💾 Archived View for data.konfusator.de › feeds › dsa.gmi captured on 2023-09-28 at 15:49:58. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2023-09-08)
-=-=-=-=-=-=-
Zuletzt aktualisiert: 2023-09-26T11:40:43+00:00
2023-09-25
Matteo Memelli reported an out-of-bounds read flaw when parsing CDP
addresses in lldpd, an implementation of the IEEE 802.1ab (LLDP)
protocol. A remote attacker can take advantage of this flaw to cause a
denial of service via a specially crafted CDP PDU packet.
2023-09-22
Several vulnerabilities were discovered in BIND, a DNS server
implementation.
2023-09-20
Multiple security issues were discovered in Netatalk, an implementation
of the Apple Filing Protocol (AFP) for offering file service (mainly) to
macOS clients, which may result in the execution of arbitrary code or
information disclosure.
2023-09-18
Multiple security vulnerabilities have been found in xrdp, a remote desktop
protocol server. Buffer overflows and out-of-bound writes may cause a denial of
service or other unspecified impact.
2023-09-18
Mickael Karatekin discovered that the GNOME session locking didn't
restrict a keyboard shortcut used for taking screenshots in GNOME
Screenshot which could result in information disclosure.
2023-09-18
A buffer overflow was discovered in flac, a library handling Free
Lossless Audio Codec media, which could potentially result in the
execution of arbitrary code.
2023-09-18
Multiple security issues were discovered in Chromium, which could result
in the execution of arbitrary code, denial of service or information
disclosure.
2023-09-15
A buffer overflow in parsing WebP images may result in the execution of
arbitrary code.
2023-09-13
A buffer overflow in parsing WebP images may result in the execution of
arbitrary code.
2023-09-13
A buffer overflow in parsing WebP images may result in the execution of
arbitrary code.
2023-09-11
Multiple vulnerabilities were discovered in frr, the FRRouting suite of
internet protocols, while processing malformed requests and packets the BGP
daemon may have reachable assertions, NULL pointer dereference, out-of-bounds
memory access, which may lead to denial of service attack.
2023-09-10
Several NULL pointer dereference flaws were discovered in Mutt, a
text-based mailreader supporting MIME, GPG, PGP and threading, which may
result in denial of service (application crash) when viewing a specially
crafted email or when composing from a specially crafted draft message.
2023-09-10
Two security issues have been discovered in the Open VMware Tools, which
may result in a man-in-the-middle attack or authentication bypass.
2023-09-09
Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.
2023-09-07
Multiple security issues were discovered in Chromium, which could result
in the execution of arbitrary code, denial of service or information
disclosure.
2023-09-06
Multiple security vulnerabilities have been discovered in aom, the AV1 Video
Codec Library. Buffer overflows, use-after-free and NULL pointer dereferences
may cause a denial of service or other unspecified impact if a malformed
multimedia file is processed.
2023-09-04
A buffer overflow was found in file, a file type classification tool,
which may result in denial of service if a specially crafted file is
processed.
2023-09-03
Multiple security issues were discovered in Thunderbird, which could
result in denial of service or the execution of arbitrary code.
2023-08-31
A security issue was discovered in Chromium, which could result in the
execution of arbitrary code.
2023-08-30
An invalid memory access was discovered in json-c, a JSON library
which could result in denial of service.
2023-08-30
Multiple security issues have been found in the Mozilla Firefox
web browser, which could potentially result in the execution
of arbitrary code.
2023-08-27
Zac Sims discovered a directory traversal in the URL decoder of librsvg,
a SAX-based renderer library for SVG files, which could result in read
of arbitrary files when processing a specially crafted SVG file with an
XInclude element.
════════════════════════
Skriptlauf: 2023-09-28T21:32:02