Уязвимость DNS-сервера Dnsmasq, связанная с ошибками реализации проверки безопасности для стандартных элементов, позволяющая нарушителю оказать воздействие на целостность данных

A vulnerability was found in the implementation of DNSSEC in Dnsmasq up to and including 2.78. Wildcard synthesized NSEC records could be improperly interpreted to prove the non-existence of hostnames that actually exist.

Уязвимость стандартного пакета служебных утилит командной строки util-linux операционной системы Debian GNU/Linux, позволяющая нарушителю повысить свои привилегии

In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount followed by a tab character for autocompletion.

An issue was discovered in the ncurses crate through 5.99.0 for Rust. There are format string issues in printw functions because C format arguments are mishandled.

An issue was discovered in the ncurses crate through 5.99.0 for Rust. There are instr and mvwinstr buffer overflows because interaction with C functions is mishandled.

Mishandling of format strings in ncurses

Buffer overflow and format vulnerabilities in ncurses

jpegoptim.c in jpegoptim 1.4.5 (fixed in 1.4.6) has an invalid use of realloc() and free(), which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.