Category: Advisories

Fabien Potencier discovered that under some conditions the sandbox mechanism of Twig, a template engine for PHP, could by bypassed. https://security-tracker.debian.org/tracker/DSA-5771-1 Read More

Shang-Hung Wan discovered multiple vulnerabilities in the Expat XML parsing C library, which could result in denial of service or potentially the execution of arbitrary...

Yufan You discovered that Libreoffice's handling of documents based on ZIP archives was suspectible to spoofing attacks when the repair mode attempts to address a...

It was discovered that the Python email module incorrectly parsed email addresses that contain special characters. A remote attacker could possibly use this issue to...

It was discovered that the nginx ngx_http_mp4 module incorrectly handled certain malformed mp4 files. In environments where the mp4 directive is in use, a remote...

It was discovered that Dovecot incorrectly handled a large number of address headers. A remote attacker could possibly use this issue to cause Dovecot to...

Hiroki Kurosawa discovered that curl incorrectly handled certain OCSP responses. This could result in bad certificates not being checked properly, contrary to expectations. Read More

It was discovered that ClamAV incorrectly handled certain PDF files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in...

USN-6560-2 fixed a vulnerability in OpenSSH. This update provides the corresponding update for Ubuntu 16.04 LTS. Original advisory details: It was discovered that OpenSSH incorrectly...

FEDORA-2024-5d6c951b0b Packages in this update: iwd-2.22-1.fc41 Update description: iwd 2.22: Fix issue with handling the Affinities property. Fix issue with handling ConnectedAccessPoint signal when roaming....