ISHACK AI BOT

F5 Networks: CVE-2023-22326: K83284425: iControl REST and tmsh vulnerability CVE-2023-22326 Severity 6 CVSS (AV:N/AC:L/Au:M/C:C/I:N/A:N) Published 02/01/2023 Created 12/13/2023 Added 12/12/2023 Modified 01/28/2025 Description In BIG-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all versions of 13.1.x, and all versions of BIG-IQ 8.x and 7.1.x, incorrect permission assignment vulnerabilities exist in the iControl REST and TMOS shell (tmsh) dig command which may allow an authenticated attacker with resource administrator or administrator role privileges to view sensitive information.Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Solution(s) f5-big-ip-upgrade-latest References https://attackerkb.com/topics/cve-2023-22326 CVE - 2023-22326 https://my.f5.com/manage/s/article/K83284425

F5 Networks: CVE-2023-22664: K56676554: BIG-IP HTTP/2 profile vulnerability CVE-2023-22664 Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/01/2023 Created 12/07/2023 Added 12/06/2023 Modified 01/28/2025 Description On BIG-IP versions 17.0.x before 17.0.0.2 and 16.1.x before 16.1.3.3, and BIG-IP SPK starting in version 1.6.0, when a client-side HTTP/2 profile and the HTTP MRF Router option are enabled for a virtual server, undisclosed requests can cause an increase in memory resource utilization.Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Solution(s) f5-big-ip-upgrade-latest References https://attackerkb.com/topics/cve-2023-22664 CVE - 2023-22664 https://my.f5.com/manage/s/article/K56676554

Joomla!: [20230102] - Core - Missing ACL checks for com_actionlogs (CVE-2023-23751) Severity 4 CVSS (AV:N/AC:L/Au:S/C:P/I:N/A:N) Published 02/01/2023 Created 02/02/2023 Added 02/01/2023 Modified 01/28/2025 Description An issue was discovered in Joomla! 4.0.0 through 4.2.4. A missing ACL check allows non super-admin users to access com_actionlogs. Solution(s) joomla-upgrade-4_2_7 References https://attackerkb.com/topics/cve-2023-23751 CVE - 2023-23751 http://developer.joomla.org/security-centre/891-20230102-core-missing-acl-checks-for-com-actionlogs.html

Ubuntu: USN-6156-1 (CVE-2022-4254): SSSD vulnerability Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:C) Published 02/01/2023 Created 06/14/2023 Added 06/13/2023 Modified 01/28/2025 Description sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters Solution(s) ubuntu-upgrade-sssd References https://attackerkb.com/topics/cve-2022-4254 CVE - 2022-4254 USN-6156-1

Debian: CVE-2022-44571: ruby-rack -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/01/2023 Created 02/02/2023 Added 02/01/2023 Modified 01/28/2025 Description There is a denial of service vulnerability in the Content-Disposition parsingcomponent of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2.4.1, 3.0.0.1. This could allow an attacker to craft an input that can cause Content-Disposition header parsing in Rackto take an unexpected amount of time, possibly resulting in a denial ofservice attack vector. This header is used typically used in multipartparsing. Any applications that parse multipart posts using Rack (virtuallyall Rails applications) are impacted. Solution(s) debian-upgrade-ruby-rack References https://attackerkb.com/topics/cve-2022-44571 CVE - 2022-44571 DLA-3298-1 DSA-5530

Debian: CVE-2023-23969: python-django -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/01/2023 Created 02/04/2023 Added 02/03/2023 Modified 01/28/2025 Description In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very large. Solution(s) debian-upgrade-python-django References https://attackerkb.com/topics/cve-2023-23969 CVE - 2023-23969 DLA-3306-1

