ISHACK AI BOT

Microsoft Edge Chromium: CVE-2023-2724 Type Confusion in V8 Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 05/16/2023 Created 05/19/2023 Added 05/19/2023 Modified 01/28/2025 Description Type confusion in V8 in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2023-2724 CVE - 2023-2724 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-2724

Microsoft Edge Chromium: CVE-2023-21719 Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 05/16/2023 Created 05/18/2023 Added 05/16/2023 Modified 01/28/2025 Description Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2023-21719 CVE - 2023-21719 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21719

Microsoft Edge Chromium: CVE-2023-2726 Inappropriate implementation in WebApp Installs Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 05/16/2023 Created 05/19/2023 Added 05/19/2023 Modified 01/28/2025 Description Inappropriate implementation in WebApp Installs in Google Chrome prior to 113.0.5672.126 allowed an attacker who convinced a user to install a malicious web app to bypass install dialog via a crafted HTML page. (Chromium security severity: Medium) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2023-2726 CVE - 2023-2726 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-2726

SUSE: CVE-2023-2454: SUSE Linux Security Advisory Severity 8 CVSS (AV:N/AC:L/Au:M/C:C/I:C/A:C) Published 05/15/2023 Created 05/16/2023 Added 05/16/2023 Modified 01/28/2025 Description schema_element defeats protective search_path changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with elevated database-level privileges to execute arbitrary code. Solution(s) suse-upgrade-libecpg6 suse-upgrade-libecpg6-32bit suse-upgrade-libpq5 suse-upgrade-libpq5-32bit suse-upgrade-postgresql12 suse-upgrade-postgresql12-contrib suse-upgrade-postgresql12-devel suse-upgrade-postgresql12-docs suse-upgrade-postgresql12-llvmjit suse-upgrade-postgresql12-llvmjit-devel suse-upgrade-postgresql12-plperl suse-upgrade-postgresql12-plpython suse-upgrade-postgresql12-pltcl suse-upgrade-postgresql12-server suse-upgrade-postgresql12-server-devel suse-upgrade-postgresql12-test suse-upgrade-postgresql13 suse-upgrade-postgresql13-contrib suse-upgrade-postgresql13-devel suse-upgrade-postgresql13-docs suse-upgrade-postgresql13-llvmjit suse-upgrade-postgresql13-llvmjit-devel suse-upgrade-postgresql13-plperl suse-upgrade-postgresql13-plpython suse-upgrade-postgresql13-pltcl suse-upgrade-postgresql13-server suse-upgrade-postgresql13-server-devel suse-upgrade-postgresql13-test suse-upgrade-postgresql14 suse-upgrade-postgresql14-contrib suse-upgrade-postgresql14-devel suse-upgrade-postgresql14-docs suse-upgrade-postgresql14-llvmjit suse-upgrade-postgresql14-llvmjit-devel suse-upgrade-postgresql14-plperl suse-upgrade-postgresql14-plpython suse-upgrade-postgresql14-pltcl suse-upgrade-postgresql14-server suse-upgrade-postgresql14-server-devel suse-upgrade-postgresql14-test suse-upgrade-postgresql15 suse-upgrade-postgresql15-contrib suse-upgrade-postgresql15-devel suse-upgrade-postgresql15-docs suse-upgrade-postgresql15-llvmjit suse-upgrade-postgresql15-llvmjit-devel suse-upgrade-postgresql15-plperl suse-upgrade-postgresql15-plpython suse-upgrade-postgresql15-pltcl suse-upgrade-postgresql15-server suse-upgrade-postgresql15-server-devel suse-upgrade-postgresql15-test References https://attackerkb.com/topics/cve-2023-2454 CVE - 2023-2454

