-
Operating System: Ubuntu ≈ Packet Storm
Apr 30, 2024 | 15:53 pm
Ubuntu Security Notice 6761-1 - It was discovered that Anope did not properly process credentials for suspended accounts. An attacker could possibly use this issue to normally login to the platform as a suspended user after changing their password.
Read more...
-
Operating System: Ubuntu ≈ Packet Storm
Apr 30, 2024 | 15:52 pm
Ubuntu Security Notice 6757-1 - It was discovered that PHP incorrectly handled PHP_CLI_SERVER_WORKERS variable. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS.[…]
Read more...
-
Operating System: Ubuntu ≈ Packet Storm
Apr 29, 2024 | 14:52 pm
Ubuntu Security Notice 6744-3 - USN-6744-1 fixed a vulnerability in Pillow. This update provides the corresponding updates for Ubuntu 24.04 LTS. Hugo van Kemenade discovered that Pillow was not properly performing bounds checks when processing an ICC file, which could[…]
Read more...
-
Operating System: Ubuntu ≈ Packet Storm
Apr 29, 2024 | 14:51 pm
Ubuntu Security Notice 6733-2 - USN-6733-1 fixed vulnerabilities in GnuTLS. This update provides the corresponding updates for Ubuntu 24.04 LTS. It was discovered that GnuTLS had a timing side-channel when performing certain ECDSA operations. A remote attacker could possibly use[…]
Read more...
-
Operating System: Ubuntu ≈ Packet Storm
Apr 29, 2024 | 14:48 pm
Ubuntu Security Notice 6718-3 - USN-6718-1 fixed vulnerabilities in curl. This update provides the corresponding updates for Ubuntu 24.04 LTS. Dan Fandrich discovered that curl would incorrectly use the default set of protocols when a parameter option disabled all protocols[…]
Read more...
-
Operating System: Ubuntu ≈ Packet Storm
Apr 29, 2024 | 14:47 pm
Ubuntu Security Notice 6756-1 - It was discovered that less mishandled newline characters in file names. If a user or automated system were tricked into opening specially crafted files, an attacker could possibly use this issue to execute arbitrary commands[…]
Read more...
-
Operating System: Ubuntu ≈ Packet Storm
Apr 29, 2024 | 14:46 pm
Ubuntu Security Notice 6755-1 - Ingo Brückl discovered that cpio contained a path traversal vulnerability. If a user or automated system were tricked into extracting a specially crafted cpio archive, an attacker could possibly use this issue to write arbitrary[…]
Read more...
-
Operating System: Ubuntu ≈ Packet Storm
Apr 26, 2024 | 15:13 pm
Ubuntu Security Notice 6753-1 - Thomas Neil James Shadwell discovered that CryptoJS was using an insecure cryptographic default configuration. A remote attacker could possibly use this issue to expose sensitive information.
Read more...
-
Operating System: Ubuntu ≈ Packet Storm
Apr 26, 2024 | 15:12 pm
Ubuntu Security Notice 6752-1 - It was discovered that FreeRDP incorrectly handled certain memory operations. If a user were tricked into connecting to a malicious server, a remote attacker could possibly use this issue to cause FreeRDP to crash, resulting[…]
Read more...
-
Operating System: Ubuntu ≈ Packet Storm
Apr 25, 2024 | 14:28 pm
Ubuntu Security Notice 6750-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain[…]
Read more...
-
Operating System: Ubuntu ≈ Packet Storm
Apr 25, 2024 | 14:27 pm
Ubuntu Security Notice 6743-3 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
Read more...
-
Operating System: Ubuntu ≈ Packet Storm
Apr 25, 2024 | 14:26 pm
Ubuntu Security Notice 6657-2 - USN-6657-1 fixed several vulnerabilities in Dnsmasq. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered that Dnsmasq incorrectly handled validating[…]
Read more...
-
Operating System: Ubuntu ≈ Packet Storm
Apr 25, 2024 | 14:25 pm
Ubuntu Security Notice 6749-1 - It was discovered that FreeRDP incorrectly handled certain context resets. If a user were tricked into connecting to a malicious server, a remote attacker could use this issue to cause FreeRDP to crash, resulting in[…]
Read more...
-
Operating System: Ubuntu ≈ Packet Storm
Apr 24, 2024 | 15:20 pm
Ubuntu Security Notice 6747-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains,[…]
Read more...
-
Operating System: Ubuntu ≈ Packet Storm
Apr 24, 2024 | 15:19 pm
Ubuntu Security Notice 6742-2 - Daniele Antonioli discovered that the Secure Simple Pairing and Secure Connections pairing in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials. A physically proximate attacker placed between two Bluetooth[…]
Read more...
-
Operating System: Ubuntu ≈ Packet Storm
Apr 23, 2024 | 16:02 pm
Ubuntu Security Notice 6746-1 - It was discovered that Google Guest Agent and Google OS Config Agent incorrectly handled certain JSON files. An attacker could possibly use this issue to cause a denial of service.
Read more...
-
Operating System: Ubuntu ≈ Packet Storm
Apr 23, 2024 | 15:58 pm
GitKraken GitLens versions prior to 14.0.0 allow an untrusted workspace to execute git commands. A repo may include its own .git folder including a malicious config file to execute arbitrary code. Tested against VSCode 1.87.2 with GitLens 13.6.0 on Ubuntu[…]
Read more...