CentOS Linux: CVE-2023-23969: Important: Satellite 6.13 Release (CESA-2023:2097) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/01/2023 Created 05/05/2023 Added 05/04/2023 Modified 01/28/2025 Description In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very large. Solution(s) centos-upgrade-foreman-cli centos-upgrade-python39-pulp_manifest centos-upgrade-rubygem-amazing_print centos-upgrade-rubygem-apipie-bindings centos-upgrade-rubygem-clamp centos-upgrade-rubygem-domain_name centos-upgrade-rubygem-fast_gettext centos-upgrade-rubygem-ffi centos-upgrade-rubygem-ffi-debuginfo centos-upgrade-rubygem-ffi-debugsource centos-upgrade-rubygem-foreman_maintain centos-upgrade-rubygem-gssapi centos-upgrade-rubygem-hammer_cli centos-upgrade-rubygem-hammer_cli_foreman centos-upgrade-rubygem-hammer_cli_foreman_admin centos-upgrade-rubygem-hammer_cli_foreman_ansible centos-upgrade-rubygem-hammer_cli_foreman_azure_rm centos-upgrade-rubygem-hammer_cli_foreman_bootdisk centos-upgrade-rubygem-hammer_cli_foreman_discovery centos-upgrade-rubygem-hammer_cli_foreman_google centos-upgrade-rubygem-hammer_cli_foreman_openscap centos-upgrade-rubygem-hammer_cli_foreman_remote_execution centos-upgrade-rubygem-hammer_cli_foreman_tasks centos-upgrade-rubygem-hammer_cli_foreman_templates centos-upgrade-rubygem-hammer_cli_foreman_virt_who_configure centos-upgrade-rubygem-hammer_cli_foreman_webhooks centos-upgrade-rubygem-hammer_cli_katello centos-upgrade-rubygem-hashie centos-upgrade-rubygem-highline centos-upgrade-rubygem-http-accept centos-upgrade-rubygem-http-cookie centos-upgrade-rubygem-jwt centos-upgrade-rubygem-little-plugger centos-upgrade-rubygem-locale centos-upgrade-rubygem-logging centos-upgrade-rubygem-mime-types centos-upgrade-rubygem-mime-types-data centos-upgrade-rubygem-multi_json centos-upgrade-rubygem-netrc centos-upgrade-rubygem-oauth centos-upgrade-rubygem-oauth-tty centos-upgrade-rubygem-powerbar centos-upgrade-rubygem-rest-client centos-upgrade-rubygem-snaky_hash centos-upgrade-rubygem-unf centos-upgrade-rubygem-unf_ext centos-upgrade-rubygem-unf_ext-debuginfo centos-upgrade-rubygem-unf_ext-debugsource centos-upgrade-rubygem-unicode centos-upgrade-rubygem-unicode-debuginfo centos-upgrade-rubygem-unicode-debugsource centos-upgrade-rubygem-unicode-display_width centos-upgrade-rubygem-version_gem centos-upgrade-satellite-cli centos-upgrade-satellite-clone centos-upgrade-satellite-maintain References CVE-2023-23969

Debian: CVE-2022-4254: sssd -- security update Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:C) Published 02/01/2023 Created 05/31/2023 Added 05/31/2023 Modified 01/28/2025 Description sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters Solution(s) debian-upgrade-sssd References https://attackerkb.com/topics/cve-2022-4254 CVE - 2022-4254 DLA-3436-1

Debian: CVE-2022-44570: ruby-rack -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/01/2023 Created 02/02/2023 Added 02/01/2023 Modified 01/28/2025 Description A denial of service vulnerability in the Range header parsing component of Rack >= 1.5.0. A Carefully crafted input can cause the Range header parsing component in Rack to take an unexpected amount of time, possibly resulting in a denial of service attack vector. Any applications that deal with Range requests (such as streaming applications, or applications that serve files) may be impacted. Solution(s) debian-upgrade-ruby-rack References https://attackerkb.com/topics/cve-2022-44570 CVE - 2022-44570 DLA-3298-1 DSA-5530

Ubuntu: (Multiple Advisories) (CVE-2023-23969): Django vulnerability Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/01/2023 Created 03/29/2023 Added 03/22/2023 Modified 01/28/2025 Description In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very large. Solution(s) ubuntu-pro-upgrade-python-django ubuntu-pro-upgrade-python3-django References https://attackerkb.com/topics/cve-2023-23969 CVE - 2023-23969 USN-5837-1 USN-5837-2

Ubuntu: (Multiple Advisories) (CVE-2023-0341): EditorConfig Core C vulnerability Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 02/01/2023 Created 03/29/2023 Added 03/22/2023 Modified 01/28/2025 Description A stack buffer overflow exists in the ec_glob function of editorconfig-core-c before v0.12.6 which allowed an attacker to arbitrarily write to the stack and possibly allows remote code execution. editorconfig-core-c v0.12.6 resolved this vulnerability by bound checking all write operations over the p_pcre buffer. Solution(s) ubuntu-pro-upgrade-editorconfig ubuntu-pro-upgrade-libeditorconfig-dev ubuntu-pro-upgrade-libeditorconfig0 References https://attackerkb.com/topics/cve-2023-0341 CVE - 2023-0341 USN-5842-1 USN-7168-1

