Read Time:9 Second
FEDORA-2022-ae2559a8f4
Packages in this update:
mingw-pixman-0.42.2-1.fc35
Update description:
Update to 0.42.2, fixes CVE-2022-44638 and CVE-2022-43680.
Category Archives: Advisories
DSA-5270 ntfs-3g – security update
Read Time:13 Second
Yuchen Zeng and Eduardo Vela discovered a buffer overflow in NTFS-3G, a
read-write NTFS driver for FUSE, due to incorrect validation of some of
the NTFS metadata. A local user can take advantage of this flaw for
local root privilege escalation.
CVE-2021-39077 (security_guardium)
Read Time:12 Second
“IBM Security Guardium 10.5, 10.6, 11.0, 11.1, 11.2, 11.3, and 11.4 stores user credentials in plain clear text which can be read by a local privileged user. IBM X-Force ID: 215587.”
CVE-2021-36906
Read Time:6 Second
Multiple Insecure Direct Object References (IDOR) vulnerabilities in ExpressTech Quiz And Survey Master plugin <= 7.3.6 on WordPress.
CVE-2021-37823 (opencart)
Read Time:6 Second
OpenCart 3.0.3.7 allows users to obtain database information or read server files through SQL injection in the background.
CVE-2020-22819
Read Time:4 Second
MKCMS V6.2 has SQL injection via the /ucenter/active.php verify parameter.
CVE-2020-22820
Read Time:4 Second
MKCMS V6.2 has SQL injection via the /ucenter/repass.php name parameter.
CVE-2020-22818
USN-5713-1: Python vulnerability
Read Time:9 Second
Devin Jeanpierre discovered that Python incorrectly handled sockets when
the multiprocessing module was being used. A local attacker could possibly
use this issue to execute arbitrary code and escalate privileges.
USN-5712-1: SQLite vulnerability
Read Time:10 Second
It was discovered that SQLite did not properly handle large string
inputs in certain circumstances. An attacker could possibly use this
issue to cause a denial of service or arbitrary code execution.