Apple Security Advisory 12-19-2023-1 - macOS Sonoma 14.2.1 addresses a session tracking issue.
ff03743c830c771fbd01d7356186b7a027eac19c6ac1a3a6bf86931d463c3b93
Red Hat Security Advisory 2023-7879-03 - An update for opensc is now available for Red Hat Enterprise Linux 9. Issues addressed include bypass and out of bounds read vulnerabilities.
16e6e4713eedc916c1c323c6a070fec9bfe4595b8fb4781c7f863e71a367c259
Red Hat Security Advisory 2023-7877-03 - An update for openssl is now available for Red Hat Enterprise Linux 8.
79766b90d0f80e7196504f3ddf5e7b091dcb56864a6c0e4babe5c713cefd9c29
Red Hat Security Advisory 2023-7876-03 - An update for opensc is now available for Red Hat Enterprise Linux 8. Issues addressed include a bypass vulnerability.
e166f025c98c78bc231527d657dc8d681065b9f4b2220116fa85d72d3953db7f
Red Hat Security Advisory 2023-7875-03 - An update for gstreamer1-plugins-bad-free is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include a use-after-free vulnerability.
6c18c13067330635a2b542912efdc2ce7855424b4a9cafe4165efcc6e622222b
Red Hat Security Advisory 2023-7874-03 - An update for gstreamer1-plugins-bad-free is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include a use-after-free vulnerability.
de402adf8e7a899128a25da20c1b4f7f603d4fef545aca232c98c74979caa9c8
Red Hat Security Advisory 2023-7873-03 - An update for gstreamer1-plugins-bad-free is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include buffer overflow and use-after-free vulnerabilities.
db642aaf2431e4e6b3a4ee4c2674c8c1fee0b0b42f9df814ee4b41c747d5efee
Red Hat Security Advisory 2023-7872-03 - An update for gstreamer1-plugins-bad-free is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a use-after-free vulnerability.
aaf07f4cd9a29b5f433294d53ca3a36a3a01ccffd46a28760f760e6eacefbadf
In this paper, the authors show that as new encryption algorithms and mitigations were added to SSH, the SSH Binary Packet Protocol is no longer a secure channel: SSH channel integrity (INT-PST) is broken for three widely used encryption modes. This allows prefix truncation attacks where some encrypted packets at the beginning of the SSH channel can be deleted without the client or server noticing it. They demonstrate several real-world applications of this attack. They show that they can fully break SSH extension negotiation (RFC 8308), such that an attacker can downgrade the public key algorithms for user authentication or turn off a new countermeasure against keystroke timing attacks introduced in OpenSSH 9.5. They also identified an implementation flaw in AsyncSSH that, together with prefix truncation, allows an attacker to redirect the victim's login into a shell controlled by the attacker. Related proof of concept code from their github has been added to this archive.
3d6be8cc2a9c624a06990226485956c5d92675a632da2182c2546e4af814ff93
This improper authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. Using this account, an attacker can then perform all administrative actions that are available to the Confluence instance administrator. This Metasploit module uses the administrator account to install a malicious .jsp servlet plugin which the user can trigger to gain code execution on the target in the context of the of the user running the confluence server.
26d73b4952befcec0a56b50c408cd4fd4e5babeec09700eba379dfb85cf91c39
I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.
30ef8afcad0fffafd94d30ac307f86b5a6b318e2c1f44a023005841a1fcd077c
Debian Linux Security Advisory 5580-1 - The Zoom Offensive Security Team discovered that processing a SVG image may lead to a denial-of-service.
c6891c045504fe548f17f5660e0f9ab7018990e4e84cbb0260fb3fbed6e142c6
Red Hat Security Advisory 2023-7878-03 - An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include an integer overflow vulnerability.
261479628cc44c85e64eeee988efabd05f29dfc6ea0bb0b4c0fe4dcdd3f41fbd
Gentoo Linux Security Advisory 202312-1 - Several vulnerabilities have been found in Leptonice, the worst of which could lead to arbitrary code execution. Versions greater than or equal to 1.81.0 are affected.
15792a867789f26ef677a41865c5d76fdd953d01a4e50faab0b867ba1464cb8b
Debian Linux Security Advisory 5579-1 - Multiple vulnerabilities were discovered in FreeImage, a support library for graphics image formats, which could result in the execution of arbitrary code if malformed image files are processed.
d3cff019742d9c0322612e8a359f402f4290070167509cc7d9ce8e4d328f85c0
Debian Linux Security Advisory 5576-2 - The initial fix for CVE-2023-6377 as applied in DSA 5576-1 did not fully fix the vulnerability. Updated packages correcting this issue including the upstream merged commit are now available.
6ac1fd4d8be53ce269e1946d49995f722c9654920861467d8417cd36346e4880
Debian Linux Security Advisory 5578-1 - It was discovered that Ghostscript, the GPL PostScript/PDF interpreter, does not properly handle errors in the gdev_prn_open_printer_seekable() function, which could result in the execution of arbitrary commands if malformed document files are processed.
20aeaf38dff4509c5503e7d3ced1a1155f0e31b502d0583ba7cf15955095ed39
RTPEngine version mr11.5.1.6 suffers from a denial of service vulnerability via DTLS Hello packets during call initiation.
7938f478eab1d8bc840896b24b1e1e899b45b53e89a3e7429e87eaebcefdc333
PKP Web Application Library (PKP-WAL) versions 3.4.0-3 and below, as used in Open Journal Systems (OJS), Open Monograph Press (OMP), and Open Preprint Systems (OPS) before versions 3.4.0-4 or 3.3.0-16, suffer from a NativeImportExportPlugin related remote code execution vulnerability.
894453dd71b738c757ad44c73e02be6e0af26e1e261f945b9dc8f20a9ebb348e
Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.
2d3b2e4f066b1f3eda17faff147dfa3e4b16fba044257361aca51a2322c5122d
Ubuntu Security Notice 6488-2 - USN-6488-1 fixed a vulnerability in strongSwan. This update provides the corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Florian Picca discovered that strongSwan incorrectly handled certain DH public values. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service, or possibly execute arbitrary code.
338f4a5b2aa85b89f8b08d5684422107226ac51c46249766ac922c0b469c720e
Ubuntu Security Notice 6556-1 - It was discovered that Budgie Extras incorrectly handled certain temporary file paths. An attacker could possibly use this issue to inject false information or deny access to the application. Matthias Gerstner discovered that Budgie Extras incorrectly handled certain temporary file paths. A local attacker could use this to inject arbitrary PNG data in this path and have it displayed on the victim's desktop or deny access to the application.
1e445a20e0c3e2f5cd796458dc464196f8b71e35096e6c4f1fb6ced4a09715a1
When handling DTLS-SRTP for media setup, Asterisk version 20.1.0 is susceptible to denial of service due to a race condition in the hello handshake phase of the DTLS protocol. This attack can be done continuously, thus denying new DTLS-SRTP encrypted calls during the attack.
64a70704bf3c592f3c715409a2cca70dea12a637204ffa690f04e1d61f8e5387
Ubuntu Security Notice 6558-1 - It was discovered that audiofile could be made to dereference invalid memory. If a user or an automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that audiofile could be made to write out of bounds. If a user or an automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
6a440b0470b659ef8af146298808a0dd6b5659c6528660e23e465d017c10fa55
Ubuntu Security Notice 6557-1 - It was discovered that Vim could be made to dereference invalid memory. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. It was discovered that Vim could be made to recurse infinitely. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS.
872f33dc2b7bc88b8c7bb037d8cce3aa5d34706dc69f05eec595485cb8f8d733