oss-sec: by date
RSS Feed
About List
All Lists
Previous period
220 messages
starting Jan 02 23 and
ending Mar 31 23
Date index |
Thread index |
Author index
Monday, 02 January
Re: CVE-2022-22728: libapreq2: libapreq2 multipart form parse memory corruption Arnout Engelen
Re: CVE-2022-22728: libapreq2: libapreq2 multipart form parse memory corruption Salvatore Bonaccorso
Tuesday, 03 January
CVE-2022-45143 Apache Tomcat - JsonErrorReportValve injection Mark Thomas
Re: CVE-2022-22728: libapreq2: libapreq2 multipart form parse memory corruption John Helmert III
Wednesday, 04 January
Linux kernel: Unauthenticated remote DOS in ksmbd NTLMv2 authentication Hrvoje Mišetić
Thursday, 05 January
Code execution through MIME-type association of Mono interpreter and security expectations of MIME type associations Gabriel Corona
Re: Code execution through MIME-type association of Mono interpreter and security expectations of MIME type associations Demi Marie Obenour
Re: Code execution through MIME-type association of Mono interpreter and security expectations of MIME type associations Gabriel Corona
CVE-2022-45787: Apache James MIME4J: Temporary File Information Disclosure in MIME4J TempFileStorageProvider Benoit Tellier
CVE-2022-45935: Apache James server: Temporary File Information Disclosure Benoit Tellier
Saturday, 07 January
CVE-2022-46769: Apache Sling App CMS: XSS in CMS Site Group Detail Dan Klco
Tuesday, 10 January
Type Confusion in Linux Kernel Kyle Zeng
Re: Type Confusion in Linux Kernel John Helmert III
CVE-2022-46176: Cargo does not check SSH host keys Pietro Albini
Re: Type Confusion in Linux Kernel Kyle Zeng
Wednesday, 11 January
Re: Linux kernel: Unauthenticated remote DOS in ksmbd NTLMv2 authentication Will
Thursday, 12 January
CVE-2023-0122: Linux kernel: Pre-Auth Remote DoS in NVMe Tal Lossos
Re: CVE-2023-0122: Linux kernel: Pre-Auth Remote DoS in NVMe Greg KH
Re: CVE-2023-0122: Linux kernel: Pre-Auth Remote DoS in NVMe John Helmert III
Friday, 13 January
Re: CVE-2023-0122: Linux kernel: Pre-Auth Remote DoS in NVMe Greg KH
CVE-2023-0179: Linux kernel stack buffer overflow in nftables: PoC and writeup Davide Ornaghi
CVE-2023-22602: Apache Shiro before 1.11.0, when used with Spring Boot 2.6+, may allow authentication bypass through a specially crafted HTTP request Brian Demers
Re: CVE-2023-0179: Linux kernel stack buffer overflow in nftables: PoC and writeup Solar Designer
Monday, 16 January
CVE-2022-43717: Apache Superset: Cross-Site Scripting on dashboards Daniel Gaspar
CVE-2022-43718: Apache Superset: Cross-Site Scripting vulnerability on upload forms Daniel Gaspar
CVE-2022-43719: Apache Superset: Cross Site Request Forgery (CSRF) on accept, request access API Daniel Gaspar
CVE-2022-43720: Apache Superset: Improper rendering of user input Daniel Gaspar
CVE-2022-43721: Apache Superset: Open Redirect Vulnerability Daniel Gaspar
CVE-2022-45438: Apache Superset: Dashboard metadata information leak Daniel Gaspar
CVE-2022-41703: Apache Superset: SQL injection vulnerability in adhoc clauses Daniel Gaspar
CVE-2022-47630 Trusted Firmware-A - Out-of-bounds read in X.509 parser Sandrine Bailleux
Tuesday, 17 January
[OSSA-2023-001] Swift: Arbitrary file access through custom S3 XML entities (CVE-2022-47950) Jeremy Stanley