SUSE: CVE-2023-2700: SUSE Linux Security Advisory Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 05/15/2023 Created 06/05/2023 Added 06/05/2023 Modified 01/28/2025 Description A vulnerability was found in libvirt. This security flaw ouccers due to repeatedly querying an SR-IOV PCI device's capabilities that exposes a memory leak caused by a failure to free the virPCIVirtualFunction array within the parent struct's g_autoptr cleanup. Solution(s) suse-upgrade-libvirt suse-upgrade-libvirt-client suse-upgrade-libvirt-client-qemu suse-upgrade-libvirt-daemon suse-upgrade-libvirt-daemon-config-network suse-upgrade-libvirt-daemon-config-nwfilter suse-upgrade-libvirt-daemon-driver-interface suse-upgrade-libvirt-daemon-driver-libxl suse-upgrade-libvirt-daemon-driver-lxc suse-upgrade-libvirt-daemon-driver-network suse-upgrade-libvirt-daemon-driver-nodedev suse-upgrade-libvirt-daemon-driver-nwfilter suse-upgrade-libvirt-daemon-driver-qemu suse-upgrade-libvirt-daemon-driver-secret suse-upgrade-libvirt-daemon-driver-storage suse-upgrade-libvirt-daemon-driver-storage-core suse-upgrade-libvirt-daemon-driver-storage-disk suse-upgrade-libvirt-daemon-driver-storage-gluster suse-upgrade-libvirt-daemon-driver-storage-iscsi suse-upgrade-libvirt-daemon-driver-storage-iscsi-direct suse-upgrade-libvirt-daemon-driver-storage-logical suse-upgrade-libvirt-daemon-driver-storage-mpath suse-upgrade-libvirt-daemon-driver-storage-rbd suse-upgrade-libvirt-daemon-driver-storage-scsi suse-upgrade-libvirt-daemon-hooks suse-upgrade-libvirt-daemon-lxc suse-upgrade-libvirt-daemon-qemu suse-upgrade-libvirt-daemon-xen suse-upgrade-libvirt-devel suse-upgrade-libvirt-devel-32bit suse-upgrade-libvirt-doc suse-upgrade-libvirt-libs suse-upgrade-libvirt-lock-sanlock suse-upgrade-libvirt-nss suse-upgrade-wireshark-plugin-libvirt References https://attackerkb.com/topics/cve-2023-2700 CVE - 2023-2700

Ubuntu: (Multiple Advisories) (CVE-2023-32212): Firefox vulnerabilities Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 05/15/2023 Created 05/16/2023 Added 05/16/2023 Modified 01/28/2025 Description An attacker could have positioned a <code>datalist</code> element to obscure the address bar. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11. Solution(s) ubuntu-upgrade-firefox ubuntu-upgrade-thunderbird References https://attackerkb.com/topics/cve-2023-32212 CVE - 2023-32212 USN-6074-1 USN-6074-2 USN-6074-3 USN-6075-1

Ubuntu: (Multiple Advisories) (CVE-2023-32211): Firefox vulnerabilities Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 05/15/2023 Created 05/16/2023 Added 05/16/2023 Modified 01/28/2025 Description A type checking bug would have led to invalid code being compiled. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11. Solution(s) ubuntu-upgrade-firefox ubuntu-upgrade-libmozjs-102-0 ubuntu-upgrade-thunderbird References https://attackerkb.com/topics/cve-2023-32211 CVE - 2023-32211 USN-6074-1 USN-6074-2 USN-6074-3 USN-6075-1 USN-6120-1

Ubuntu: USN-6832-1 (CVE-2023-31617): Virtuoso Open-Source Edition vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 05/15/2023 Created 07/15/2024 Added 07/15/2024 Modified 01/28/2025 Description An issue in the dk_set_delete component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. Solution(s) ubuntu-pro-upgrade-virtuoso-opensource ubuntu-pro-upgrade-virtuoso-opensource-6-1 ubuntu-pro-upgrade-virtuoso-opensource-6-1-bin ubuntu-pro-upgrade-virtuoso-opensource-7 ubuntu-pro-upgrade-virtuoso-opensource-7-bin References https://attackerkb.com/topics/cve-2023-31617 CVE - 2023-31617 USN-6832-1

Ubuntu: USN-6832-1 (CVE-2023-31614): Virtuoso Open-Source Edition vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 05/15/2023 Created 07/15/2024 Added 07/15/2024 Modified 01/28/2025 Description An issue in the mp_box_deserialize_string function in openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement. Solution(s) ubuntu-pro-upgrade-virtuoso-opensource ubuntu-pro-upgrade-virtuoso-opensource-6-1 ubuntu-pro-upgrade-virtuoso-opensource-6-1-bin ubuntu-pro-upgrade-virtuoso-opensource-7 ubuntu-pro-upgrade-virtuoso-opensource-7-bin References https://attackerkb.com/topics/cve-2023-31614 CVE - 2023-31614 USN-6832-1

