DSA-5623-1 postgresql-15 – security update
It was discovered that a late privilege drop in the "REFRESH MATERIALIZED VIEW CONCURRENTLY" command could allow an attacker to trick a user with higher...
DSA-5622-1 postgresql-13 – security update
It was discovered that a late privilege drop in the "REFRESH MATERIALIZED VIEW CONCURRENTLY" command could allow an attacker to trick a user with higher...
unbound-1.19.1-1.fc38
FEDORA-2024-c967c7d287 Packages in this update: unbound-1.19.1-1.fc38 Update description: Fix CVE-2023-50387, DNSSEC verification complexity can be exploited to exhaust CPU resources and stall DNS resolvers. Fix...
dnsmasq-2.90-1.fc39
FEDORA-2024-e24211eff0 Packages in this update: dnsmasq-2.90-1.fc39 Update description: https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html Read More
dnsmasq-2.90-1.fc38
FEDORA-2024-e00eceb11c Packages in this update: dnsmasq-2.90-1.fc38 Update description: https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html Read More
USN-6634-1: .NET vulnerabilities
Brennan Conroy discovered that .NET with SignalR did not properly handle malicious clients. An attacker could possibly use this issue to cause a denial of...
Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution for the following: Adobe Commerce is...
Critical Patches Issued for Microsoft Products, February 13, 2024
Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged...
USN-6633-1: Bind vulnerabilities
Shoham Danino, Anat Bremler-Barr, Yehuda Afek, and Yuval Shavitt discovered that Bind incorrectly handled parsing large DNS messages. A remote attacker could possibly use this...
USN-6632-1: OpenSSL vulnerabilities
David Benjamin discovered that OpenSSL incorrectly handled excessively long X9.42 DH keys. A remote attacker could possibly use this issue to cause OpenSSL to consume...