Fwd: X.Org Security Advisory: Issues handling XPM files in libXpm prior to 3.5.15 Alan Coopersmith
Linux Kernel: hid: type confusions on hid report_list entry Pietro Borrello
Git 2.39.1 and friends Junio C Hamano
CVE-2006-20001: Apache HTTP Server: mod_dav out of bounds read, or write of zero byte Eric Covener
CVE-2022-36760: Apache HTTP Server: mod_proxy_ajp Possible request smuggling Eric Covener
CVE-2022-37436: Apache HTTP Server: mod_proxy prior to 2.4.55 allows a backend to trigger HTTP response splitting Eric Covener
Wednesday, 18 January
Re: CVE-2023-0122: Linux kernel: Pre-Auth Remote DoS in NVMe Salvatore Bonaccorso
null pointer dereference in Linux kernel Kyle Zeng
Linux Kernel: hid: NULL pointer dereference in hid_betopff_play() Pietro Borrello
Re: null pointer dereference in Linux kernel Rohit Keshri
CVE-2023-22809: Sudoedit can edit arbitrary files Matthieu Barjole
Friday, 20 January
Security Advisory 2023-01 for PowerDNS Recursor 4.8.0 (CVE-2023-22617) Otto Moerbeek
Saturday, 21 January
CVE-2023-22884: Apache Airflow, Apache Airflow MySQL Provider: Arbitrary file read via MySQL provider in Apache Airflow Jarek Potiuk
Monday, 23 January
Linux Kernel: sctp: KASLR leak in inet_diag_msg_sctpasoc_fill() Pietro Borrello
Tuesday, 24 January
Multiple vulnerabilities in Jenkins plugins Daniel Beck
[OSSA-2023-002] Cinder, Glance, Nova: Arbitrary file access through custom VMDK flat descriptor (CVE-2022-47951) Jeremy Stanley
Re: Directory traversal in sharutils/uudecode and python uu module Alan Coopersmith
Wednesday, 25 January
Xen Security Advisory 425 v1 (CVE-2022-42330) - Guests can cause Xenstore crash via soft reset Xen . org security team
ISC has disclosed three vulnerabilities in BIND 9 (CVE-2022-3094, CVE-2022-3736, CVE-2022-3924) Michał Kępień
Data operand dependent timing on Intel and Arm CPUs Eric Biggers
Re: Data operand dependent timing on Intel and Arm CPUs Solar Designer
Linux Kernel: hid: Use-After-Free in bigben_set_led() Pietro Borrello
Friday, 27 January
Re: Data operand dependent timing on Intel and Arm CPUs Eric Biggers
Monday, 30 January
CVE-2023-24829: Apache IoTDB: apache/iotdb-web-workbench: forge the JWTToken to access workbench Jialin Qiao
CVE-2023-24830: Apache IoTDB: apache/iotdb-web-workbench: create a user without authorization Jialin Qiao
Re: Data operand dependent timing on Intel and Arm CPUs Mark Hack
Re: Data operand dependent timing on Intel and Arm CPUs Demi Marie Obenour
Re: Data operand dependent timing on Intel and Arm CPUs John Runyon
Re: Data operand dependent timing on Intel and Arm CPUs Mark Hack
CVE-2022-44644: Apache Linkis (incubating): The DatasourceManager module has a Local File Read Vulnerability Heping Wang
CVE-2022-44645: Apache Linkis (incubating): The DatasourceManager module has a serialization attack vulnerability Heping Wang
Tuesday, 31 January
CVE-2022-24963: Apache Portable Runtime (APR): out-of-bound writes in the apr_encode family of functions Eric Covener
CVE-2022-25147: Apache Portable Runtime (APR): out-of-bounds writes in the apr_base64 family of functions Eric Covener
CVE-2022-28331: Apache Portable Runtime (APR): Windows out-of-bounds write in apr_socket_sendv function Eric Covener
pesign: Local privilege escalation on pesign systemd service Marco Benatto