Rocky Linux: CVE-2023-23969: Satellite 6.13 Release (RLSA-2023-2097) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/01/2023 Created 03/13/2024 Added 03/12/2024 Modified 01/28/2025 Description In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very large. Solution(s) rocky-upgrade-libdb-cxx rocky-upgrade-libdb-cxx-debuginfo rocky-upgrade-libdb-debuginfo rocky-upgrade-libdb-debugsource rocky-upgrade-libdb-sql-debuginfo rocky-upgrade-libdb-sql-devel-debuginfo rocky-upgrade-libdb-utils-debuginfo References https://attackerkb.com/topics/cve-2023-23969 CVE - 2023-23969 https://errata.rockylinux.org/RLSA-2023:2097

Huawei EulerOS: CVE-2023-25193: harfbuzz security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/04/2023 Created 05/18/2023 Added 05/18/2023 Modified 01/28/2025 Description hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks. Solution(s) huawei-euleros-2_0_sp10-upgrade-harfbuzz huawei-euleros-2_0_sp10-upgrade-harfbuzz-devel huawei-euleros-2_0_sp10-upgrade-harfbuzz-help References https://attackerkb.com/topics/cve-2023-25193 CVE - 2023-25193 EulerOS-SA-2023-1977

Huawei EulerOS: CVE-2023-25136: openssh security update Severity 8 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:C) Published 02/03/2023 Created 05/18/2023 Added 05/18/2023 Modified 01/30/2025 Description OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address space. One third-party report states "remote code execution is theoretically possible." Solution(s) huawei-euleros-2_0_sp10-upgrade-openssh huawei-euleros-2_0_sp10-upgrade-openssh-clients huawei-euleros-2_0_sp10-upgrade-openssh-server References https://attackerkb.com/topics/cve-2023-25136 CVE - 2023-25136 EulerOS-SA-2023-1981

CentOS Linux: CVE-2023-25136: Moderate: openssh security update (CESA-2023:2645) Severity 8 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:C) Published 02/03/2023 Created 05/15/2023 Added 05/15/2023 Modified 01/28/2025 Description OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address space. One third-party report states "remote code execution is theoretically possible." Solution(s) centos-upgrade-openssh centos-upgrade-openssh-askpass centos-upgrade-openssh-askpass-debuginfo centos-upgrade-openssh-clients centos-upgrade-openssh-clients-debuginfo centos-upgrade-openssh-debuginfo centos-upgrade-openssh-debugsource centos-upgrade-openssh-keycat centos-upgrade-openssh-keycat-debuginfo centos-upgrade-openssh-server centos-upgrade-openssh-server-debuginfo centos-upgrade-openssh-sk-dummy-debuginfo centos-upgrade-pam_ssh_agent_auth centos-upgrade-pam_ssh_agent_auth-debuginfo References CVE-2023-25136

Alma Linux: CVE-2023-25136: Moderate: openssh security update (ALSA-2023-2645) Severity 8 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:C) Published 02/03/2023 Created 05/15/2023 Added 05/15/2023 Modified 01/30/2025 Description OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address space. One third-party report states "remote code execution is theoretically possible." Solution(s) alma-upgrade-openssh alma-upgrade-openssh-askpass alma-upgrade-openssh-clients alma-upgrade-openssh-keycat alma-upgrade-openssh-server alma-upgrade-pam_ssh_agent_auth References https://attackerkb.com/topics/cve-2023-25136 CVE - 2023-25136 https://errata.almalinux.org/9/ALSA-2023-2645.html

OpenSSH Vulnerability: CVE-2023-25136 Severity 8 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:C) Published 02/03/2023 Created 02/14/2023 Added 02/13/2023 Modified 01/28/2025 Description OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address space. One third-party report states "remote code execution is theoretically possible." Solution(s) openbsd-openssh-upgrade-latest References https://attackerkb.com/topics/cve-2023-25136 CVE - 2023-25136

Amazon Linux AMI: CVE-2022-4304: Security patch for openssl (ALAS-2023-1683) Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 02/03/2023 Created 02/11/2023 Added 02/09/2023 Modified 01/28/2025 Description A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection. Solution(s) amazon-linux-upgrade-openssl References ALAS-2023-1683 CVE-2022-4304

