Adobe Acrobat 9.0.0 Pro Extended Patch Cim Zip
Download ===== https://geags.com/2sYLwN
Well in part to answer my own ? in prior post, but certainly hope that one does NOT have to do all of this:First I had downloaded files from Windows link shown in article but note that it is easier to do so from this Adobe page -patch-acrobat-reader-7.html
I have tried the link in this article -patch-acrobat-reader-7.html and it is taking me to the adobe enterprise site to log in. I keep getting a message to update adobe pro 9.0 but on the next page it only goes up to pro 8.0 to select as your current product which of course my serial number is for 9.0 not 8.0. Any assistance is greatly appreciated. I am running Windows 10.
Based on the information on the following page: -patch-acrobat-reader-7.html, I have indicated that two updates are optional, because they are incorporated in subsequent quarterly updates. I installed them anyway.
CVE-2022-27510: Unauthorized access to Gateway user capabilities. CVE-2022-27513: Remote desktop takeover via phishing.CVE-2022-27516: User login brute force protection functionality bypass. Affected Versions:Citrix ADC and Citrix Gateway 13.1 before 13.1-33.47 Citrix ADC and Citrix Gateway 13.0 before 13.0-88.12 Citrix ADC and Citrix Gateway 12.1 before 12.1.65.21QID Detection Logic (Unauthenticated):This QID checks for vulnerable versions of Citrix ADC/Netscaler by checking the version hash. The hash based check is added on the basis of the following Citrix Hashes. Please note that we can only detect vulnerable citrix versions that have an existing md5 hash in the provided list. ConsequenceSuccessful exploitation of this vulnerability may allow an attacker to either crash or service unavailability of the application.SolutionCustomers are advised to refer to CTX463706 for information pertaining to remediating this vulnerability.Patches CTX463706CVE-2022-27518QID: 730712Citrix Application Delivery Controller (ADC) and Citrix Gateway Arbitrary Code Execution Vulnerability (CTX474995)SeverityUrgent5Recently PublishedQualys ID730712Date PublishedJanuary 31, 2023Vendor ReferenceCTX474995CVE ReferenceCVE-2022-27518CVSS ScoresBase 9.8 / Temporal 8.5DescriptionA vulnerability has been discovered in Citrix Gateway and Citrix ADC, listed below, that, if exploited, could allow an unauthenticated remote attacker to perform arbitrary code execution on the appliance. Affected Versions:Citrix ADC and Citrix Gateway 13.0 before 13.0-58.32 Citrix ADC and Citrix Gateway 12.1 before 12.1-65.25 NOTE:Citrix ADC or Citrix Gateway are only affected when either configured as a SAML SP or as a SAML IdP. QID Detection Logic (Unauthenticated):This QID checks for vulnerable versions of Citrix ADC/Netscaler by checking the version hash. The hash based check is added on the basis of the following Citrix Hashes. Please note that we can only detect vulnerable citrix versions that have an existing md5 hash in the provided list. ConsequenceSuccessful exploitation allows attackers to execute arbitrary code.SolutionCustomers are advised to refer to CTX474995 for information pertaining to remediating this vulnerability.Patches CTX474995CVE-2022-42896+QID: 199137Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5830-1)SeverityUrgent5Recently PublishedQualys ID199137Date PublishedJanuary 31, 2023Vendor ReferenceUSN-5830-1CVE ReferenceCVE-2022-42896, CVE-2022-3643, CVE-2022-45934, CVE-2022-43945CVSS ScoresBase 10 / Temporal 8.7DescriptionUbuntu has released a security update for linux to fix the vulnerabilities.ConsequenceSuccessful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.SolutionRefer to Ubuntu security advisory USN-5830-1 for updates and patch information.Patches Ubuntu Linux USN-5830-1CVE-2022-42896+QID: 