Re: CVE-2022-24963: Apache Portable Runtime (APR): out-of-bound writes in the apr_encode family of functions Alan Coopersmith
Re: CVE-2022-24963: Apache Portable Runtime (APR): out-of-bound writes in the apr_encode family of functions Zube
Wednesday, 01 February
CVE-2023-24977: Apache InLong: Jdbc Connection causes arbitrary file reading in InLong Charles Zhang
Re: pesign: Local privilege escalation on pesign systemd service Matthias Gerstner
CVE-2023-24997: Apache InLong: Jdbc Connection Security Bypass in InLong Charles Zhang
Django: CVE-2023-23969: Potential denial-of-service via Accept-Language headers. Mariusz Felisiak
Re: Fwd: X.Org Security Advisory: Issues handling XPM files in libXpm prior to 3.5.15 Alan Coopersmith
Thursday, 02 February
Re: Linux Kernel: hid: Use-After-Free in bigben_set_led() Thomas Leroy
double-free vulnerability in OpenSSH server 9.1 Qualys Security Advisory
Announce: OpenSSH 9.2 released Damien Miller
WebKitGTK and WPE WebKit Security Advisory WSA-2023-0001 Carlos Alberto Lopez Perez
Re: double-free vulnerability in OpenSSH server 9.1 Georgi Guninski
Re: double-free vulnerability in OpenSSH server 9.1 Matthias Schmidt
Re: double-free vulnerability in OpenSSH server 9.1 Qualys Security Advisory
Friday, 03 February
CVE-2023-0045: Linux Kernel: Bypassing Spectre-BTI User Space Mitigations Rafael Correa De Ysasi
Re: CVE-2023-0045: Linux Kernel: Bypassing Spectre-BTI User Space Mitigations Rodrigo Branco
sox: patches for old vulnerabilities Helmut Grohne
Saturday, 04 February
CVE-2023-22849: Apache Sling App CMS: XSS in CMS Reference / UI Components Dan Klco
Re: sox: patches for old vulnerabilities Steffen Nurpmeso
CVE-2022-45786: Apache AGE: Python and Golang drivers allow data manipulation and exposure due to SQL injection John Gemignani
CVE-2022-45786: Apache AGE: Python and Golang drivers allow data manipulation and exposure due to SQL injection John Gemignani
Re: CVE-2023-0045: Linux Kernel: Bypassing Spectre-BTI User Space Mitigations Rodrigo Branco
Wednesday, 08 February
Re: SEGV in `alloca(BIG)` and `long pl[BIG]` Florian Weimer
Thursday, 09 February
CVE-2023-22832: Apache NiFi: Improper Restriction of XML External Entity References in ExtractCCDAAttributes David Handermann
Friday, 10 February
CVE-2023-25139: glibc-2.37 sprintf buffer overflow Jan Schaumann
Monday, 13 February
Re: double-free vulnerability in OpenSSH server 9.1 (CVE-2023-25136) Qualys Security Advisory
Tuesday, 14 February
Django - CVE-2023-24580: Potential denial-of-service vulnerability in file uploads Carlton Gibson
CVE-2022-46397: FD.io VPP (Vector Packet Processor) IPSec generates a predictable IV with AES-CBC mode Dave Wallace
CVE-2023-25141: JNDI injection into Apache sling-org-apache-sling-jcr-base Angela Schreiber
Xen Security Advisory 426 v1 (CVE-2022-27672) - x86: Cross-Thread Return Address Predictions Xen . org security team
[Announce] Git 2.39.2 and friends Junio C Hamano
curl: CVE-2023-23914: HSTS ignored on multiple requests Daniel Stenberg
curl: CVE-2023-23915: HSTS amnesia with --parallel Daniel Stenberg
curl: CVE-2023-23916: HTTP multi-header compression denial of service Daniel Stenberg
Wednesday, 15 February
Multiple vulnerabilities in Jenkins plugins Daniel Beck
CVE-2022-42735: Apache ShenYu Admin ultra vires Zhang Yonglun
