INFOSEC – USERSPACE.ORG :

OS: Redhat

Red Hat: RHSA-2023-5538-01 Important: libvpx Heap Overflow and Crash

An update for libvpx is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

Red Hat Enterprise Linux 8.2 RHSA-2023-5527 Important: Bind DoS Risk

An update for bind is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.

Red Hat Enterprise Linux 8.2 RHSA-2023-5534-01 Important: libvpx Issues

An update for libvpx is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.

Important Advisory RHSA-2023-5539-01 for libvpx Crash and Heap Overflow

An update for libvpx is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

OS: Fedora

Fedora 42: webkitgtk 2025-40aeebe6d2 critical: memory corruption issues

Enable CSS Overscroll Behavior by default. Change threaded rendering implementation to use Skia API instead of WebCore display list that is not thread safe. Fix rendering when device scale factor change comes before the web view geometry update.

Fedora 42: 2025-b3d59fca78 critical: indirect target selection issue

x86: Indirect Target Selection [XSA-469, CVE-2024-28956]

Fedora 42: FEDORA-2025-7f48333f3e critical: syslog-ng TLS issue

update to 4.8.2 fixing CVE-2024-47619

Fedora 41: 2025-0fc3d8b7bf moderate: syslog-ng certificate validation issue

update to 4.8.2 to fix CVE-2024-47619

OS: CentOS

CentOS 7 CESA-2024-1498 Moderate Advisory: Thunderbird Update

Upstream details at : https://access.redhat.com/errata/RHSA-2024:1498

CentOS 7 CESA-2024-1486 Critical: Firefox Security Update

Upstream details at : https://access.redhat.com/errata/RHSA-2024:1486

CentOS 7 CESA-2024-1249 Important: Kernel Critical Update

Upstream details at : https://access.redhat.com/errata/RHSA-2024:1249

CentOS 7 CESA-2024-0957 Critical Thunderbird Security Update

Upstream details at : https://access.redhat.com/errata/RHSA-2024:0957

OS: Mageia

Mageia: 2025-0158 critical: Dropbear SSH command injection

dbclient in Dropbear SSH before 2025.88 allows command injection via an untrusted hostname argument, because a shell is used. References: - https://bugs.mageia.org/show_bug.cgi?id=34264

Mageia 9: 2025-0157 moderate: openssh DisableForwarding directive flaw

In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding. (CVE-2025-32728) References:

Mageia 9: 2025-0156 critical: Fixes for Java TLS and compiler issues

Better TLS connection support. (CVE-2025-21587) Improve compiler transformations. (CVE-2025-30691) Enhance Buffered Image handling. (CVE-2025-30698) The updated timezone data are needed by the new Java packages.

Mageia 9 Advisory MGASA-2025-0155: Critical PostgreSQL Encoding Threat

PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation. (CVE-2025-4207) References: - https://bugs.mageia.org/show_bug.cgi?id=34265

OS: Debian LTS

Debian LTS DLA-4169-1: dropbear local command execution risk fixed

Marcin Nowak discovered that dbclient(1) hostname arguments with a comma (for multihop) are passed to the shell which could result in running arbitrary shell commands locally. That could be a security issue in situations where dbclient(1) is passed untrusted hostname arguments.

Debian 11: DLA-4168-1 critical: openafs credential theft and DoS

Several vulnerabilities were discovered in OpenAFS, an implementation of the AFS distributed filesystem, which may result in theft of credentials in Unix client PAGs (CVE-2024-10394), fileserver crashes and information

Debian LTS: DLA-4166-1 critical: xrdp session management flaws

Several vulnerabilities were discovered in xrdp, a Remote Desktop Protocol (RDP) server

Debian 11: DLA-4165-1 moderate: open-vm-tools file handling

open-vm-tools is a package that provides Open VMware Tools for virtual machines hosted on VMware. CVE-2025-22247

OS: Gentoo

Gentoo: GLSA-202505-10 Normal: Tracker Miners Sandbox Escape Code Execution

A vulnerability has been discovered in Tracker miners, which can lead to a sandbox escape and execution of arbitrary code.

Gentoo: GLSA-202505-09 Serious: Danger of Atop Heap Corruption Risk

A vulnerability has been discovered in Atop, which can possibly lead to arbitrary code execution.