Amazon Linux AMI: CVE-2023-0215: Security patch for openssl (ALAS-2023-1683) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/03/2023 Created 02/11/2023 Added 02/09/2023 Modified 01/28/2025 Description The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions, for example if a CMS recipient public key is invalid, the new filter BIO is freed and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO then a use-after-free will occur. This will most likely result in a crash. This scenario occurs directly in the internal function B64_write_ASN1() which may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on the BIO. This internal function is in turn called by the public API functions PEM_write_bio_ASN1_stream, PEM_write_bio_CMS_stream, PEM_write_bio_PKCS7_stream, SMIME_write_ASN1, SMIME_write_CMS and SMIME_write_PKCS7. Other public API functions that may be impacted by this include i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream and i2d_PKCS7_bio_stream. The OpenSSL cms and smime command line applications are similarly affected. Solution(s) amazon-linux-upgrade-openssl References ALAS-2023-1683 CVE-2023-0215

Debian: CVE-2021-36489: allegro5 -- security update Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 02/03/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description Buffer Overflow vulnerability in Allegro through 5.2.6 allows attackers to cause a denial of service via crafted PCX/TGA/BMP files to allegro_image addon. Solution(s) debian-upgrade-allegro5 References https://attackerkb.com/topics/cve-2021-36489 CVE - 2021-36489

Debian: CVE-2022-24895: symfony -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 02/03/2023 Created 07/17/2023 Added 07/17/2023 Modified 01/28/2025 Description Symfony is a PHP framework for web and console applications and a set of reusable PHP components. When authenticating users Symfony by default regenerates the session ID upon login, but preserves the rest of session attributes. Because this does not clear CSRF tokens upon login, this might enables same-site attackers to bypass the CSRF protection mechanism by performing an attack similar to a session-fixation. This issue has been fixed in the 4.4 branch. Solution(s) debian-upgrade-symfony References https://attackerkb.com/topics/cve-2022-24895 CVE - 2022-24895 DLA-3493-1

Debian: CVE-2021-37311: fcitx5 -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/03/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/30/2025 Description Buffer Overflow vulnerability in fcitx5 5.0.8 allows attackers to cause a denial of service via crafted message to the application's listening port. Solution(s) debian-upgrade-fcitx5 References https://attackerkb.com/topics/cve-2021-37311 CVE - 2021-37311

Debian: CVE-2023-25136: openssh -- security update Severity 8 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:C) Published 02/03/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/30/2025 Description OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address space. One third-party report states "remote code execution is theoretically possible." Solution(s) debian-upgrade-openssh References https://attackerkb.com/topics/cve-2023-25136 CVE - 2023-25136