199136Ubuntu Security Notification for Linux kernel (Azure CVM) Vulnerabilities (USN-5831-1)SeverityUrgent5Recently PublishedQualys ID199136Date PublishedJanuary 31, 2023Vendor ReferenceUSN-5831-1CVE ReferenceCVE-2022-42896, CVE-2022-4378, CVE-2022-3643, CVE-2022-45934CVSS ScoresBase 10 / Temporal 8.7DescriptionUbuntu has released a security update for linux to fix the vulnerabilities.ConsequenceSuccessful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.SolutionRefer to Ubuntu security advisory USN-5831-1 for updates and patch information.Patches Ubuntu Linux USN-5831-1CVE-2022-2068+QID: 377937Splunk Enterprise Multiple Vulnerabilities (svd-2022-0804)SeverityCritical4In DevelopmentQualys ID377937Vendor Referencesvd-2022-0804CVE ReferenceCVE-2022-2068, CVE-2021-3541, CVE-2022-29824, CVE-2022-23308CVSS ScoresBase 9.8 / Temporal 8.5DescriptionSplunk Enterprise captures, indexes and correlates real-time data in a searchable repository from which it can generate graphs, reports, alerts, dashboards, and visualizations.Splunk Enterprise is affected by multiple vulnerabilities:Affected Versions:Splunk Enterprise 8.1.10 and lowerSplunk Enterprise 8.2.0 to 8.2.7Splunk Enterprise 9.0.0 QID Detection Logic(Authenticated) It checks for vulnerable version of Splunk Enterprise .ConsequenceSuccessful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.SolutionVendor has released updated versions to fix these vulnerabilities. Please refer svd-2022-0804 for more details.Patches svd-2022-0804CVE-2022-46146QID: 691042Free Berkeley Software Distribution (FreeBSD) Security Update for prometheus2 (791a09c5-a086-11ed-954d-b42e991fc52e)SeverityCritical4Recently PublishedQualys ID691042Date PublishedJanuary 31, 2023Vendor Reference791a09c5-a086-11ed-954d-b42e991fc52eCVE ReferenceCVE-2022-46146CVSS ScoresBase 8.8 / Temporal 7.7DescriptionFreeBSD has released a security update for prometheus2 to fix the vulnerabilities.ConsequenceSuccessful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.SolutionRefer to FreeBSD security advisory 791a09c5-a086-11ed-954d-b42e991fc52e for updates and patch information.Patches "FreeBSD" 791a09c5-a086-11ed-954d-b42e991fc52eCVE-2022-46175QID: 283651Fedora Security Update for pgadmin4 (FEDORA-2023-e7297a4aeb)SeverityCritical4Recently PublishedQualys ID283651Date PublishedJanuary 31, 2023Vendor ReferenceFEDORA-2023-e7297a4aebCVE ReferenceCVE-2022-46175CVSS ScoresBase 8.8 / Temporal 7.7DescriptionFedora has released a security update for pgadmin4 to fix the vulnerabilities.Affected OS:Fedora 37ConsequenceMalicious users could use this vulnerability to change partial contents or configuration on the system. Additionally this vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability.SolutionRefer to Fedora security advisory Fedora 37 for updates and patch information.Patches Fedora 37 FEDORA-2023-e7297a4aebCVE-2022-39286QID: 283650Fedora Security Update for python (FEDORA-2023-de87bd076b)SeverityCritical4Recently PublishedQualys ID283650Date PublishedJanuary 31, 2023Vendor ReferenceFEDORA-2023-de87bd076bCVE ReferenceCVE-2022-39286CVSS ScoresBase 8.8 / Temporal 7.7DescriptionFedora has released a security update for python to fix the vulnerabilities.Affected OS:Fedora 37ConsequenceMalicious users could use this vulnerability to change partial contents or configuration on the system. Additionally this vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability.SolutionRefer to Fedora security advisory Fedora 37 for updates and patch information.Patches Fedora 37 FEDORA-2023-de87bd076bCVE-2022-39286QID: 283649Fedora Security Update for python (FEDORA-2023-d966145959)SeverityCritical4Recently PublishedQualys ID283649Date PublishedJanuary 31, 2023Vendor ReferenceFEDORA-2023-d966145959CVE