ZDI-22-791: Apple macOS SCPT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that...
ZDI-22-792: Apple macOS ImageIO WebP File Parsing Integer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the ImageIO library is required to exploit this...
ZDI-22-793: Apple Safari WebGL generateMipmap Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple Safari. User interaction is required to exploit this vulnerability in that...
ZDI-22-794: Apple macOS HEIC File Parsing Memory Corruption Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that...
ZDI-22-795: Delta Industrial Automation ASDA-Soft SCP File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation ASDA-Soft. User interaction is required to exploit this vulnerability...
ZDI-22-796: Delta Industrial Automation ASDA-Soft PAR File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation ASDA-Soft. User interaction is required to exploit this vulnerability...
ZDI-22-797: Trend Micro Apex One Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One. An attacker must first obtain the ability to execute...
USN-5445-1: Subversion vulnerabilities
Ace Olszowka discovered that Subversion incorrectly handled certain svnserve requests. A remote attacker could possibly use this issue to cause svnserver to crash, resulting in...
DSA-5149 cups – security update
Joshua Mason discovered that a logic error in the validation of the secret key used in the local authorisation mode of the CUPS printing system...
Smashing Security podcast #276: Webcam extortion, Michael Fish, and food foul-ups
A browser extension bug let malicious websites spy on webcams, hackers threaten the global food supply chain, and Michael Fish (not that one...) hacked into...