WebKitGTK and WPE WebKit Security Advisory WSA-2023-0002 Carlos Alberto Lopez Perez
Thursday, 16 February
EternalTerminal: Review report and findings (predictable /tmp file paths and file permission issues, 3 CVEs) Matthias Gerstner
Xen Security Advisory 426 v2 (CVE-2022-27672) - x86: Cross-Thread Return Address Predictions Xen . org security team
Monday, 20 February
CVE-2023-25613: LDAP Injection Vulnerability in Apache Kerby Colm O hEigeartaigh
CVE-2023-24998: Apache Commons FileUpload: FileUpload DoS with excessive parts Mark Thomas
CVE-2023-24998 Apache Tomcat - FileUpload DoS with excessive parts Mark Thomas
Tuesday, 21 February
Re: double-free vulnerability in OpenSSH server 9.1 (CVE-2023-25136) Qualys Security Advisory
Wednesday, 22 February
Re: Re: double-free vulnerability in OpenSSH server 9.1 (CVE-2023-25136) Demi Marie Obenour
Thursday, 23 February
Re: CVE-2023-0179: Linux kernel stack buffer overflow in nftables: PoC and writeup butt3rflyh4ck
CVE-2023-25621: Apache Sling does not allow to handle i18n content in a secure way Carsten Ziegeler
Re: Re: double-free vulnerability in OpenSSH server 9.1 (CVE-2023-25136) Qualys Security Advisory
CVE-2023-25691: Apache Airflow Google Provider: Google Cloud Sql Provider Remote Command Execution Jarek Potiuk
CVE-2023-25692: Apache Airflow Google Provider: Google Cloud Sql Provider Denial Of Service Jarek Potiuk
CVE-2023-25693: Sqoop Apache Airflow Provider Remote Code Execution Vulnerability Jarek Potiuk
CVE-2023-25696: Apache Airflow Hive Provider Beeline RCE Jarek Potiuk
CVE-2023-25956: Apache Airflow AWS Provider: Arbitrary file read via AWS provider Jarek Potiuk
Tuesday, 28 February
sudo: double free with per-command chroot sudoers rules Todd C. Miller
Wednesday, 01 March
Re: sudo: double free with per-command chroot sudoers rules John Helmert III
Re: sudo: double free with per-command chroot sudoers rules Noryungi
Re: sudo: double free with per-command chroot sudoers rules Todd C. Miller
CVE-2023-1079: Linux Kernel: Use-After-Free in asus_kbd_backlight_set() Pietro Borrello
CVE-2023-1076: Linux Kernel: Type Confusion hardcodes tuntap socket UID to root Pietro Borrello
CVE-2023-1075 - Linux Kernel: Type Confusion in tls_is_tx_ready() Pietro Borrello
CVE-2023-1077: Linux kernel: Type confusion in pick_next_rt_entity() Pietro Borrello
Re: sudo: double free with per-command chroot sudoers rules Marc Deslauriers
Linux kernel: CVE-2023-1118: UAF vulnerabilities in "drivers/media/rc" directory duoming
Friday, 03 March
UAF in OpenSSL up to 3.0.7 Octavio Galland
Monday, 06 March
Re: Re: double-free vulnerability in OpenSSH server 9.1 (CVE-2023-25136) Georgi Guninski
Tuesday, 07 March
CVE-2023-25690: Apache HTTP Server: HTTP request splitting with mod_rewrite and mod_proxy Eric Covener
CVE-2023-27522: Apache HTTP Server: mod_proxy_uwsgi HTTP response splitting Eric Covener
Wednesday, 08 March
CVE-2023-23638: Apache Dubbo Deserialization Vulnerability Gadgets Bypass Albumen Kevin
Shell command and Emacs Lisp code injection in emacsclient-mail.desktop Gabriel Corona
Multiple vulnerabilities in Jenkins Daniel Beck
Re: Shell command and Emacs Lisp code injection in emacsclient-mail.desktop Salvatore Bonaccorso
Thursday, 09 March
