Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed.
Comment
Posts Tagged Debian Linux Distribution – Security Advisories
1162 results.
This update for Jetty, a Java servlet engine and web server, addresses a protocol-level vulnerability in HTTP/2 support also referred to as “MadeYouReset”.
This update for Jetty, a Java servlet engine and web server, addresses a protocol-level vulnerability in HTTP/2 support also referred to as “MadeYouReset”.
Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. Google is aware that an exploit for CVE-2025-10585 exists in the wild.
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, sandbox escape, information disclosure or bypass of the same-origin policy.
It was discovered that Node sha.js, an implementation of the SHA family hash functions in pure JavaScript, performed incomplete type checks. For the oldstable distribution (bookworm), this problem has been fixed
It was discovered that cJSON, an ultralightweight JSON parser, performed insufficient input sanitising, which could result in out-of-bounds memory access.
Michael Hudak discovered a flaw in libcpanel-json-xs-perl, a module for fast and correct serialising to JSON. An integer buffer overflow causing a segfault when parsing specially crafted JSON, may allow an attacker to mount a denial-of-service attack or cause other unspecified impact.
Michael Hudak discovered a flaw in libjson-xs-perl, a module for manipulating JSON-formatted data. An integer buffer overflow causing a segfault when parsing specially crafted JSON, may allow an attacker to mount a denial-of-service attack or cause other unspecified impact.
Two vulnerabilities were discovered in cups, the Common UNIX Printing System, which may result in authentication bypass with AuthType Negotiate or in denial of service (daemon crash).
Multiple memory corruption vulnerbilities were discovered in imagemagick, a software suit used for editing and manipulating digital images, which could lead to information leak, denial of service, and potentially arbitrary code execution.
Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.
Gregor Kopf of Secfault Security GmbH discovered that HSQLDB, a Java SQL database engine, allowed the execution of spurious scripting commands in .script and .log files. Hsqldb supports a “SCRIPT” keyword which is normally used to record the commands input by the database admin to output such a
Florian Stuhlmann discovered a SQL vulnerability in the ODBC plugin in the Shibboleth Service Provider which may result in information leak. For additional information please refer to the upstream advisory at
Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.
Two vulnerabilities were discovered in the Firebird database, which may result in denial of service or authentication bypass. For the stable distribution (trixie), these problems have been fixed in
Multiple vulnerabilities were discovered in Node.js, which could result in denial of service, HTTP request smuggling, privilege escalation, a side channel attack against PKCS#1 1.5 or a bypass of network import restrictions.
A flaw was found in libxslt, the XSLT 1.0 processing library, where the attribute type, atype, flags are modified in a way that corrupts internal memory management. This is addressed by adding guards in libxml2, the GNOME XML library, preventing the heap use-after-free from happening.
Michael Imfeld discovered an out-of-bounds read vulnerability in udisks2, a D-Bus service to access and manipulate storage devices, which may result in denial of service (daemon process crash), or in mapping an internal file descriptor from the daemon process onto a loop device,
A security issues was discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.
Multiple security issues were discovered in Unbound, a validating, recursive, caching DNS resolver, which may result in denial of service or cache poisoning via the “rebirthday attack”.
Nikita Skorovoda discovered that Node cipher-base, an abstract base class for crypto-streams, performed incomplete type checks. For the oldstable distribution (bookworm), this problem has been fixed
Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed.
Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code. For the oldstable distribution (bookworm), these problems have been fixed
This update removes the usage of the C (Credential) flag for the binfmt_misc registration within the qemu-user package, as it allowed for privilege escalation when running a suid/sgid binary under qemu-user. This means suid/sgid foreign-architecture binaries are not running with
Two security issues were discovered in the Squid proxy caching server, which could result in the execution of arbitrary code, information disclosure or denial of service.
A security issues was discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, sandbox escape or bypass of the same-origin policy.
Two vunlerabilities were found in libxslt, the XSLT 1.0 processing library, which may lead to information disclosure and DoS attack. CVE-2023-40403
The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2025-6558