ZDI-22-752: Adobe Character Animator SVG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

May 10, 2022

Read Time:12 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Character Animator. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

Advisories

ZDI-22-753: Adobe Acrobat Pro DC Doc flattenPages Use-After-Free Remote Code Execution Vulnerability

May 10, 2022

Read Time:12 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

Advisories

ZDI-22-754: Adobe Acrobat Pro DC Doc buttonSetIcon Use-After-Free Information Disclosure Vulnerability

May 10, 2022

Read Time:12 Second

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

Advisories

ZDI-22-755: Adobe FrameMaker Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

May 10, 2022

Read Time:11 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe FrameMaker. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

Advisories

ZDI-22-756: Cisco RV340 JSON RPC set-snmp Stack-based Buffer Overflow Remote Code Execution Vulnerability

May 10, 2022

Read Time:10 Second

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Cisco RV340 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.

Advisories

[R1] Nessus Network Monitor 6.0.1 Fixes Multiple Third-party Vulnerabilities

May 9, 2022

Read Time:31 Second

[R1] Nessus Network Monitor 6.0.1 Fixes Multiple Third-party Vulnerabilities
Arnie Cabral
Mon, 05/09/2022 – 17:04

Nessus Network Monitor leverages third-party software to help provide underlying functionality. Several third-party components (OpenSSL and jQuery UI) were found to contain vulnerabilities, and updated versions have been made available by the providers.

Out of caution and in line with best practice, Tenable opted to upgrade the bundled components to address the potential impact of these issues. Nessus Network Monitor 6.0.1 updates OpenSSL to version 1.1.1n and jQueryUI to 1.13.0 to address the identified vulnerabilities.

Advisories

kernel-5.17.6-100.fc34 kernel-headers-5.17.6-100.fc34 kernel-tools-5.17.6-100.fc34

May 9, 2022

Read Time:14 Second

FEDORA-2022-a0f65397a3

Packages in this update:

kernel-5.17.6-100.fc34
kernel-headers-5.17.6-100.fc34
kernel-tools-5.17.6-100.fc34

Update description:

The 5.17.6 stable kernel updates contain a number of important fixes across the tree.

Advisories

kernel-5.17.6-300.fc36 kernel-headers-5.17.6-300.fc36 kernel-tools-5.17.6-300.fc36

May 9, 2022

Read Time:14 Second

FEDORA-2022-e9378a3573

Packages in this update:

kernel-5.17.6-300.fc36
kernel-headers-5.17.6-300.fc36
kernel-tools-5.17.6-300.fc36

Update description:

The 5.17.6 stable kernel updates contain a number of important fixes across the tree.

Advisories

kernel-5.17.6-200.fc35 kernel-headers-5.17.6-200.fc35 kernel-tools-5.17.6-200.fc35

May 9, 2022

Read Time:14 Second

FEDORA-2022-fd85148be2

Packages in this update:

kernel-5.17.6-200.fc35
kernel-headers-5.17.6-200.fc35
kernel-tools-5.17.6-200.fc35

Update description:

The 5.17.6 stable kernel updates contain a number of important fixes across the tree.

Advisories

vim-8.2.4927-1.fc34

May 9, 2022

Read Time:9 Second

FEDORA-2022-8df66cdbef

Packages in this update:

vim-8.2.4927-1.fc34

Update description:

patchlevel 4927

Security fixes for CVE-2022-1616, CVE-2022-1619, CVE-2022-1619

Cyber Security News

Monthly Archives: May 2022

ZDI-22-752: Adobe Character Animator SVG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

ZDI-22-753: Adobe Acrobat Pro DC Doc flattenPages Use-After-Free Remote Code Execution Vulnerability

ZDI-22-754: Adobe Acrobat Pro DC Doc buttonSetIcon Use-After-Free Information Disclosure Vulnerability

ZDI-22-755: Adobe FrameMaker Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

ZDI-22-756: Cisco RV340 JSON RPC set-snmp Stack-based Buffer Overflow Remote Code Execution Vulnerability

[R1] Nessus Network Monitor 6.0.1 Fixes Multiple Third-party Vulnerabilities

kernel-5.17.6-100.fc34 kernel-headers-5.17.6-100.fc34 kernel-tools-5.17.6-100.fc34

FEDORA-2022-a0f65397a3

Packages in this update:

Update description:

kernel-5.17.6-300.fc36 kernel-headers-5.17.6-300.fc36 kernel-tools-5.17.6-300.fc36

FEDORA-2022-e9378a3573

Packages in this update:

Update description:

kernel-5.17.6-200.fc35 kernel-headers-5.17.6-200.fc35 kernel-tools-5.17.6-200.fc35

FEDORA-2022-fd85148be2

Packages in this update:

Update description:

vim-8.2.4927-1.fc34

FEDORA-2022-8df66cdbef

Packages in this update:

Update description:

News, Advisories and much more