Gentoo: GLSA-202505-07 critical: FreeType remote execution

A vulnerability has been discovered in FreeType, which can lead to remote code execution.

Gentoo: GLSA-202505-06 High: glibc buffer overflow risk issue

A vulnerability has been discovered in glibc, which can lead to execution of arbitrary code..

OS: Suse

SUSE: 2025:1566-1 critical: valkey output buffer Denial of Service

* bsc#1241708 Cross-References: * CVE-2025-21605

SUSE: 2025:1567-1 moderate: microcode_ctl fixes for Intel CPUs

* bsc#1243123 Cross-References: * CVE-2024-28956 * CVE-2024-43420

SUSE: 2025:1568-1 moderate: libraw Denial of Service flaws fixed

* bsc#1241584 * bsc#1241585 * bsc#1241642 * bsc#1241643

SUSE Linux 15 SP6: 2025:1569-1 moderate: libraw out-of-bounds fixes

* bsc#1241584 * bsc#1241585 * bsc#1241642 * bsc#1241643

OS: Arch

ArchLinux: 202505-1 High: screen access bypass and privilege escalation

The package screen before version 5.0.0-3 is vulnerable to multiple issues including access restriction bypass, denial of service and privilege escalation.

ArchLinux: 202503-1: exim: privilege escalation

The package exim before version 4.98.2-1 is vulnerable to privilege escalation.

Arch Linux: 202501-1 Critical: rsync Multiple Issues Advisory

The package rsync before version 3.4.0-1 is vulnerable to multiple issues including arbitrary code execution, arbitrary file upload, information disclosure and privilege escalation.

Arch Linux: ASA-202410-1: oath-toolkit high severity privilege escalation

The package oath-toolkit before version 2.6.12-1 is vulnerable to privilege escalation.

OS: Debian

Debian Stable: DSA-5921-1 critical: thunderbird mail header spoofing

Multiple security issues were discovered in Thunderbird, which could result in spoofing of From: mail headers, execution of JavaScript or information disclosure.

Debian: DSA-5920-1 critical: chromium code execution risk

Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.

Debian 12: DSA-5919-1 critical: open-vm-tools file handling issue

It was discovered that insecure file handling in open-vm-tools, an open source implementation of VMware Tools, may allow an unprivileged local guest user to tamper local files to trigger insecure file operations within that VM.

Debian: DSA-5918-1 critical: Varnish request smuggling issue

Ben Kallus discovered that incorrect parsing of chunked transfer encodings in the Varnish web accelerator may result in HTTP request smuggling or cache poisoning.

OS: Scientific

Scientific Linux 7 SLSA-2023:6885 Critical: Python TLS Handshake Bypass

python: TLS handshake bypass (CVE-2023-40217) --- This content is derived from https://access.redhat.com/errata/RHSA-2023:6885 SL7 srpm python-0:2.7.5-94.el7_9.src x86_64 python-0:2.7.5-94.el7_9.x86_64 i386 python-libs-0:2.7.5-94.el7_9.i686 - Scientific Linux Development Team

SciLinux: SLSA-2023:6886 Critical: Plexus-Archiver File Creation Risk

plexus-archiver: Arbitrary File Creation in AbstractUnArchiver (CVE-2023-37460) --- This content is derived from https://access.redhat.com/errata/RHSA-2023:6886 SL7 srpm plexus-archiver-0:2.4.2-6.el7_9.src noarch plexus-archiver-0:2.4.2-6.el7_9.noarch - Scientific Linux Development Team

Scientific Linux 7 Advisory SLSA-2023:5691 Critical DoS in BIND

bind: stack exhaustion in control channel code may lead to DoS (CVE-2023-3341) --- This content is derived from https://access.redhat.com/errata/RHSA-2023:5691 SL7 srpm bind-32:9.11.4-26.P2.el7_9.15.src i386 bind-export-libs-32:9.11.4-26.P2.el7_9.15.i686 x86_64 bind-export-libs-32:9.11.4-26.P2.el7_9.15.x86_64 noarch bind-license-32:9.11.4-26.P2.el7_9.15.noarch - Scie [More...]