ReferenceCVE-2022-39286CVSS ScoresBase 8.8 / Temporal 7.7DescriptionFedora has released a security update for python to fix the vulnerabilities.Affected OS:Fedora 36ConsequenceMalicious users could use this vulnerability to change partial contents or configuration on the system. Additionally this vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability.SolutionRefer to Fedora security advisory Fedora 36 for updates and patch information.Patches Fedora 36 FEDORA-2023-d966145959CVE-2022-47318QID: 283647Fedora Security Update for rubygem (FEDORA-2023-e3985c2b3b)SeverityCritical4Recently PublishedQualys ID283647Date PublishedJanuary 31, 2023Vendor ReferenceFEDORA-2023-e3985c2b3bCVE ReferenceCVE-2022-47318CVSS ScoresBase 8 / Temporal 7DescriptionFedora has released a security update for rubygem to fix the vulnerabilities.Affected OS:Fedora 37ConsequenceMalicious users could use this vulnerability to change partial contents or configuration on the system. Additionally this vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability.SolutionRefer to Fedora security advisory Fedora 37 for updates and patch information.Patches Fedora 37 FEDORA-2023-e3985c2b3bCVE-2022-29187+QID: 283646Fedora Security Update for libgit2 (FEDORA-2023-1068309389)SeverityCritical4Recently PublishedQualys ID283646Date PublishedJanuary 31, 2023Vendor ReferenceFEDORA-2023-1068309389CVE ReferenceCVE-2022-29187, CVE-2022-24765CVSS ScoresBase 7.8 / Temporal 6.8DescriptionFedora has released a security update for libgit2 to fix the vulnerabilities.Affected OS:Fedora 36ConsequenceThis vulnerability could be exploited to gain remote access to sensitive information and execute commands.SolutionRefer to Fedora security advisory Fedora 36 for updates and patch information.Patches Fedora 36 FEDORA-2023-1068309389CVE-2022-25761QID: 283648Fedora Security Update for open62541 (FEDORA-2023-4827db70a8)SeverityCritical4Recently PublishedQualys ID283648Date PublishedJanuary 31, 2023Vendor ReferenceFEDORA-2023-4827db70a8CVE ReferenceCVE-2022-25761CVSS ScoresBase 7.5 / Temporal 6.5DescriptionFedora has released a security update for open62541 to fix the vulnerabilities.Affected OS:Fedora 37ConsequenceMalicious users could use this vulnerability to change partial contents or configuration on the system. Additionally this vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability.SolutionRefer to Fedora security advisory Fedora 37 for updates and patch information.Patches Fedora 37 FEDORA-2023-4827db70a8CVE-2021-42835QID: 691043Free Berkeley Software Distribution (FreeBSD) Security Update for plex media server (98f78c7a-a08e-11ed-946e-002b67dfc673)SeverityCritical4Recently PublishedQualys ID691043Date PublishedJanuary 31, 2023Vendor Reference98f78c7a-a08e-11ed-946e-002b67dfc673CVE ReferenceCVE-2021-42835CVSS ScoresBase 7 / Temporal 6.1DescriptionFreeBSD has released a security update for plex media server to fix the vulnerabilities.ConsequenceSuccessful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.SolutionRefer to FreeBSD security advisory 98f78c7a-a08e-11ed-946e-002b67dfc673 for updates and patch information.Patches "FreeBSD" 98f78c7a-a08e-11ed-946e-002b67dfc673CVE-2022-42896+QID: 199132Ubuntu Security Notification for Linux kernel (Raspberry Pi) Vulnerabilities (USN-5829-1)SeverityUrgent5Recently PublishedQualys ID199132Date PublishedJanuary 31, 2023Vendor ReferenceUSN-5829-1CVE ReferenceCVE-2022-42896, CVE-2022-43945, CVE-2022-45934, CVE-2022-3643CVSS ScoresBase 10 / Temporal 8.7DescriptionUbuntu has released a security update for linux to fix the vulnerabilities.ConsequenceSuccessful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.SolutionRefer to Ubuntu security advisory USN-5829-1 for updates and patch information.Patches Ubuntu Linux