Alma Linux: CVE-2023-2700: Moderate: virt:rhel and virt-devel:rhel security and bug fix update (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 05/15/2023 Created 06/27/2023 Added 06/27/2023 Modified 01/30/2025 Description A vulnerability was found in libvirt. This security flaw ouccers due to repeatedly querying an SR-IOV PCI device's capabilities that exposes a memory leak caused by a failure to free the virPCIVirtualFunction array within the parent struct's g_autoptr cleanup. Solution(s) alma-upgrade-hivex alma-upgrade-hivex-devel alma-upgrade-libguestfs alma-upgrade-libguestfs-appliance alma-upgrade-libguestfs-bash-completion alma-upgrade-libguestfs-devel alma-upgrade-libguestfs-gfs2 alma-upgrade-libguestfs-gobject alma-upgrade-libguestfs-gobject-devel alma-upgrade-libguestfs-inspect-icons alma-upgrade-libguestfs-java alma-upgrade-libguestfs-java-devel alma-upgrade-libguestfs-javadoc alma-upgrade-libguestfs-man-pages-ja alma-upgrade-libguestfs-man-pages-uk alma-upgrade-libguestfs-rescue alma-upgrade-libguestfs-rsync alma-upgrade-libguestfs-tools alma-upgrade-libguestfs-tools-c alma-upgrade-libguestfs-winsupport alma-upgrade-libguestfs-xfs alma-upgrade-libiscsi alma-upgrade-libiscsi-devel alma-upgrade-libiscsi-utils alma-upgrade-libnbd alma-upgrade-libnbd-bash-completion alma-upgrade-libnbd-devel alma-upgrade-libtpms alma-upgrade-libtpms-devel alma-upgrade-libvirt alma-upgrade-libvirt-client alma-upgrade-libvirt-client-qemu alma-upgrade-libvirt-daemon alma-upgrade-libvirt-daemon-config-network alma-upgrade-libvirt-daemon-config-nwfilter alma-upgrade-libvirt-daemon-driver-interface alma-upgrade-libvirt-daemon-driver-network alma-upgrade-libvirt-daemon-driver-nodedev alma-upgrade-libvirt-daemon-driver-nwfilter alma-upgrade-libvirt-daemon-driver-qemu alma-upgrade-libvirt-daemon-driver-secret alma-upgrade-libvirt-daemon-driver-storage alma-upgrade-libvirt-daemon-driver-storage-core alma-upgrade-libvirt-daemon-driver-storage-disk alma-upgrade-libvirt-daemon-driver-storage-gluster alma-upgrade-libvirt-daemon-driver-storage-iscsi alma-upgrade-libvirt-daemon-driver-storage-iscsi-direct alma-upgrade-libvirt-daemon-driver-storage-logical alma-upgrade-libvirt-daemon-driver-storage-mpath alma-upgrade-libvirt-daemon-driver-storage-rbd alma-upgrade-libvirt-daemon-driver-storage-scsi alma-upgrade-libvirt-daemon-kvm alma-upgrade-libvirt-dbus alma-upgrade-libvirt-devel alma-upgrade-libvirt-docs alma-upgrade-libvirt-libs alma-upgrade-libvirt-lock-sanlock alma-upgrade-libvirt-nss alma-upgrade-libvirt-wireshark alma-upgrade-lua-guestfs alma-upgrade-nbdfuse alma-upgrade-nbdkit alma-upgrade-nbdkit-bash-completion alma-upgrade-nbdkit-basic-filters alma-upgrade-nbdkit-basic-plugins alma-upgrade-nbdkit-curl-plugin alma-upgrade-nbdkit-devel alma-upgrade-nbdkit-example-plugins alma-upgrade-nbdkit-gzip-filter alma-upgrade-nbdkit-gzip-plugin alma-upgrade-nbdkit-linuxdisk-plugin alma-upgrade-nbdkit-nbd-plugin alma-upgrade-nbdkit-python-plugin alma-upgrade-nbdkit-server alma-upgrade-nbdkit-ssh-plugin alma-upgrade-nbdkit-tar-filter alma-upgrade-nbdkit-tar-plugin alma-upgrade-nbdkit-tmpdisk-plugin alma-upgrade-nbdkit-vddk-plugin alma-upgrade-nbdkit-xz-filter alma-upgrade-netcf alma-upgrade-netcf-devel alma-upgrade-netcf-libs alma-upgrade-ocaml-hivex alma-upgrade-ocaml-hivex-devel alma-upgrade-ocaml-libguestfs alma-upgrade-ocaml-libguestfs-devel alma-upgrade-ocaml-libnbd alma-upgrade-ocaml-libnbd-devel alma-upgrade-perl-hivex alma-upgrade-perl-sys-guestfs alma-upgrade-perl-sys-virt alma-upgrade-python3-hivex alma-upgrade-python3-libguestfs alma-upgrade-python3-libnbd alma-upgrade-python3-libvirt alma-upgrade-qemu-guest-agent alma-upgrade-qemu-img alma-upgrade-qemu-kvm alma-upgrade-qemu-kvm-block-curl alma-upgrade-qemu-kvm-block-gluster alma-upgrade-qemu-kvm-block-iscsi alma-upgrade-qemu-kvm-block-rbd alma-upgrade-qemu-kvm-block-ssh alma-upgrade-qemu-kvm-common alma-upgrade-qemu-kvm-core alma-upgrade-qemu-kvm-docs alma-upgrade-qemu-kvm-hw-usbredir alma-upgrade-qemu-kvm-tests alma-upgrade-qemu-kvm-ui-opengl alma-upgrade-qemu-kvm-ui-spice alma-upgrade-ruby-hivex alma-upgrade-ruby-libguestfs alma-upgrade-seabios alma-upgrade-seabios-bin alma-upgrade-seavgabios-bin alma-upgrade-sgabios alma-upgrade-sgabios-bin alma-upgrade-slof alma-upgrade-supermin alma-upgrade-supermin-devel alma-upgrade-swtpm alma-upgrade-swtpm-devel alma-upgrade-swtpm-libs alma-upgrade-swtpm-tools alma-upgrade-swtpm-tools-pkcs11 alma-upgrade-virt-dib alma-upgrade-virt-v2v alma-upgrade-virt-v2v-bash-completion alma-upgrade-virt-v2v-man-pages-ja alma-upgrade-virt-v2v-man-pages-uk References https://attackerkb.com/topics/cve-2023-2700 CVE - 2023-2700 https://errata.almalinux.org/8/ALSA-2023-3822.html https://errata.almalinux.org/9/ALSA-2023-3715.html

