Category: Advisories

It was discovered that GnuTLS incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause GnuTLS to crash, resulting in...

Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser...

FEDORA-2022-8d29386f00 Packages in this update: sfnt2woff-zopfli-1.3.1-3.fc37 Update description: Fix a possible double free in woffEncode() Read More

FEDORA-2022-d50ded078e Packages in this update: woff-0.20091126-33.fc35 Update description: Fix a possible double free in woffEncode(). Update License to SPDX improved summary and description Add hand-written...

FEDORA-2022-706c76c4f0 Packages in this update: woff-0.20091126-34.fc36 Update description: Fix a possible double free in woffEncode(). Update License to SPDX improved summary and description Add hand-written...

VMware Tools for Windows (12.x.y prior to 12.1.5, 11.x.y and 10.x.y) contains a denial-of-service vulnerability in the VM3DMP driver. A malicious actor with local user...

Erik de Castro Lopo and Agostino Sarubbo discovered that libsamplerate did not properly perform bounds checking. If a user were tricked into processing a specially...

Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure...

Posted by Thomas Weber on Nov 29 CyberDanube Security Research 20221124-0 -------------------------------------------------------------------------------                title| Authenticated Command Injection              product| Hirschmann (Belden) BAT-C2   vulnerable version|...

Posted by Egidio Romano on Nov 29 Hello list, Just wanted to share with you my latest blog post: http://karmainsecurity.com/exploiting-an-nday-vbulletin-php-object-injection Best regards, /EgiX Read More