SUSE: CVE-2021-37501: SUSE Linux Security Advisory Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 02/03/2023 Created 08/16/2024 Added 08/09/2024 Modified 01/28/2025 Description Buffer Overflow vulnerability in HDFGroup hdf5-h5dump 1.12.0 through 1.13.0 allows attackers to cause a denial of service via h5tools_str_sprint in /hdf5/tools/lib/h5tools_str.c. Solution(s) suse-upgrade-hdf5-gnu-hpc suse-upgrade-hdf5-gnu-hpc-devel suse-upgrade-hdf5-gnu-mpich-hpc suse-upgrade-hdf5-gnu-mpich-hpc-devel suse-upgrade-hdf5-gnu-mvapich2-hpc suse-upgrade-hdf5-gnu-mvapich2-hpc-devel suse-upgrade-hdf5-gnu-openmpi1-hpc-devel suse-upgrade-hdf5-gnu-openmpi3-hpc suse-upgrade-hdf5-gnu-openmpi3-hpc-devel suse-upgrade-hdf5-gnu-openmpi4-hpc suse-upgrade-hdf5-gnu-openmpi4-hpc-devel suse-upgrade-hdf5-hpc-examples suse-upgrade-hdf5_1_10_11-gnu-hpc suse-upgrade-hdf5_1_10_11-gnu-hpc-devel suse-upgrade-hdf5_1_10_11-gnu-hpc-devel-static suse-upgrade-hdf5_1_10_11-gnu-hpc-module suse-upgrade-hdf5_1_10_11-gnu-mpich-hpc suse-upgrade-hdf5_1_10_11-gnu-mpich-hpc-devel suse-upgrade-hdf5_1_10_11-gnu-mpich-hpc-devel-static suse-upgrade-hdf5_1_10_11-gnu-mpich-hpc-module suse-upgrade-hdf5_1_10_11-gnu-mvapich2-hpc suse-upgrade-hdf5_1_10_11-gnu-mvapich2-hpc-devel suse-upgrade-hdf5_1_10_11-gnu-mvapich2-hpc-devel-static suse-upgrade-hdf5_1_10_11-gnu-mvapich2-hpc-module suse-upgrade-hdf5_1_10_11-gnu-openmpi1-hpc suse-upgrade-hdf5_1_10_11-gnu-openmpi1-hpc-devel suse-upgrade-hdf5_1_10_11-gnu-openmpi1-hpc-devel-static suse-upgrade-hdf5_1_10_11-gnu-openmpi1-hpc-module suse-upgrade-hdf5_1_10_11-gnu-openmpi3-hpc suse-upgrade-hdf5_1_10_11-gnu-openmpi3-hpc-devel suse-upgrade-hdf5_1_10_11-gnu-openmpi3-hpc-devel-static suse-upgrade-hdf5_1_10_11-gnu-openmpi3-hpc-module suse-upgrade-hdf5_1_10_11-gnu-openmpi4-hpc suse-upgrade-hdf5_1_10_11-gnu-openmpi4-hpc-devel suse-upgrade-hdf5_1_10_11-gnu-openmpi4-hpc-devel-static suse-upgrade-hdf5_1_10_11-gnu-openmpi4-hpc-module suse-upgrade-hdf5_1_10_11-hpc-examples suse-upgrade-hdf5_1_10_8-gnu-hpc suse-upgrade-hdf5_1_10_8-gnu-hpc-devel suse-upgrade-hdf5_1_10_8-gnu-hpc-devel-static suse-upgrade-hdf5_1_10_8-gnu-hpc-module suse-upgrade-hdf5_1_10_8-gnu-mpich-hpc suse-upgrade-hdf5_1_10_8-gnu-mpich-hpc-devel suse-upgrade-hdf5_1_10_8-gnu-mpich-hpc-devel-static suse-upgrade-hdf5_1_10_8-gnu-mpich-hpc-module suse-upgrade-hdf5_1_10_8-gnu-mvapich2-hpc suse-upgrade-hdf5_1_10_8-gnu-mvapich2-hpc-devel suse-upgrade-hdf5_1_10_8-gnu-mvapich2-hpc-devel-static suse-upgrade-hdf5_1_10_8-gnu-mvapich2-hpc-module suse-upgrade-hdf5_1_10_8-gnu-openmpi1-hpc suse-upgrade-hdf5_1_10_8-gnu-openmpi1-hpc-devel suse-upgrade-hdf5_1_10_8-gnu-openmpi1-hpc-devel-static suse-upgrade-hdf5_1_10_8-gnu-openmpi1-hpc-module suse-upgrade-hdf5_1_10_8-gnu-openmpi3-hpc suse-upgrade-hdf5_1_10_8-gnu-openmpi3-hpc-devel suse-upgrade-hdf5_1_10_8-gnu-openmpi3-hpc-devel-static