Re: Re: double-free vulnerability in OpenSSH server 9.1 (CVE-2023-25136) Qualys Security Advisory
Friday, 10 March
CVE-2023-26464: Apache Log4j 1.x (EOL) allows DoS in Chainsaw and SocketAppender Arnout Engelen
Monday, 13 March
A USB-accessible slab-out-of-bounds read in Linux kernel driver Jisoo Jang
CVE-2023-1032 - Linux kernel io_uring IORING_OP_SOCKET double free Thadeu Lima de Souza Cascardo
Tuesday, 14 March
Re: A USB-accessible slab-out-of-bounds read in Linux kernel driver Jisoo Jang
TTY pushback vulnerabilities / TIOCSTI Hanno Böck
Re: TTY pushback vulnerabilities / TIOCSTI Jakub Wilk
Re: TTY pushback vulnerabilities / TIOCSTI Peter Bex
Re: TTY pushback vulnerabilities / TIOCSTI Hanno Böck
Re: TTY pushback vulnerabilities / TIOCSTI Peter Bex
Re: sox: patches for old vulnerabilities Helmut Grohne
Security issue in Hotspot elevate_perf_privileges.sh (CVE-2023-28144) Matthias Gerstner
Re: Re: sox: patches for old vulnerabilities Steffen Nurpmeso
Re: Re: sox: patches for old vulnerabilities Steffen Nurpmeso
Re: TTY pushback vulnerabilities / TIOCSTI Shawn Webb
Wednesday, 15 March
Re: TTY pushback vulnerabilities / TIOCSTI Fabian Keil
CVE-2023-25695: Information disclosure in Apache Airflow Jarek Potiuk
Re: TTY pushback vulnerabilities / TIOCSTI Dave Horsfall
Re: TTY pushback vulnerabilities / TIOCSTI Casper Dik
Re: TTY pushback vulnerabilities / TIOCSTI Hanno Böck
Re: TTY pushback vulnerabilities / TIOCSTI Jan Engelhardt
Minor stack-based buffer overflow in OpenBSD's libskey Qualys Security Advisory
Announce: OpenSSH 9.3 released Damien Miller
Thursday, 16 March
CVE-2023-24278 - Reflected XSS vulnerabilities in Squidex "/squid.svg" endpoint Giannis Christodoulakos
CVE-2023-24278 - Reflected XSS vulnerabilities in Squidex "/squid.svg" endpoint Giannis Christodoulakos
Friday, 17 March
flatpak: CVE-2023-28100: TIOCLINUX can send commands outside sandbox if running on a virtual console Simon McVittie
flatpak: CVE-2023-28101: escape characters in metadata can hide app permissions in terminal Simon McVittie
Re: TTY pushback vulnerabilities / TIOCSTI Hanno Böck
Re: TTY pushback vulnerabilities / TIOCSTI Ed Maste
Re: TTY pushback vulnerabilities / TIOCSTI Jakub Wilk
Saturday, 18 March
Re: TTY pushback vulnerabilities / TIOCSTI Lyndon Nerenberg (VE7TFX/VE6BBM)
Re: TTY pushback vulnerabilities / TIOCSTI Christos Zoulas
Re: TTY pushback vulnerabilities / TIOCSTI Eric Ashley
Sunday, 19 March
Re: TTY pushback vulnerabilities / TIOCSTI Hanno Böck
First result on google promotes insecure coding (XSS) Georgi Guninski
Re: First result on google promotes insecure coding (XSS) Solar Designer
Re: First result on google promotes insecure coding (XSS) Georgi Guninski
Monday, 20 March
[SECURITY ADVISORY] curl: CVE-2023-27533: TELNET option IAC injection Daniel Stenberg
[SECURITY ADVISORY] curl: CVE-2023-27534: SFTP path ~ resolving discrepancy Daniel Stenberg
[SECURITY ADVISORY] curl: CVE-2023-27535: FTP too eager connection reuse Daniel Stenberg
[SECURITY ADVISORY] curl: CVE-2023-27536: GSS delegation too eager connection re-use Daniel Stenberg
[SECURITY ADVISORY] curl: CVE-2023-27537: HSTS double-free Daniel Stenberg
[SECURITY ADVISORY] curl: CVE-2023-27538: SSH connection too eager reuse still Daniel Stenberg
CVE-2023-26513: Apache Sling Resource Merger: Requests to certain paths managed by the Apache Sling Resource Merger can lead to DoS Radu Cotescu