USN-5829-1CVE-2022-3094+QID: 502648Alpine Linux Security Update for bindSeverityCritical4Recently PublishedQualys ID502648Date PublishedJanuary 31, 2023Vendor ReferencebindCVE ReferenceCVE-2022-3094, CVE-2022-3736, CVE-2022-3924CVSS ScoresBase 7.5 / Temporal 6.5DescriptionAlpine Linux has released a security update for bind to fix the vulnerabilities.Affected versions:Alpine Linux 3.14Alpine Linux 3.15Alpine Linux 3.16Affected Package versions prior to 9.16.37-r0.ConsequenceSuccessful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.SolutionRefer to Alpine Linux advisory bind for updates and patch information.Patches Alpine Linux bind-9.16.37-r0CVE-2023-21875+QID: 199129Ubuntu Security Notification for MySQL Vulnerabilities (USN-5823-1)SeverityUrgent5Recently PublishedQualys ID199129Date PublishedJanuary 31, 2023Vendor ReferenceUSN-5823-1CVE ReferenceCVE-2023-21875, CVE-2023-21870, CVE-2023-21883, CVE-2023-21867, CVE-2023-21873, CVE-2023-21868, CVE-2023-21879, CVE-2023-21881, CVE-2023-21840, CVE-2023-21877, CVE-2023-21880, CVE-2023-21882, CVE-2023-21887, CVE-2023-21871, CVE-2023-21876, CVE-2023-21836, CVE-2022-32221, CVE-2023-21869, CVE-2023-21878, CVE-2023-21863CVSS ScoresBase 9.8 / Temporal 8.5DescriptionUbuntu has released a security update for mysql to fix the vulnerabilities.ConsequenceSuccessful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.SolutionRefer to Ubuntu security advisory USN-5823-1 for updates and patch information.Patches Ubuntu Linux USN-5823-1CVE-2022-42898+QID: 199130Ubuntu Security Notification for Samba Vulnerabilities (USN-5822-1)SeverityCritical4Recently PublishedQualys ID199130Date PublishedJanuary 31, 2023Vendor ReferenceUSN-5822-1CVE ReferenceCVE-2022-42898, CVE-2022-37967, CVE-2022-38023, CVE-2022-3437, CVE-2021-20251, CVE-2022-37966, CVE-2022-45141CVSS ScoresBase 8.8 / Temporal 7.7DescriptionUbuntu has released a security update for samba to fix the vulnerabilities.ConsequenceSuccessful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.SolutionRefer to Ubuntu security advisory USN-5822-1 for updates and patch information.Patches Ubuntu Linux USN-5822-1CVE-2022-3159+QID: 591305Siemens J2TGo Multiple Vulnerabilities (SSA-360681)SeverityCritical4Recently PublishedQualys ID591305Date PublishedJanuary 31, 2023Vendor ReferenceSSA-360681CVE ReferenceCVE-2022-3159, CVE-2022-3160, CVE-2022-3161CVSS ScoresBase 7.8 / Temporal 6.8DescriptionSiemens JT2Go is affected by multiple out-of-bounds write vulnerabilities in the APDFL library from Datalogics. If a user is tricked to open a malicious PDF file with the affected products, this could lead the application to crash or potentially lead to arbitrary code execution.AFFECTED PRODUCTSJT2Go: All versions prior to V14.1.0.5QID Detection Logic (Authenticated)QID checks for the Vulnerable version using windows registry keys HKLM\SOFTWARE\Siemens\JT2Go.ConsequenceSuccessful exploitation of this vulnerability could lead the application to crash or potentially lead to arbitrary code execution.SolutionCustomers are advised to refer to Schneider Electric MITIGATIONS section SSA-360681 for affected packages and patching details.Patches SSA-360681CVE-2022-36760+QID: 150640Apache HTTP Server Prior to 2.4.55 Multiple Security VulnerabilitiesSeveritySerious3Recently PublishedQualys ID150640Date PublishedJanuary 31, 2023Vendor ReferenceApache HTTP ServerCVE ReferenceCVE-2022-36760, CVE-2022-37436, CVE-2006-20001CVSS ScoresBase 9 / Temporal 7.8DescriptionThe Apache HTTP Server, colloquially called Apache, is a free and open-source cross-platform web server software.Affected versions of Apache HTTP Server has multiple vulnerabilities:CVE-2022-37436 : mod_proxy allows a backend to trigger HTTP response splittingCVE-2022-36760 : mod_proxy_ajp