OS: Arch
The package linux-zen before version 6.0.1.zen2-1 is vulnerable to multiple issues including arbitrary code execution, information disclosure and denial of service. |
The package linux-lts before version 5.15.73-3 is vulnerable to multiple issues including arbitrary code execution, information disclosure and denial of service. |
The package linux before version 6.0.1.arch2-1 is vulnerable to multiple issues including arbitrary code execution, information disclosure and denial of service. |
The package linux-hardened before version 5.19.15.hardened2-1 is vulnerable to multiple issues including arbitrary code execution, information disclosure and denial of service. |
OS: Scientific
This update upgrades Thunderbird to version 102.9.0. * Mozilla: Incorrect code generation during JIT compilation (CVE-2023-25751) * Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9 (CVE-2023-28176) * Mozilla: Potential out-of-bounds when accessing throttled streams (CVE-2023-25752) * Mozilla: Invalid downcast in Worklets (CVE-2023-28162) * Mozilla: URL being dragged fr [More...] |
openssl: X.400 address type confusion in X.509 GeneralName (CVE-2023-0286) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE SL7 x86_64 openssl-1.0.2k-26.el7_9.x86_64.rpm openssl-debuginfo-1.0.2k-26.el7_9.i686.rpm openssl-debuginfo-1.0.2k-26.el7_9.x86_64.rpm openssl-libs-1.0.2k- [More...] |
nss: Arbitrary memory write via PKCS 12 (CVE-2023-0767) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE SL7 x86_64 nss-3.79.0-5.el7_9.i686.rpm nss-3.79.0-5.el7_9.x86_64.rpm nss-debuginfo-3.79.0-5.el7_9.i686.rpm nss-debuginfo-3.79.0-5.el7_9.x86_64.rpm nss-sysinit-3.79.0-5.e [More...] |
This update upgrades Firefox to version 102.9.0 ESR. * Mozilla: Incorrect code generation during JIT compilation (CVE-2023-25751) * Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9 (CVE-2023-28176) * Mozilla: Potential out-of-bounds when accessing throttled streams (CVE-2023-25752) * Mozilla: Invalid downcast in Worklets (CVE-2023-28162) * Mozilla: URL being dragged fr [More...] |
OS: Gentoo
A vulnerability has been discovered in protobuf-java which could result in denial of service. |
Multiple vulnerabilities have been found in Alpine, the worst of which could result in denial of service. |
Multiple vulnerabilities have been discovered in liblouis, the worst of which could result in denial of service. |
A vulnerability has been discovered in Apache Commons Text which could result in arbitrary code execution. |
CVEMAP.ORG: Vulnerabilities & Exposures
OS: Ubuntu
Several security issues were fixed in graphviz. |
Several security issues were fixed in the Linux kernel. |
Several security issues were fixed in gif2apng. |
USN-5966-1 introduced a regression in amanda |
OS: Debian LTS
This update includes the changes in tzdata 2023b for the Perl bindings. For the list of changes, see DLA-3366-1. For Debian 10 buster, this problem has been fixed in version |
This update includes the changes in tzdata 2023b. Notable changes are: - - Egypt uses DST again, starting on April. |
One of the security fixes released as DLA 3315 introduced a regression in the processing WAV files with variable bitrate encoding. Updated sox packages are available to correct this issue. |
Multiple security issues were discovered in Thunderbird, which could result in denial of service, the execution of arbitrary code or spoofing. |
Exploit-DB.com
NIST Vulnerability Database
OS: CentOS
Upstream details at : https://access.redhat.com/errata/RHSA-2023:1332 |
Upstream details at : https://access.redhat.com/errata/RHSA-2023:1335 |
Upstream details at : https://access.redhat.com/errata/RHSA-2023:1333 |
Upstream details at : https://access.redhat.com/errata/RHSA-2023:1091 |
OS: Redhat
Red Hat OpenShift Service Mesh Containers for 2.3.2 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from |
An update is now available for Red Hat OpenShift GitOps 1.6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from |
An update is now available for Red Hat OpenShift GitOps 1.8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from |
An update is now available for Red Hat OpenShift GitOps 1.7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from |
OS: Slackware
New vim packages are available for Slackware 15.0 and -current to fix security issues. |
New curl packages are available for Slackware 14.0, 14.1, 14.2, 15.0, and -current to fix security issues. |
New openssh packages are available for Slackware 15.0 and -current to fix security issues. |
New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues. |
OS: OpenSuse
An update that fixes one vulnerability is now available. |
An update that fixes 11 vulnerabilities is now available. |
An update that solves one vulnerability and has one errata is now available. |
An update that fixes one vulnerability is now available. |
NIST Vulnerability Database
OS: Mageia
Incorrect code generation during JIT compilation. (CVE-2023-25751) Potential out-of-bounds when accessing throttled streams. (CVE-20223-25752) Invalid downcast in Worklets. (CVE-2023-28162) URL being dragged from a removed cross-origin iframe into the same tab triggered navigation. (CVE-2023-28164) |
If a malicious Flatpak app is run on a Linux virtual console such as /dev/tty1, it can copy text from the virtual console and paste it back into the virtual console's input buffer, from which the command might be run by the user's shell after the Flatpak app has exited. This is similar to CVE-2017-5226, but using the TIOCLINUX ioctl command instead |
In the MHD_PostProcessor, malformed inputs can be used to crash the server (for denial-of-service). References: - https://bugs.mageia.org/show_bug.cgi?id=31670 |
LibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948, allowing attackers to cause a denial-of-service via a crafted tiff file. (CVE-2022-4645) References: |
OS: Fedora
Update to 1.14.4 * Fix CVE-2023-28100 and CVE-2023-28101 |
Rebuild for CVE-20220-{3064,41717,41723} |
Rebuild for CVE-20220-{3064,41717,41723} |
Fix for CVE-2022-48303 |
OS: Debian
Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. |
Multiple vulnerabilities have been discovered in the Apache HTTP server, which may result in HTTP response splitting or denial of service. For the stable distribution (bullseye), these problems have been fixed in |
One of the security fixes released as DSA 5356 introduced a regression in the processing of specific WAV files. Updated sox packages are available to correct this issue. |
Multiple security issues were discovered in Thunderbird, which could result in denial of service, the execution of arbitrary code or spoofing. |
OS: Rocky
Important: nss security update |
Important: kernel security and bug fix update |
Moderate: gnutls security and bug fix update |
Important: pesign security update |
OS: Suse
The container suse/sle-micro/5.2/toolbox was updated. The following patches have been included in this update: |
The container suse/sle-micro/5.1/toolbox was updated. The following patches have been included in this update: |
The container suse/sle15 was updated. The following patches have been included in this update: |
The container suse/sle-micro/5.4/toolbox was updated. The following patches have been included in this update: |