Letzte Aktivitäten

Package : apache2

CVE ID : CVE-2024-36387 CVE-2024-38473 CVE-2024-38474 CVE-2024-38475

CVE-2024-38476 CVE-2024-38477 CVE-2024-39573



Multiple vulnerabilities have been discovered in the Apache HTTP server, which may result in authentication…

Package : exim4

CVE ID : CVE-2024-39929

Debian Bug : 1075785



Phillip Szelat discovered that Exim, a mail transport agent, does not properly parse a multiline RFC 2231 header filename, allowing a remote attacker to bypass a $mime_filename…

Package : firefox-esr

CVE ID : CVE-2024-6601 CVE-2024-6602 CVE-2024-6603 CVE-2024-6604



Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or…

Package : krb5

CVE ID : CVE-2024-37370 CVE-2024-37371



Two vulnerabilities were discovered in the GSS message token handling in krb5, the MIT implementation of Kerberos. An attacker can take advantage of these flaws to bypass integrity…

Package : znc

CVE ID : CVE-2024-39844

Debian Bug : 1075729



Johannes Kuhn discovered that messages and channel names are not properly escaped in the modtcl module in ZNC, a IRC bouncer, which could result in remote code execution via…

Package : openssh

CVE ID : CVE-2024-6387



The Qualys Threat Research Unit (TRU) discovered that OpenSSH, an implementation of the SSH protocol suite, is prone to a signal handler race condition. If a client does not authenticate within…

Package : plasma-workspace

CVE ID : CVE-2024-36041



Fabian Vogt discovered that the KDE session management server insufficiently restricted ICE connections from localhost, which could allow a local attacker to execute arbitrary code as…

Package : libvpx

CVE ID : CVE-2024-5197



It was discovered that multiple integer overflows in libvpx, a multimedia library for the VP8 and VP9 video codecs, may result in denial of service and potentially the execution of arbitrary code.

For…

Package : ffmpeg

CVE ID : CVE-2022-48434 CVE-2023-50010 CVE-2023-51793

CVE-2023-51794 CVE-2023-51798



Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the…

Package : chromium

CVE ID : CVE-2024-6290 CVE-2024-6291 CVE-2024-6292 CVE-2024-6293



Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.



For the…

Package : emacs

CVE ID : CVE-2024-39331

Debian Bug : 1074137



It was discovered that Emacs is prone to arbitrary shell code evaluation when opening a specially crafted Org file.



This update includes updates pending for the upcoming point…

Package : org-mode

CVE ID : CVE-2024-39331

Debian Bug : 1074136



It was discovered that Org Mode for Emacs is prone to arbitrary shell code evaluation when opening a specially crafted Org file.



This update includes updates pending for the…

Package : composer



The update for composer released as DSA 5715 introduced a regression in the handling of git feature branches. Updated composer packages are now available to address this issue.



For the oldstable distribution (bullseye), these…

Package : php8.2

CVE ID : CVE-2024-5458



It was discovered that user validation was incorrectly implemented for filter_var(FILTER_VALIDATE_URL).



For the stable distribution (bookworm), this problem has been fixed in version 8.2.20-1~deb12u1.



We…

Package : chromium

CVE ID : CVE-2024-6100 CVE-2024-6101 CVE-2024-6102 CVE-2024-6103



Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.



For the…

Package : composer

CVE ID : CVE-2024-35241 CVE-2024-35242



Two vulnerabilities have been discovered in Composer, a dependency manager for PHP, which could result in arbitrary command execution by operating on malicious git/hg repositories.



For…

Package : roundcube

CVE ID : CVE-2024-37383 CVE-2024-37384

Debian Bug : 1071474



Huy Nguyễn Phạm Nhật, and Valentin T. and Lutz Wolf of CrowdStrike, discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers,…

Package : libndp

CVE ID : CVE-2024-5564



A buffer overflow was discovered in libndp, a library implementing the

IPv6 Neighbor Discovery Protocol (NDP), which could result in denial of service or potentially the execution of arbitrary code if…

Package : ffmpeg

CVE ID : CVE-2023-50010 CVE-2023-51793 CVE-2023-51794

CVE-2023-51795 CVE-2023-51798 CVE-2024-31585



Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or…

Package : thunderbird

CVE ID : CVE-2024-5688 CVE-2024-5690 CVE-2024-5691 CVE-2024-5693

CVE-2024-5696 CVE-2024-5700 CVE-2024-5702



Multiple security issues were discovered in Thunderbird, which could result inthe execution of arbitrary code.



For…