possible request smugglingAffected Versions:Apache HTTP Server version from 2.4.0 to 2.4.54QID Detection Logic (Unauthenticated):This QID sends a HTTP GET request and checks the response headers to confirm if the host is running vulnerable version of Apache HTTP Server.ConsequenceExploitation of the vulnerability could lead to HTTP request splitting or request smuggling attack.SolutionCustomers are advised to upgrade to the latest version of Apache HTTP Server to remediate this vulnerability. For more information related to this vulnerability please refer to Apache's Security advisoryPatches Apache HTTP ServerCVE-2023-22809+QID: 199112Ubuntu Security Notification for Sudo Vulnerabilities (USN-5811-1)SeverityCritical4Recently PublishedQualys ID199112Date PublishedJanuary 31, 2023Vendor ReferenceUSN-5811-1CVE ReferenceCVE-2023-22809, CVE-2022-33070CVSS ScoresBase 7.8 / Temporal 6.8DescriptionUbuntu has released a security update for sudo to fix the vulnerabilities.ConsequenceSuccessful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.SolutionRefer to Ubuntu security advisory USN-5811-1 for updates and patch information.Patches Ubuntu Linux USN-5811-1CVE-2023-22399QID: 43952Juniper Network Operating System (Junos OS) QFX10K Series Denial of Service (DoS) Vulnerability (JSA70195)SeveritySerious3Recently PublishedQualys ID43952Date PublishedJanuary 31, 2023Vendor ReferenceJSA70195CVE ReferenceCVE-2023-22399CVSS ScoresBase 7.5 / Temporal 6.5DescriptionJuniper Junos is the network operating system used in Juniper Networks hardware systems.When sFlow is enabled and it monitors a packet forwarded via ECMP, a buffer management vulnerability in the dcpfe process of Juniper Networks Junos OS on QFX10K Series systems allows an attacker to cause the Packet Forwarding Engine (PFE) to crash and restart by sending specific genuine packets to the device, resulting in a Denial of Service (DoS) condition.Affected Junos versions:All versions prior to 19.4R3-S920.2 versions prior to 20.2R3-S620.3 versions prior to 20.3R3-S620.4 versions prior to 20.4R3-S521.1 versions prior to 21.1R3-S421.2 versions prior to 21.2R3-S321.3 versions prior to 21.3R3-S221.4 versions prior to 21.4R2-S2, 21.4R322.1 versions prior to 22.1R222.2 versions prior to 22.2R1-S2, 22.2R2NOTE:This issue only affects QFX10K Series systems with sFlow enabled.QID detection logic: (Authenticated)It checks for vulnerable Junos OS version.ConsequenceSuccessful exploitation of this vulnerability may allows an attacker to cause the Packet Forwarding Engine (PFE) to crash and restart by sending specific genuine packets to the device, resulting in a Denial of Service (DoS) condition.SolutionThe following software releases have been updated to resolve this specific issue: 19.4R3-S9, 20.2R3-S6, 20.3R3-S6, 20.4R3-S5, 21.1R3-S4, 21.2R3-S3, 21.3R3-S2, 21.4R2-S2, 21.4R3, 22.1R2, 22.2R1-S2, 22.2R2, 22.3R1, and all subsequent releases. Please refer JSA70195Patches JSA70195CVE-2023-22396QID: 43949Juniper Network Operating System (Junos OS) Denial of Service (DoS) Vulnerability (JSA70192)SeveritySerious3Recently PublishedQualys ID43949Date PublishedJanuary 31, 2023Vendor ReferenceJSA70192CVE ReferenceCVE-2023-22396CVSS ScoresBase 7.5 / Temporal 6.5DescriptionJuniper Junos is the network operating system used in Juniper Networks hardware systems.An Uncontrolled Resource Consumption vulnerability in TCP processing on the Routing Engine (RE) of Juniper Networks Junos OS allows an unauthenticated network-based attacker to send crafted TCP packets destined to the device, resulting in an MBUF leak that ultimately leads to a Denial of Service (DoS).Affected Junos versions:2.3 version 12.3R12-S19 and later versions15.1 version 15.1R7-S10 and later versions17.3 version 17.3R3-S12 and