Alma Linux: CVE-2023-21102: Important: kernel security, bug fix, and enhancement update (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 05/15/2023 Created 09/15/2023 Added 09/15/2023 Modified 01/28/2025 Description In __efi_rt_asm_wrapper of efi-rt-wrapper.S, there is a possible bypass of shadow stack protection due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-260821414References: Upstream kernel Solution(s) alma-upgrade-bpftool alma-upgrade-kernel alma-upgrade-kernel-64k alma-upgrade-kernel-64k-core alma-upgrade-kernel-64k-debug alma-upgrade-kernel-64k-debug-core alma-upgrade-kernel-64k-debug-devel alma-upgrade-kernel-64k-debug-devel-matched alma-upgrade-kernel-64k-debug-modules alma-upgrade-kernel-64k-debug-modules-core alma-upgrade-kernel-64k-debug-modules-extra alma-upgrade-kernel-64k-devel alma-upgrade-kernel-64k-devel-matched alma-upgrade-kernel-64k-modules alma-upgrade-kernel-64k-modules-core alma-upgrade-kernel-64k-modules-extra alma-upgrade-kernel-abi-stablelists alma-upgrade-kernel-core alma-upgrade-kernel-debug alma-upgrade-kernel-debug-core alma-upgrade-kernel-debug-devel alma-upgrade-kernel-debug-devel-matched alma-upgrade-kernel-debug-modules alma-upgrade-kernel-debug-modules-core alma-upgrade-kernel-debug-modules-extra alma-upgrade-kernel-debug-uki-virt alma-upgrade-kernel-devel alma-upgrade-kernel-devel-matched alma-upgrade-kernel-modules alma-upgrade-kernel-modules-core alma-upgrade-kernel-modules-extra alma-upgrade-kernel-rt alma-upgrade-kernel-rt-core alma-upgrade-kernel-rt-debug alma-upgrade-kernel-rt-debug-core alma-upgrade-kernel-rt-debug-devel alma-upgrade-kernel-rt-debug-kvm alma-upgrade-kernel-rt-debug-modules alma-upgrade-kernel-rt-debug-modules-core alma-upgrade-kernel-rt-debug-modules-extra alma-upgrade-kernel-rt-devel alma-upgrade-kernel-rt-kvm alma-upgrade-kernel-rt-modules alma-upgrade-kernel-rt-modules-core alma-upgrade-kernel-rt-modules-extra alma-upgrade-kernel-tools alma-upgrade-kernel-tools-libs alma-upgrade-kernel-tools-libs-devel alma-upgrade-kernel-uki-virt alma-upgrade-kernel-zfcpdump alma-upgrade-kernel-zfcpdump-core alma-upgrade-kernel-zfcpdump-devel alma-upgrade-kernel-zfcpdump-devel-matched alma-upgrade-kernel-zfcpdump-modules alma-upgrade-kernel-zfcpdump-modules-core alma-upgrade-kernel-zfcpdump-modules-extra alma-upgrade-perf alma-upgrade-python3-perf alma-upgrade-rtla References https://attackerkb.com/topics/cve-2023-21102 CVE - 2023-21102 https://errata.almalinux.org/9/ALSA-2023-5069.html https://errata.almalinux.org/9/ALSA-2023-5091.html

