Letzte Aktivitäten

Package : pillow

CVE ID : CVE-2022-22815 CVE-2022-22816 CVE-2022-22817


Multiple security issues were discovered in Pillow, a Python imaging library, which could result in denial of service and potentially the execution of arbitrary code if…

Package : usbview

CVE ID : CVE-2022-23220


Matthias Gerstner reported that usbview, a USB device viewer, does not properly handle authorization in the PolicyKit policy configuration, which could result in root privilege escalation.


For the…

Package : aide

CVE ID : CVE-2021-45417


David Bouman discovered a heap-based buffer overflow vulnerability in the base64 functions of aide, an advanced intrusion detection system, which can be triggered via large extended file attributes or…

Package : linux

CVE ID : CVE-2021-4155 CVE-2021-28711 CVE-2021-28712 CVE-2021-28713

CVE-2021-28714 CVE-2021-28715 CVE-2021-39685 CVE-2021-45095

CVE-2021-45469 CVE-2021-45480 CVE-2022-0185 CVE-2022-23222

Debian Bug : 988044 996974


Several…

Package : flatpak

CVE ID : CVE-2021-43860 CVE-2022-21682


Several vulnerabilities were discovered in Flatpak, an application deployment framework for desktop apps.


CVE-2021-43860


Ryan Gonzalez discovered that Flatpak didn't properly validate

…

Package : libreswan

CVE ID : CVE-2022-23094


It was discovered that the libreswan IPsec implementation could be forced into a crash/restart via a malformed IKEv1 packet, resulting in denial of service.


For the stable distribution (bullseye),…

Package : prosody

CVE ID : CVE-2022-0217


Matthew Wild discovered that the WebSockets code in Prosody, a lightweight Jabber/XMPP server, was susceptible to denial of service.


For the oldstable distribution (buster), this problem has been fixed…

Package : chromium

CVE ID : CVE-2021-4052 CVE-2021-4053 CVE-2021-4054 CVE-2021-4055

CVE-2021-4056 CVE-2021-4057 CVE-2021-4058 CVE-2021-4059

CVE-2021-4061 CVE-2021-4062 CVE-2021-4063 CVE-2021-4064

CVE-2021-4065 CVE-2021-4066 CVE-2021-4067…

Package : thunderbird

CVE ID : CVE-2021-4140 CVE-2022-22737 CVE-2022-22738 CVE-2022-22739

CVE-2022-22740 CVE-2022-22741 CVE-2022-22742 CVE-2022-22743

CVE-2022-22745 CVE-2022-22747 CVE-2022-22748 CVE-2022-22751


Multiple security issues were…

Package : firefox-esr

CVE ID : CVE-2021-4140 CVE-2022-22737 CVE-2022-22738 CVE-2022-22739

CVE-2022-22740 CVE-2022-22741 CVE-2022-22742 CVE-2022-22743

CVE-2022-22745 CVE-2022-22747 CVE-2022-22748 CVE-2022-22751


Multiple security issues have…

Package : lxml

CVE ID : CVE-2021-43818

Debian Bug : 1001885


It was discovered that lxml, a Python binding for the libxml2 and libxslt libraries, does not properly sanitize its input, which could lead to cross-site scripting.


For the…

Package : epiphany-browser

CVE ID : CVE-2021-45085 CVE-2021-45086 CVE-2021-45087 CVE-2021-45088


Several vulnerabities have been discovered in Epiphany, the GNOME web browser, allowing XSS attacks under certain circumstances.


For the stable…

Package : cfrpki

CVE ID : CVE-2021-3761 CVE-2021-3907 CVE-2021-3908 CVE-2021-3909

CVE-2021-3910 CVE-2021-3911 CVE-2021-3912 CVE-2021-43173

CVE-2021-43174


Multiple vulnerabilities were discovered in Cloudflare's RPKI validator, which could…

Package : lighttpd

CVE ID : CVE-2022-22707


An out-of-bounds memory access was discovered in the mod_extforward plugin of the lighttpd web server, which may result in denial of service.


For the oldstable distribution (buster), this problem has…

Package : wordpress

CVE ID : CVE-2022-21661 CVE-2022-21662 CVE-2022-21663 CVE-2022-21664

Debian Bug : 1003243


Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform SQL…

Package : ghostscript

CVE ID : CVE-2021-45944 CVE-2021-45949


Multiple security issues were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which could result in denial of service and potentially the execution of arbitrary code…

Package : roundcube

CVE ID : CVE-2021-46144

Debian Bug : 1003027


It was discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, did not properly sanitize HTML messages. This would allow an attacker to perform…

Package : sphinxsearch

CVE ID : CVE-2020-29050


It was discovered that sphinxsearch, a fast standalone full-text SQL search engine, could allow arbitrary files to be read by abusing a configuration option.


For the oldstable distribution…

Package : apache2

CVE ID : CVE-2021-44224 CVE-2021-44790


Two vulnerabilities have been discovered in the Apache HTTP server:


CVE-2021-44224


When operating as a forward proxy, Apache was depending on the setup

suspectible to denial of service or…

Package : thunderbird

CVE ID : CVE-2021-4126 CVE-2021-38496 CVE-2021-38500 CVE-2021-38502

CVE-2021-38503 CVE-2021-38504 CVE-2021-38506 CVE-2021-38507

CVE-2021-38508 CVE-2021-38509 CVE-2021-43528 CVE-2021-43529

CVE-2021-43534 CVE-2021-43535…