service against Knot Resolver, a caching, DNSSEC- validating DNS…