Read Time:7 Second
A buffer overflow was discovered in the VNC module of the VLC media
player, which could result in the execution of arbitrary code.
Category Archives: Advisories
CVE-2022-23143 (otcp_firmware)
Read Time:10 Second
ZTE OTCP product is impacted by a permission and access control vulnerability. Due to improper permission settings, an attacker with high permissions could use this vulnerability to maliciously delete and modify files.
CVE-2021-34181 (tomexam)
Read Time:5 Second
Cross Site Scripting (XSS) vulnerability in TomExam 3.0 via p_name parameter to list.thtml.
CVE-2022-1540 (postmagthemes_demo_import)
Read Time:10 Second
The PostmagThemes Demo Import WordPress plugin through 1.0.7 does not validate the imported file, allowing high-privilege users such as admin to upload arbitrary files (such as PHP) leading to RCE.
USN-5762-1: GNU binutils vulnerability
Read Time:8 Second
It was discovered that GNU binutils incorrectly handled certain COFF files.
An attacker could possibly use this issue to cause a crash or execute
arbitrary code.
USN-5761-1: ca-certificates update
Read Time:9 Second
Due to security concerns, the TrustCor certificate authority has been
marked as distrusted in Mozilla’s root store. This update removes the
TrustCor CA certificates from the ca-certificates package.
A Vulnerability in Google Chrome Could Allow for Arbitrary Code Execution
Read Time:29 Second
A Vulnerability has been discovered in Google Chrome which could allow for arbitrary code execution. Google Chrome is a web browser used to access the internet. Successful exploitation of this vulnerability could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
USN-5760-2: libxml2 vulnerabilities
Read Time:24 Second
USN-5760-1 fixed vulnerabilities in libxml2. This update provides the
corresponding updates for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that libxml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to expose sensitive information
or cause a crash. (CVE-2022-40303)
It was discovered that libxml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to execute arbitrary code.
(CVE-2022-40304)
vim-9.0.1006-1.fc36
Read Time:10 Second
FEDORA-2022-fc4c513d06
Packages in this update:
vim-9.0.1006-1.fc36
Update description:
The newest upstream commit
Security fix for CVE-2022-4141
Vim did not recognize key codes passed by Kitty
vim-9.0.1006-1.fc37
Read Time:10 Second
FEDORA-2022-1e14f3ae45
Packages in this update:
vim-9.0.1006-1.fc37
Update description:
The newest upstream commit
Security fix for CVE-2022-4141
Vim did not recognize key codes passed by Kitty