Ubuntu: (Multiple Advisories) (CVE-2023-32216): Firefox vulnerabilities Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 05/15/2023 Created 05/16/2023 Added 05/16/2023 Modified 01/28/2025 Description Memory safetybugs present in Firefox 112. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 113. Solution(s) ubuntu-upgrade-firefox References https://attackerkb.com/topics/cve-2023-32216 CVE - 2023-32216 USN-6074-1 USN-6074-2 USN-6074-3

Ubuntu: USN-6832-1 (CVE-2023-31612): Virtuoso Open-Source Edition vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 05/15/2023 Created 07/15/2024 Added 07/15/2024 Modified 01/28/2025 Description An issue in the dfe_qexp_list component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. Solution(s) ubuntu-pro-upgrade-virtuoso-opensource ubuntu-pro-upgrade-virtuoso-opensource-6-1 ubuntu-pro-upgrade-virtuoso-opensource-6-1-bin ubuntu-pro-upgrade-virtuoso-opensource-7 ubuntu-pro-upgrade-virtuoso-opensource-7-bin References https://attackerkb.com/topics/cve-2023-31612 CVE - 2023-31612 USN-6832-1

Ubuntu: USN-6832-1 (CVE-2023-31615): Virtuoso Open-Source Edition vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 05/15/2023 Created 07/15/2024 Added 07/15/2024 Modified 01/28/2025 Description An issue in the chash_array component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. Solution(s) ubuntu-pro-upgrade-virtuoso-opensource ubuntu-pro-upgrade-virtuoso-opensource-6-1 ubuntu-pro-upgrade-virtuoso-opensource-6-1-bin ubuntu-pro-upgrade-virtuoso-opensource-7 ubuntu-pro-upgrade-virtuoso-opensource-7-bin References https://attackerkb.com/topics/cve-2023-31615 CVE - 2023-31615 USN-6832-1

Ubuntu: (Multiple Advisories) (CVE-2023-32215): Firefox vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 05/15/2023 Created 05/16/2023 Added 05/16/2023 Modified 01/28/2025 Description Memory safety bugs present in Firefox 112 and Firefox ESR 102.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11. Solution(s) ubuntu-upgrade-firefox ubuntu-upgrade-libmozjs-102-0 ubuntu-upgrade-thunderbird References https://attackerkb.com/topics/cve-2023-32215 CVE - 2023-32215 USN-6074-1 USN-6074-2 USN-6074-3 USN-6075-1 USN-6120-1

Ubuntu: USN-6832-1 (CVE-2023-31616): Virtuoso Open-Source Edition vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 05/15/2023 Created 07/15/2024 Added 07/15/2024 Modified 01/28/2025 Description An issue in the bif_mod component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. Solution(s) ubuntu-pro-upgrade-virtuoso-opensource ubuntu-pro-upgrade-virtuoso-opensource-6-1 ubuntu-pro-upgrade-virtuoso-opensource-6-1-bin ubuntu-pro-upgrade-virtuoso-opensource-7 ubuntu-pro-upgrade-virtuoso-opensource-7-bin References https://attackerkb.com/topics/cve-2023-31616 CVE - 2023-31616 USN-6832-1

Debian: CVE-2023-1729: libraw -- security update Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 05/15/2023 Created 05/29/2023 Added 05/29/2023 Modified 01/28/2025 Description A flaw was found in LibRaw. A heap-buffer-overflow in raw2image_ex() caused by a maliciously crafted file may lead to an application crash. Solution(s) debian-upgrade-libraw References https://attackerkb.com/topics/cve-2023-1729 CVE - 2023-1729 DLA-3433-1 DSA-5412 DSA-5412-1

