This vulnerability allows remote attackers to disclose sensitive information on affected installations of Delta Electronics InfraSuite Device Master. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
Category Archives: Advisories
ZDI-23-081: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
CVE-2010-10006
A vulnerability, which was classified as problematic, was found in michaelliao jopenid. Affected is the function getAuthentication of the file JOpenId/src/org/expressme/openid/OpenIdManager.java. The manipulation leads to observable timing discrepancy. Upgrading to version 1.08 is able to address this issue. The name of the patch is c9baaa976b684637f0d5a50268e91846a7a719ab. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-218460.
DSA-5321 sudo – security update
Matthieu Barjole and Victor Cutillas discovered that sudoedit in sudo, a
program designed to provide limited super user privileges to specific
users, does not properly handle ‘–‘ to separate the editor and
arguments from files to edit. A local user permitted to edit certain
files can take advantage of this flaw to edit a file not permitted by
the security policy, resulting in privilege escalation.
DSA-5322 firefox-esr – security update
Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary
code, information disclosure or spoofing.
CVE-2014-125081
A vulnerability, which was classified as critical, has been found in risheesh debutsav. This issue affects some unknown processing. The manipulation leads to sql injection. The name of the patch is 7a8430df79277c613449262201cc792db894fc76. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218459.
libXpm-3.5.15-2.fc36
FEDORA-2023-49dbeb6b03
Packages in this update:
libXpm-3.5.15-2.fc36
Update description:
libXpm 3.5.15, fixes CVE-2022-46285, CVE-2022-44617, CVE-2022-4883
libXpm-3.5.15-2.fc37
FEDORA-2023-1bd07375a7
Packages in this update:
libXpm-3.5.15-2.fc37
Update description:
libXpm 3.5.15, fixes CVE-2022-46285, CVE-2022-44617, CVE-2022-4883
git-2.39.1-1.fc37
FEDORA-2023-9718cc6113
Packages in this update:
git-2.39.1-1.fc37
Update description:
Update to 2.39.1 (CVE-2022-41903, CVE-2022-23521)
Refer to the upstream release notes and the security advisories (CVE-2022-41903, CVE-2022-23521) for details.
git-2.39.1-1.fc36
FEDORA-2023-746c4aacce
Packages in this update:
git-2.39.1-1.fc36
Update description:
Update to 2.39.1 (CVE-2022-41903, CVE-2022-23521)
Refer to the upstream release notes and the security advisories (CVE-2022-41903, CVE-2022-23521) for details.