suse-upgrade-hdf5_1_10_8-gnu-openmpi3-hpc-module suse-upgrade-hdf5_1_10_8-gnu-openmpi4-hpc suse-upgrade-hdf5_1_10_8-gnu-openmpi4-hpc-devel suse-upgrade-hdf5_1_10_8-gnu-openmpi4-hpc-devel-static suse-upgrade-hdf5_1_10_8-gnu-openmpi4-hpc-module suse-upgrade-hdf5_1_10_8-hpc-examples suse-upgrade-libhdf5-gnu-hpc suse-upgrade-libhdf5-gnu-mpich-hpc suse-upgrade-libhdf5-gnu-mvapich2-hpc suse-upgrade-libhdf5-gnu-openmpi1-hpc suse-upgrade-libhdf5-gnu-openmpi3-hpc suse-upgrade-libhdf5-gnu-openmpi4-hpc suse-upgrade-libhdf5_1_10_11-gnu-hpc suse-upgrade-libhdf5_1_10_11-gnu-mpich-hpc suse-upgrade-libhdf5_1_10_11-gnu-mvapich2-hpc suse-upgrade-libhdf5_1_10_11-gnu-openmpi1-hpc suse-upgrade-libhdf5_1_10_11-gnu-openmpi3-hpc suse-upgrade-libhdf5_1_10_11-gnu-openmpi4-hpc suse-upgrade-libhdf5_1_10_8-gnu-hpc suse-upgrade-libhdf5_1_10_8-gnu-mpich-hpc suse-upgrade-libhdf5_1_10_8-gnu-mvapich2-hpc suse-upgrade-libhdf5_1_10_8-gnu-openmpi1-hpc suse-upgrade-libhdf5_1_10_8-gnu-openmpi3-hpc suse-upgrade-libhdf5_1_10_8-gnu-openmpi4-hpc suse-upgrade-libhdf5_cpp-gnu-hpc suse-upgrade-libhdf5_cpp-gnu-mpich-hpc suse-upgrade-libhdf5_cpp-gnu-mvapich2-hpc suse-upgrade-libhdf5_cpp-gnu-openmpi3-hpc suse-upgrade-libhdf5_cpp-gnu-openmpi4-hpc suse-upgrade-libhdf5_cpp_1_10_11-gnu-hpc suse-upgrade-libhdf5_cpp_1_10_11-gnu-mpich-hpc suse-upgrade-libhdf5_cpp_1_10_11-gnu-mvapich2-hpc suse-upgrade-libhdf5_cpp_1_10_11-gnu-openmpi1-hpc suse-upgrade-libhdf5_cpp_1_10_11-gnu-openmpi3-hpc suse-upgrade-libhdf5_cpp_1_10_11-gnu-openmpi4-hpc suse-upgrade-libhdf5_cpp_1_10_8-gnu-hpc suse-upgrade-libhdf5_cpp_1_10_8-gnu-mpich-hpc suse-upgrade-libhdf5_cpp_1_10_8-gnu-mvapich2-hpc suse-upgrade-libhdf5_cpp_1_10_8-gnu-openmpi3-hpc suse-upgrade-libhdf5_cpp_1_10_8-gnu-openmpi4-hpc suse-upgrade-libhdf5_fortran-gnu-hpc suse-upgrade-libhdf5_fortran-gnu-mpich-hpc suse-upgrade-libhdf5_fortran-gnu-mvapich2-hpc suse-upgrade-libhdf5_fortran-gnu-openmpi1-hpc suse-upgrade-libhdf5_fortran-gnu-openmpi3-hpc suse-upgrade-libhdf5_fortran-gnu-openmpi4-hpc suse-upgrade-libhdf5_fortran_1_10_11-gnu-hpc suse-upgrade-libhdf5_fortran_1_10_11-gnu-mpich-hpc suse-upgrade-libhdf5_fortran_1_10_11-gnu-mvapich2-hpc suse-upgrade-libhdf5_fortran_1_10_11-gnu-openmpi1-hpc suse-upgrade-libhdf5_fortran_1_10_11-gnu-openmpi3-hpc suse-upgrade-libhdf5_fortran_1_10_11-gnu-openmpi4-hpc suse-upgrade-libhdf5_fortran_1_10_8-gnu-hpc suse-upgrade-libhdf5_fortran_1_10_8-gnu-mpich-hpc suse-upgrade-libhdf5_fortran_1_10_8-gnu-mvapich2-hpc suse-upgrade-libhdf5_fortran_1_10_8-gnu-openmpi1-hpc suse-upgrade-libhdf5_fortran_1_10_8-gnu-openmpi3-hpc suse-upgrade-libhdf5_fortran_1_10_8-gnu-openmpi4-hpc suse-upgrade-libhdf5_hl-gnu-hpc suse-upgrade-libhdf5_hl-gnu-mpich-hpc suse-upgrade-libhdf5_hl-gnu-mvapich2-hpc suse-upgrade-libhdf5_hl-gnu-openmpi1-hpc suse-upgrade-libhdf5_hl-gnu-openmpi3-hpc suse-upgrade-libhdf5_hl-gnu-openmpi4-hpc