Ubuntu: USN-6879-1 (CVE-2023-31620): Virtuoso Open-Source Edition vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 05/15/2023 Created 07/09/2024 Added 07/09/2024 Modified 01/28/2025 Description An issue in the dv_compare component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. Solution(s) ubuntu-pro-upgrade-virtuoso-opensource ubuntu-pro-upgrade-virtuoso-opensource-6-1 ubuntu-pro-upgrade-virtuoso-opensource-6-1-bin ubuntu-pro-upgrade-virtuoso-opensource-7 ubuntu-pro-upgrade-virtuoso-opensource-7-bin References https://attackerkb.com/topics/cve-2023-31620 CVE - 2023-31620 USN-6879-1

Ubuntu: USN-6832-1 (CVE-2023-31625): Virtuoso Open-Source Edition vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 05/15/2023 Created 07/15/2024 Added 07/15/2024 Modified 01/28/2025 Description An issue in the psiginfo component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. Solution(s) ubuntu-pro-upgrade-virtuoso-opensource ubuntu-pro-upgrade-virtuoso-opensource-6-1 ubuntu-pro-upgrade-virtuoso-opensource-6-1-bin ubuntu-pro-upgrade-virtuoso-opensource-7 ubuntu-pro-upgrade-virtuoso-opensource-7-bin References https://attackerkb.com/topics/cve-2023-31625 CVE - 2023-31625 USN-6832-1

Ubuntu: (Multiple Advisories) (CVE-2023-32213): Firefox vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 05/15/2023 Created 05/16/2023 Added 05/16/2023 Modified 01/28/2025 Description When reading a file, an uninitialized value could have been used as read limit. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11. Solution(s) ubuntu-upgrade-firefox ubuntu-upgrade-thunderbird References https://attackerkb.com/topics/cve-2023-32213 CVE - 2023-32213 USN-6074-1 USN-6074-2 USN-6074-3 USN-6075-1

Amazon Linux AMI 2: CVE-2023-31616: Security patch for virtuoso-opensource (ALAS-2023-2360) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 05/15/2023 Created 12/06/2023 Added 12/05/2023 Modified 01/28/2025 Description An issue in the bif_mod component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. Solution(s) amazon-linux-ami-2-upgrade-virtuoso-opensource amazon-linux-ami-2-upgrade-virtuoso-opensource-debuginfo References https://attackerkb.com/topics/cve-2023-31616 AL2/ALAS-2023-2360 CVE - 2023-31616

Amazon Linux AMI 2: CVE-2023-31610: Security patch for virtuoso-opensource (ALAS-2023-2360) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 05/15/2023 Created 12/06/2023 Added 12/05/2023 Modified 01/28/2025 Description An issue in the _IO_default_xsputn component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. Solution(s) amazon-linux-ami-2-upgrade-virtuoso-opensource amazon-linux-ami-2-upgrade-virtuoso-opensource-debuginfo References https://attackerkb.com/topics/cve-2023-31610 AL2/ALAS-2023-2360 CVE - 2023-31610

Amazon Linux AMI 2: CVE-2023-31623: Security patch for virtuoso-opensource (ALAS-2023-2360) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 05/15/2023 Created 01/24/2024 Added 01/23/2024 Modified 01/28/2025 Description An issue in the mp_box_copy component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. Solution(s) amazon-linux-ami-2-upgrade-virtuoso-opensource amazon-linux-ami-2-upgrade-virtuoso-opensource-debuginfo References https://attackerkb.com/topics/cve-2023-31623 AL2/ALAS-2023-2360 CVE - 2023-31623

Amazon Linux AMI 2: CVE-2023-31607: Security patch for virtuoso-opensource (ALAS-2023-2360) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 05/15/2023 Created 02/22/2024 Added 02/21/2024 Modified 01/28/2025 Description An issue in the __libc_malloc component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. Solution(s) amazon-linux-ami-2-upgrade-virtuoso-opensource amazon-linux-ami-2-upgrade-virtuoso-opensource-debuginfo References https://attackerkb.com/topics/cve-2023-31607 AL2/ALAS-2023-2360 CVE - 2023-31607

Amazon Linux AMI 2: CVE-2023-31630: Security patch for virtuoso-opensource (ALAS-2023-2360) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 05/15/2023 Created 12/06/2023 Added 12/05/2023 Modified 01/28/2025 Description An issue in the sqlo_query_spec component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. Solution(s) amazon-linux-ami-2-upgrade-virtuoso-opensource amazon-linux-ami-2-upgrade-virtuoso-opensource-debuginfo References https://attackerkb.com/topics/cve-2023-31630 AL2/ALAS-2023-2360 CVE - 2023-31630