later versions18.4 version 18.4R3-S9 and later versions19.1 version 19.1R3-S7 and later versions19.2 version 19.2R3-S3 and later versions19.3 version 19.3R2-S7, 19.3R3-S3 and later versions prior to 19.3R3-S719.4 version 19.4R2-S7, 19.4R3-S5 and later versions prior to 19.4R3-S1020.1 version 20.1R3-S1 and later versions20.2 version 20.2R3-S2 and later versions prior to 20.2R3-S620.3 version 20.3R3-S1 and later versions prior to 20.3R3-S620.4 version 20.4R2-S2, 20.4R3 and later versions prior to 20.4R3-S521.1 version 21.1R2 and later versions prior to 21.1R3-S421.2 version 21.2R1-S1, 21.2R2 and later versions prior to 21.2R3-S321.3 versions prior to 21.3R3-S221.4 versions prior to 21.4R322.1 versions prior to 22.1R2-S1, 22.1R322.2 versions prior to 22.2R1-S2, 22.2R222.3 versions prior to 22.3R1-S1, 22.3R2QID detection logic: (Authenticated)It checks for vulnerable Junos OS version.ConsequenceSuccessful exploitation of this vulnerability may allows an unauthenticated network-based attacker to send crafted TCP packets destined to the device, resulting Denial of Service (DoS).SolutionThe following software releases have been updated to resolve this specific issue: 19.3R3-S7, 19.4R3-S10, 20.2R3-S6, 20.3R3-S6, 20.4R3-S5, 21.1R3-S4, 21.2R3-S3, 21.3R3-S2, 21.4R3, 22.1R2-S1, 22.1R3, 22.2R1-S2, 22.2R2, 22.2R3, 22.3R1-S1, 22.3R2, 22.4R1, and all subsequent releases. Please refer JSA70192Workaround:To reduce the risk of malicious exploitation, limit the exploitable attack surface of critical infrastructure networking equipment. Use access lists or firewall filters to limit access to the device only from trusted, administrative networks or hosts.Patches JSA70192CVE-2022-44877QID: 730694CWP7 (Control Web Panel 7 or CentOS Web Panel 7) Remote Code Execution (RCE) VulnerabilitySeverityUrgent5Recently PublishedQualys ID730694Date PublishedJanuary 31, 2023Vendor ReferenceControl Web Panel ChangelogCVE ReferenceCVE-2022-44877CVSS ScoresBase 9.8 / Temporal 8.8DescriptionCentOS Web Panel is vulnerable to Unauthenticated Remote Code Execution Vulnerability. An unauthenticated attacker can send a POST request to /login/index.php along with default credentials to trigger code execution. Affected Versions:CentOS Web Panel versions prior to v0.9.8.1147QID Detection Logic (Unauthenticated):This QID checks for vulnerable CWP7 servers by sending a crafted payload to the server. A vulnerable server tries to connect back to the Qualys scanner on specified port. Please note that a target will only be flagged as vulnerable if it connects back to our scanner. ConsequenceSuccessful exploitation of the vulnerability may result in remote code execution and complete system compromise. SolutionVendor has released patch. Customers are advised to upgrade to latest version, for more details please refer to CWP 7 ChangelogPatches NACVE-2022-24765+QID: 181518Debian Security Update for git (DSA 5332-1)SeverityUrgent5Recently PublishedQualys ID181518Date PublishedJanuary 30, 2023Vendor ReferenceDSA 5332-1CVE ReferenceCVE-2022-24765, CVE-2022-39253, CVE-2022-39260, CVE-2022-29187, CVE-2022-41903, CVE-2022-23521CVSS ScoresBase 9.8 / Temporal 8.5DescriptionDebian has released a security update for git to fix the vulnerabilities.ConsequenceSuccessful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.SolutionRefer to Debian security advisory DSA 5332-1 for updates and patch information.Patches Debian DSA 5332-1CVE-2021-3805+QID: 181517Debian Security Update for node-object-path (DLA 3291-1)SeverityUrgent5Recently PublishedQualys ID181517Date PublishedJanuary 30, 2023Vendor ReferenceDLA 3291-1CVE ReferenceCVE-2021-3805, CVE-2021-23434, CVE-2020-15256CVSS ScoresBase 9.8 / Temporal 8.5DescriptionDebian has released a security update for node-object-path