Scientific Linux SLSA-2023:5615 Moderate Security Issue in libssh2

libssh2: use-of-uninitialized-value in _libssh2_transport_read (CVE-2020-22218) --- This content is derived from https://sso.redhat.com/auth/realms/redhat-external/protocol/saml?SAMLRequest=fZJBT8MwDIX%2FSm85ZWk7yrZonVQxIU0ChDbgwAVlqccipUmJXTb49aQbg3Hh6jy%2F79nOFFVjW1l1tHVLeOsAKakQIZDx7so77BoIKwjvRsPj8qZkW6IWpRBKa0AcBKi3igbaN6L2O2e9qlH0nmJjnLLmE1hSEQWz7giOfsa9fhsuXA37kmUsmUdu1PfQXwSiP%2FdXMaMIoGyD4ljmsCcIESPa4Mlrbw9olizmJXvJ9WgMWmV8qMcTfpGNUq7WxZCvVTEe5dmoUJebKEXsYhAk5ahkeZoXPL3g6eQhHcqikGn2zJInCHhIlg9Sluwb61D2oJJ1wUmv0KB0qgGUpOWqur2RUSjVaY3nLe3%2FPac52Gzaq%2BUhXZh1zmwM1PxnxVNx%2Fjw9HvEu2i3m994a%2FZFU1vrdVVwXQckodPEO1z40iv4P0FdMzTcHqWz7wZHAEROzI%2FPvX5l9AQ%3D%3D&RelayState=https%3A%2F%2Faccess.redhat.com%2Ferrata%2FRHSA-2&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=BrJPc%2FvdbvszAnFEmxMHTWhWO5IJXnU8CNik001PBsM04yezeCS%2B0pETxgMIupFPsrxTbmD1oepOHhERcPL4Byk1qKkm6TtFvfXm74lB8Pui6rdjg%2B8IwVmrenuF4Ph3LD4ZnDeuNW3YO4dDbN5Q4%2F89FIjEkeGKeLLar10vtkiy8GweKEe8cuja3717pxNrVTOi8ckfBHwomdUD8Xw1IE6M1qHI4u6pOMtxqpKQPu%2FZzsAgrME854P7NQqtGaZRI3eqZlBRVyG2FYrR7KFC6QtA%2FdVCYBxBWG4JdxZhXmbM%2Fc%2Bn%2B04WEKPpbhH12qa7URkjktnYMsJNcVF7rtYtn1D6gCyPnuXrwe7qcV0MgnrfuqmW4FoGsGrjhFdp7Eebe40wh78VaLxxAxO9hR%2BrYRDgNjvtewICpUbzYQUm6jzVk3i%2FYjt5Pmr9HesI1zvaI80Jmpgud1snf1z7VWoIqnAXwIZyLlo%2BxyFZs4qDUBgFr9tqrgbnGjBgTzdyJTItq7yFMVJDCt6dy5LjnMgKSMd%2BjjsoDBjssytWMM4ulzlyQHtn4IdVgCe4q4jgLQrHXf4ZucbUIA6q%2Fxgg7favSO%2FZaivTQq%2BoaQQKJ1NXxPiMXw6j354mdaEtz8jK549xaCEZi2OiF3l8Qrzc%2B7JikRXQ8wlX1gh8SbiNHfo6ZcE%3D 023:5615 SL7 srpm libssh2-0:1.8.0-4.el7_9.1.src i386 libssh2-0:1.8.0-4.el7_9.1.i686 x86_64 libssh2-0:1.8.0-4.el7_9.1.x86_64 noarch libssh2-docs-0:1.8.0- 4.el7_9.1.noarch - Scientific Linux Development Team

OS: Slackware

Slackware 15.0: 2025-136-01 moderate: mozilla-thunderbird security fix

New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues.

Slackware 15.0: 2025-133-01 critical: screen security patch

New screen packages are available for Slackware 15.0 and -current to fix security issues.

Slackware 15.0: 2025-127-01 critical: mariadb security fix

New mariadb packages are available for Slackware 15.0 and -current to fix security issues.

Slackware 15.0: 2025-119-02 critical: mozilla-thunderbird security fix

New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues.

Exploit-DB.com

[local] RDPGuard 9.9.9 - Privilege Escalation
RDPGuard 9.9.9 - Privilege Escalation

[webapps] Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)
Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)

[webapps] WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation

[local] TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow
TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow