Packet Storm

Ubuntu Security Notice 6408-1 - Yair Mizrahi discovered that libXpm incorrectly handled certain malformed XPM image files. If a user were tricked into opening a specially crafted XPM image file, a remote attacker could possibly use this issue to consume memory, leading to a denial of service. Yair Mizrahi discovered that libXpm incorrectly handled certain malformed XPM image files. If a user were tricked into opening a specially crafted XPM image file, a remote attacker could use this issue to cause libXpm to crash, leading to a denial of service, or possibly execute arbitrary code.

Debian Linux Security Advisory 5514-1 - The Qualys Research Labs discovered a buffer overflow in the dynamic loader's processing of the GLIBC_TUNABLES environment variable. An attacker can exploit this flaw for privilege escalation.

Debian Linux Security Advisory 5513-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.

Red Hat Security Advisory 2023-5419-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include information leakage, privilege escalation, and use-after-free vulnerabilities.

Ubuntu Security Notice 6406-1 - Several security issues were discovered in the SpiderMonkey JavaScript library. If a user were tricked into opening malicious JavaScript applications or processing malformed data, a remote attacker could exploit a variety of issues related to JavaScript security, including denial of service attacks, and arbitrary code execution.

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Gentoo Linux Security Advisory 202310-2 - Multiple vulnerabilities have been discovered in NVIDIA Drivers, the worst of which could result in root privilege escalation. Versions greater than or equal to 470.182.03 are affected.

Ubuntu Security Notice 6405-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. Andrew McCreight discovered that Thunderbird did not properly manage during the worker lifecycle. An attacker could potentially exploit this issue to cause a denial of service.

SAP Enable Now Manager version 10.6.5 Build 2804 Cloud Edition suffers from cross site request forgery, cross site scripting, and open redirection vulnerabilities.

openVIVA c2 suffers from a persistent cross site scripting vulnerability. Versions prior to 20220801 are affected.