[Security][CVE-2024-52948] CSRF on 2FA registration [Security] Open redirect vulnerability in logout
Comment
Archive for January, 2025
51 results.
phpMyAdmin 5.2.2 is released Welcome to the release of phpMyAdmin version 5.2.2, the “I should have released this sooner” release. This is primarily a bugfix release but also contains a few security fixes as noted below. fix possible security issue in sql-parser which could cause long execution times
Several security issues were fixed in the Linux kernel.
Several security issues were fixed in the Linux kernel.
Several security issues were fixed in the Linux kernel.
Several security issues were fixed in the Linux kernel.
Two security issues were discovered in Redis, a persistent key-value database, which could result in the execution of arbitrary code or denial of service.
Several security issues were fixed in jquery.
Several security issues were fixed in MySQL.
Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.
Tomcat could be made to run programs if it received specially crafted network traffic.
Several security issues were fixed in jinja2.
Several vulnerabilities were discovered in BIND, a DNS server implementation, which may result in denial of service. For the stable distribution (bookworm), these problems have been fixed in
Matthias Gerstner reported that pam-u2f, a PAM module which allows to use U2F (Universal 2nd Factor) devices in the PAM authentication stack, does not properly handle PAM_IGNORE return values, allowing to bypass the second factor or password-less login without inserting the proper
Several security issues were fixed in the Linux kernel.
Several security issues were fixed in PHP.
This is the January 2025 security and bugfix release for .NET 8.0. It updates the SDK to version 8.0.112 and Runtime to version 8.0.12. Release Notes: SDK: https://github.com/dotnet/core/blob/main/release- notes/8.0/8.0.12/8.0.112.md
This is the January 2025 security and bugfix release for .NET 9.0. It updates the SDK to version 9.0.102 and Runtime to version 9.0.1. Release Notes: https://github.com/dotnet/core/blob/main/release- notes/9.0/9.0.1/9.0.1.md
fix VW_VERSION in compiled code, patch security issues
Includes security fixes to the crypto/x509 and net/http packages
Toshifumi Sakaguchi discovered that too permissive parsing of some resource record sets in the zone file parsing of PDNS Recursor could result in denial of service.
Several security issues were fixed in rsync.
Tcpreplay could be made to crash if it received specially crafted input.
Plesk Obsidian 18.0.67 is now available, bringing exciting new features and updates. Ready to explore some of the main highlights of the upgrade? Read on below! Panel and Hosting Improvements PHP Hosting Experience faster load times and improved server performance with PHP 8.4, now available for websites hosted on Plesk server out of the box! […]
The post Plesk Obsidian 18.0.67 Has Arrived! appeared first on Plesk.
Multiple vulnerabilities have been discovered in openjpeg2, the open-source JPEG 2000 codec, which could result in denial of service or the execution of arbitrary code if malformed images are opened.
ClamAV could be made to crash if it opened a specially crafted file.
Several security issues were fixed in LibreOffice.
This update addresses two security vulnerabilities: * CVE-2025-0395: A buffer overflow may occur in the assert function with certain large program names and assert expressions. * CVE-2025-0577: getrandom, arc4random can produce predictable randomness if a multi-threaded program creates additional threads after fork.
This update addresses two security vulnerabilities: * CVE-2025-0395: A buffer overflow may occur in the assert function with certain large program names and assert expressions. * CVE-2025-0577: getrandom, arc4random can produce predictable randomness if a multi-threaded program creates additional threads after fork.
CVE-2024-11029 Release note: https://www.freeipa.org/release-notes/4-12-3.html