Read Time:5 Second
It was discovered that in Percona XtraBackup, a local crafted filename
could trigger arbitrary code execution.
Category Archives: Advisories
USN-6738-1: LXD vulnerability
Read Time:17 Second
Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk discovered that LXD
incorrectly handled the handshake phase and the use of sequence numbers in SSH
Binary Packet Protocol (BPP). If a user or an automated system were tricked
into opening a specially crafted input file, a remote attacker could possibly
use this issue to bypass integrity checks.
USN-6744-1: Pillow vulnerability
Read Time:17 Second
Hugo van Kemenade discovered that Pillow was not properly performing
bounds checks when processing an ICC file, which could lead to a buffer
overflow. If a user or automated system were tricked into processing a
specially crafted ICC file, an attacker could possibly use this issue
to cause a denial of service or execute arbitrary code.
sssd-2.9.4-7.fc41
Read Time:14 Second
FEDORA-2024-4e850a0f86
Packages in this update:
sssd-2.9.4-7.fc41
Update description:
Automatic update for sssd-2.9.4-7.fc41.
Changelog
* Fri Apr 19 2024 Pavel Březina <pbrezina@redhat.com> – 2.9.4-7
– Fix CVE-2023-3758 (rhbz#2275905)
sssd-2.9.4-7.fc40
Read Time:9 Second
FEDORA-2024-3798818c82
Packages in this update:
sssd-2.9.4-7.fc40
Update description:
Fix CVE-2023-3758 https://bugzilla.redhat.com/show_bug.cgi?id=2275905
sssd-2.9.4-2.fc39
Read Time:9 Second
FEDORA-2024-78240de990
Packages in this update:
sssd-2.9.4-2.fc39
Update description:
Fix CVE-2023-3758 https://bugzilla.redhat.com/show_bug.cgi?id=2275905
sssd-2.9.4-2.fc38
Read Time:9 Second
FEDORA-2024-44602bead8
Packages in this update:
sssd-2.9.4-2.fc38
Update description:
Fix CVE-2023-3758 https://bugzilla.redhat.com/show_bug.cgi?id=2275905
ZDI-24-369: Google cAdvisor REST API Improper Access Control Information Disclosure Vulnerability
Read Time:10 Second
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Google cAdvisor. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 5.3.
nextcloud-28.0.3-1.fc38
Read Time:7 Second
FEDORA-2024-c27e97ca79
Packages in this update:
nextcloud-28.0.3-1.fc38
Update description:
update to 28.0.3
fix CVE-2024-22403
DSA-5671-1 openjdk-11 – security update
Read Time:9 Second
Several vulnerabilities have been discovered in the OpenJDK Java runtime,
which may result in denial of service or information disclosure.