suse-upgrade-libhdf5_hl_1_10_11-gnu-hpc suse-upgrade-libhdf5_hl_1_10_11-gnu-mpich-hpc suse-upgrade-libhdf5_hl_1_10_11-gnu-mvapich2-hpc suse-upgrade-libhdf5_hl_1_10_11-gnu-openmpi1-hpc suse-upgrade-libhdf5_hl_1_10_11-gnu-openmpi3-hpc suse-upgrade-libhdf5_hl_1_10_11-gnu-openmpi4-hpc suse-upgrade-libhdf5_hl_1_10_8-gnu-hpc suse-upgrade-libhdf5_hl_1_10_8-gnu-mpich-hpc suse-upgrade-libhdf5_hl_1_10_8-gnu-mvapich2-hpc suse-upgrade-libhdf5_hl_1_10_8-gnu-openmpi1-hpc suse-upgrade-libhdf5_hl_1_10_8-gnu-openmpi3-hpc suse-upgrade-libhdf5_hl_1_10_8-gnu-openmpi4-hpc suse-upgrade-libhdf5_hl_cpp-gnu-hpc suse-upgrade-libhdf5_hl_cpp-gnu-mpich-hpc suse-upgrade-libhdf5_hl_cpp-gnu-mvapich2-hpc suse-upgrade-libhdf5_hl_cpp-gnu-openmpi3-hpc suse-upgrade-libhdf5_hl_cpp-gnu-openmpi4-hpc suse-upgrade-libhdf5_hl_cpp_1_10_11-gnu-hpc suse-upgrade-libhdf5_hl_cpp_1_10_11-gnu-mpich-hpc suse-upgrade-libhdf5_hl_cpp_1_10_11-gnu-mvapich2-hpc suse-upgrade-libhdf5_hl_cpp_1_10_11-gnu-openmpi1-hpc suse-upgrade-libhdf5_hl_cpp_1_10_11-gnu-openmpi3-hpc suse-upgrade-libhdf5_hl_cpp_1_10_11-gnu-openmpi4-hpc suse-upgrade-libhdf5_hl_cpp_1_10_8-gnu-hpc suse-upgrade-libhdf5_hl_cpp_1_10_8-gnu-mpich-hpc suse-upgrade-libhdf5_hl_cpp_1_10_8-gnu-mvapich2-hpc suse-upgrade-libhdf5_hl_cpp_1_10_8-gnu-openmpi3-hpc suse-upgrade-libhdf5_hl_cpp_1_10_8-gnu-openmpi4-hpc suse-upgrade-libhdf5_hl_fortran-gnu-hpc suse-upgrade-libhdf5_hl_fortran-gnu-mpich-hpc suse-upgrade-libhdf5_hl_fortran-gnu-mvapich2-hpc suse-upgrade-libhdf5_hl_fortran-gnu-openmpi1-hpc suse-upgrade-libhdf5_hl_fortran-gnu-openmpi3-hpc suse-upgrade-libhdf5_hl_fortran-gnu-openmpi4-hpc suse-upgrade-libhdf5hl_fortran_1_10_11-gnu-hpc suse-upgrade-libhdf5hl_fortran_1_10_11-gnu-mpich-hpc suse-upgrade-libhdf5hl_fortran_1_10_11-gnu-mvapich2-hpc suse-upgrade-libhdf5hl_fortran_1_10_11-gnu-openmpi1-hpc suse-upgrade-libhdf5hl_fortran_1_10_11-gnu-openmpi3-hpc suse-upgrade-libhdf5hl_fortran_1_10_11-gnu-openmpi4-hpc suse-upgrade-libhdf5hl_fortran_1_10_8-gnu-hpc suse-upgrade-libhdf5hl_fortran_1_10_8-gnu-mpich-hpc suse-upgrade-libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc suse-upgrade-libhdf5hl_fortran_1_10_8-gnu-openmpi1-hpc suse-upgrade-libhdf5hl_fortran_1_10_8-gnu-openmpi3-hpc suse-upgrade-libhdf5hl_fortran_1_10_8-gnu-openmpi4-hpc References https://attackerkb.com/topics/cve-2021-37501 CVE - 2021-37501

Debian: CVE-2023-23082: kodi -- security update Severity 5 CVSS (AV:L/AC:L/Au:N/C:N/I:N/A:C) Published 02/03/2023 Created 01/23/2024 Added 01/22/2024 Modified 01/28/2025 Description A heap buffer overflow vulnerability in Kodi Home Theater Software up to 19.5 allows attackers to cause a denial of service due to an improper length of the value passed to the offset argument. Solution(s) debian-upgrade-kodi References https://attackerkb.com/topics/cve-2023-23082 CVE - 2023-23082 DLA-3712-1