It was discovered that protobuf did not properly manage memory when serializing
large messages. An attacker could possibly use this issue to cause applications
using protobuf to crash, resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2015-5237)

It was discovered that protobuf did not properly manage memory when parsing
specifically crafted messages. An attacker could possibly use this issue to
cause applications using protobuf to crash, resulting in a denial of service.
(CVE-2022-1941)

Read More

USN-5767-1 fixed a vulnerability in Python. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.

Original advisory details:

It was discovered that Python incorrectly handled certain IDNA inputs.
An attacker could possibly use this issue to expose sensitive information
denial of service, or cause a crash.
(CVE-2022-45061)

Read More

FEDORA-2022-dbb811d203

Packages in this update:

python3.11-3.11.1-1.fc37
python3-docs-3.11.1-1.fc37

Update description:

Update to 3.11.1

Read More

Nicky Mouha discovered that Python incorrectly handled certain SHA-3 internals.
An attacker could possibly use this issue to cause a crash or execute arbitrary code.
(CVE-2022-37454)

It was discovered that Python incorrectly handled certain IDNA inputs.
An attacker could possibly use this issue to expose sensitive information
denial of service, or cause a crash.
(CVE-2022-45061)

Read More

Jan Engelhardt, Tavis Ormandy, and others discovered that the GNU C Library
iconv feature incorrectly handled certain input sequences. An attacker
could possibly use this issue to cause the GNU C Library to hang or crash,
resulting in a denial of service. (CVE-2016-10228, CVE-2019-25013,
CVE-2020-27618)

It was discovered that the GNU C Library did not properly handled DNS
responses when ENDS0 is enabled. An attacker could possibly use this issue
to cause fragmentation-based attacks. (CVE-2017-12132)

Read More

FEDORA-2022-1f2fbb087e

Packages in this update:

wireshark-3.6.10-1.fc36

Update description:

New version 3.6.10

Read More

FEDORA-2022-9d4aa8a486

Packages in this update:

wireshark-4.0.2-1.fc37

Update description:

New version 4.0.2

Read More

FEDORA-2022-de755fd092

Packages in this update:

python3.12-3.12.0~a3-1.fc36

Update description:

Update to 3.12.0a3

Read More

FEDORA-2022-3d7e44dbd5

Packages in this update:

python3.12-3.12.0~a3-1.fc37

Update description:

Update to 3.12.0a3

Read More

A vulnerability was found in annyshow DuxCMS 2.1. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-215116.

Read More