Tuesday, 21 March
Xen Security Advisory 427 v2 (CVE-2022-42332) - x86 shadow plus log-dirty mode use-after-free Xen . org security team
Xen Security Advisory 428 v3 (CVE-2022-42333,CVE-2022-42334) - x86/HVM pinned cache attributes mis-handling Xen . org security team
Xen Security Advisory 429 v3 (CVE-2022-42331) - x86: speculative vulnerability in 32bit SYSCALL path Xen . org security team
Multiple vulnerabilities in Jenkins plugins Daniel Beck
Re: TTY pushback vulnerabilities / TIOCSTI Jakub Wilk
Wednesday, 22 March
CVE-2023-28708: Apache Tomcat: JSESSIONID Cookie missing secure attribute in some configurations Mark Thomas
CVE-2023-0464: OpenSSL: Excessive Resource Usage Verifying X.509 Policy Constraints Solar Designer
Thursday, 23 March
[CVE-2023-28686] Insufficient message sender validation in Dino Dino Team
Friday, 24 March
New distros list statistics Anthony Liguori
CVE-2022-38745: Apache OpenOffice: Empty entry in Java class path Marcus Lange
CVE-2022-47502: Apache OpenOffice: Macro URL arbitrary script execution Marcus Lange
Re: TTY pushback vulnerabilities / TIOCSTI Hanno Böck
Monday, 27 March
CVE-2023-27296: Apache InLong: JDBC Deserialization Vulnerability in InLong Charles Zhang
CVE-2023-25195: Apache Fineract: SSRF template type vulnerability in certain authenticated users James Dailey
CVE-2023-25196: Apache Fineract: SQL injection vulnerability James Dailey
CVE-2023-25197: apache fineract: SQL injection vulnerability in certain procedure calls James Dailey
Re: New distros list statistics Solar Designer
Re: New distros list statistics Anthony Liguori
Tuesday, 28 March
CVE-2023-28326: Apache OpenMeetings: allows user impersonation Maxim Solodovnik
CVE-2023-28464: Linux: Bluetooth: hci_conn_cleanup function has double free Zhenghan Wang
Re: CVE-2023-28464: Linux: Bluetooth: hci_conn_cleanup function has double free Solar Designer
OpenSSL Security Advisory Tomas Mraz
Re: CVE-2023-28464: Linux: Bluetooth: hci_conn_cleanup function has double free Seth Arnold
Re: CVE-2023-28464: Linux: Bluetooth: hci_conn_cleanup function has double free Solar Designer
Re: CVE-2023-28464: Linux: Bluetooth: hci_conn_cleanup function has double free Seth Arnold
Wednesday, 29 March
Fwd: X.Org Security Advisory: CVE-2023-1393: X.Org Server Overlay Window Use-After-Free Olivier Fourdan
CVE-2023-28158: Apache Archiva privilege escalation Olivier Lamy
polkitd service user privilege separation Johannes Segitz
Re: polkitd service user privilege separation Simon McVittie
Thursday, 30 March
Re: polkitd service user privilege separation Johannes Segitz
CVE-2023-28935: Apache UIMA DUCC: DUCC (EOL) allows RCE Arnout Engelen
Re: polkitd service user privilege separation Jordan Glover
Re: Re: sox: patches for old vulnerabilities Steffen Nurpmeso
Irssi SA-2023-03 / Use after free in printing routine Ailin Nemui
Friday, 31 March
Re: Re: sox: patches for old vulnerabilities Nam Nguyen
Re: Re: sox: patches for old vulnerabilities Steffen Nurpmeso
CVE-2023-26269: Apache James server: Privilege escalation through unauthenticated JMX Benoit Tellier
Re: polkitd service user privilege separation Johannes Segitz
Re: CVE-2023-29132: Irssi SA-2023-03 / Use after free in printing routine Ailin Nemui