to fix the vulnerabilities.ConsequenceSuccessful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.SolutionRefer to Debian security advisory DLA 3291-1 for updates and patch information.Patches Debian DLA 3291-1CVE-2023-22741QID: 181516Debian Security Update for sofia-sip (DLA 3292-1)SeverityUrgent5Recently PublishedQualys ID181516Date PublishedJanuary 30, 2023Vendor ReferenceDLA 3292-1CVE ReferenceCVE-2023-22741CVSS ScoresBase 9.8 / Temporal 8.5DescriptionDebian has released a security update for sofia-sip to fix the vulnerabilities.ConsequenceSuccessful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.SolutionRefer to Debian security advisory DLA 3292-1 for updates and patch information.Patches Debian DLA 3292-1CVE-2022-1623+QID: 181520Debian Security Update for tiff (DSA 5333-1)SeverityCritical4Recently PublishedQualys ID181520Date PublishedJanuary 30, 2023Vendor ReferenceDSA 5333-1CVE ReferenceCVE-2022-1623, CVE-2022-34526, CVE-2022-2953, CVE-2022-3636, CVE-2022-3570, CVE-2022-1622, CVE-2022-2058, CVE-2022-2057, CVE-2022-2056, CVE-2022-2521, CVE-2022-3627, CVE-2022-2868, CVE-2022-1354, CVE-2022-3599, CVE-2022-2520, CVE-2022-3597, CVE-2022-2867, CVE-2022-48281, CVE-2022-2519, CVE-2022-2869, CVE-2022-1355CVSS ScoresBase 7.8 / Temporal 6.8DescriptionDebian has released a security update for tiff to fix the vulnerabilities.ConsequenceSuccessful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.SolutionRefer to Debian security advisory DSA 5333-1 for updates and patch information.Patches Debian DSA 5333-1CVE-2022-45060QID: 181519Debian Security Update for varnish (DSA 5334-1)SeverityCritical4Recently PublishedQualys ID181519Date PublishedJanuary 30, 2023Vendor ReferenceDSA 5334-1CVE ReferenceCVE-2022-45060CVSS ScoresBase 7.5 / Temporal 6.5DescriptionDebian has released a security update for varnish to fix the vulnerabilities.ConsequenceSuccessful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.SolutionRefer to Debian security advisory DSA 5334-1 for updates and patch information.Patches Debian DSA 5334-1CVE-2021-23450+QID: 181515Debian Security Update for dojo (DLA 3289-1)SeverityUrgent5Recently PublishedQualys ID181515Date PublishedJanuary 30, 2023Vendor ReferenceDLA 3289-1CVE ReferenceCVE-2021-23450, CVE-2020-4051CVSS ScoresBase 9.8 / Temporal 8.5DescriptionDebian has released a security update for dojo to fix the vulnerabilities.ConsequenceSuccessful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.SolutionRefer to Debian security advisory DLA 3289-1 for updates and patch information.Patches Debian DLA 3289-1CVE-2022-27774+QID: 181512Debian Security Update for curl (DLA 3288-1)SeverityUrgent5Recently PublishedQualys ID181512Date PublishedJanuary 30, 2023Vendor ReferenceDLA 3288-1CVE ReferenceCVE-2022-27774, CVE-2022-43552, CVE-2022-27782, CVE-2022-32221, CVE-2022-35252CVSS ScoresBase 9.8 / Temporal 8.5DescriptionDebian has released a security update for curl to fix the vulnerabilities.ConsequenceSuccessful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.SolutionRefer to Debian security advisory DLA 3288-1 for updates and patch information.Patches Debian DLA 3288-1CVE-2022-4285QID: 905322Common Base Linux Mariner (CBL-Mariner) Security Update for binutils (13114)SeverityCritical4Recently PublishedQualys ID905322Date PublishedJanuary 30, 2023Vendor ReferenceMariner_2.0_13114CVE ReferenceCVE-2022-4285CVSS ScoresBase 8.6 / Temporal 7.9DescriptionCBL-Mariner 2.0 is an internal Linux distribution for cloud infrastructure and edge products and services of Microsoft.CBL-Mariner has NOT released a security update for binutils to fix the vulnerabilities.ConsequenceSuccessful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.SolutionPatch is NOT available for the package. 2b1af7f3a8