Read Time:10 Second
All versions of CEVAS prior to 1.01.46 do not sufficiently validate user-controllable input and could allow a user to bypass authentication and retrieve data with specially crafted SQL queries.
Category Archives: Advisories
CVE-2021-38395
Read Time:11 Second
Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to improper neutralization of special elements in output, which may allow an attacker to remotely execute arbitrary code and cause a denial-of-service condition.
CVE-2021-38397
Read Time:10 Second
Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to unrestricted file uploads, which may allow an attacker to remotely execute arbitrary code and cause a denial-of-service condition.
USN-5705-1: LibTIFF vulnerabilities
Read Time:25 Second
Chintan Shah discovered that LibTIFF incorrectly handled memory in
certain conditions. An attacker could trick a user into processing a specially
crafted image file and potentially use this issue to allow for information
disclosure or to cause the application to crash. (CVE-2022-3570)
It was discovered that LibTIFF incorrectly handled memory in certain
conditions. An attacker could trick a user into processing a specially
crafted tiff file and potentially use this issue to cause a denial of service.
(CVE-2022-3598)
USN-5706-1: Linux kernel (Azure CVM) vulnerabilities
Read Time:2 Minute, 9 Second
It was discovered that the BPF verifier in the Linux kernel did not
properly handle internal data structures. A local attacker could use this
to expose sensitive information (kernel memory). (CVE-2021-4159)
It was discovered that an out-of-bounds write vulnerability existed in the
Video for Linux 2 (V4L2) implementation in the Linux kernel. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2022-20369)
Duoming Zhou discovered that race conditions existed in the timer handling
implementation of the Linux kernel’s Rose X.25 protocol layer, resulting in
use-after-free vulnerabilities. A local attacker could use this to cause a
denial of service (system crash). (CVE-2022-2318)
Roger Pau Monné discovered that the Xen virtual block driver in the Linux
kernel did not properly initialize memory pages to be used for shared
communication with the backend. A local attacker could use this to expose
sensitive information (guest kernel memory). (CVE-2022-26365)
Pawan Kumar Gupta, Alyssa Milburn, Amit Peled, Shani Rehana, Nir Shildan
and Ariel Sabba discovered that some Intel processors with Enhanced
Indirect Branch Restricted Speculation (eIBRS) did not properly handle RET
instructions after a VM exits. A local attacker could potentially use this
to expose sensitive information. (CVE-2022-26373)
Eric Biggers discovered that a use-after-free vulnerability existed in the
io_uring subsystem in the Linux kernel. A local attacker could possibly use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2022-3176)
Roger Pau Monné discovered that the Xen paravirtualization frontend in the
Linux kernel did not properly initialize memory pages to be used for shared
communication with the backend. A local attacker could use this to expose
sensitive information (guest kernel memory). (CVE-2022-33740)
It was discovered that the Xen paravirtualization frontend in the Linux
kernel incorrectly shared unrelated data when communicating with certain
backends. A local attacker could use this to cause a denial of service
(guest crash) or expose sensitive information (guest kernel memory).
(CVE-2022-33741, CVE-2022-33742)
Oleksandr Tyshchenko discovered that the Xen paravirtualization platform in
the Linux kernel on ARM platforms contained a race condition in certain
situations. An attacker in a guest VM could use this to cause a denial of
service in the host OS. (CVE-2022-33744)
It was discovered that the Netlink Transformation (XFRM) subsystem in the
Linux kernel contained a reference counting error. A local attacker could
use this to cause a denial of service (system crash). (CVE-2022-36879)
ghc-cmark-gfm-0.2.5-1.fc37
Read Time:10 Second
FEDORA-2022-dc6d6d9d6c
Packages in this update:
ghc-cmark-gfm-0.2.5-1.fc37
Update description:
updates the C library to 0.29.0.gfm.6 which fixes CVE-2022-39209
azure-cli-2.41.0-2.fc38
Read Time:15 Second
FEDORA-2022-ea9c1a9b20
Packages in this update:
azure-cli-2.41.0-2.fc38
Update description:
Automatic update for azure-cli-2.41.0-2.fc38.
Changelog
* Thu Oct 27 2022 Major Hayden <major@redhat.com> 2.41.0-2
– Fix az local dir import bug rhbz#2053193
USN-5704-1: DBus vulnerabilities
Read Time:33 Second
It was discovered that DBus incorrectly handled messages with invalid type
signatures. A local attacker could possibly use this issue to cause DBus to
crash, resulting in a denial of service. (CVE-2022-42010)
It was discovered that DBus was incorrectly validating the length of arrays of
fixed-length items. A local attacker could possibly use this issue to cause
DBus to crash, resulting in a denial of service. (CVE-2022-42011)
It was discovered that DBus incorrectly handled the body DBus message with
attached file descriptors. A local attacker could possibly use this issue to
cause DBus to crash, resulting in a denial of service. (CVE-2022-42012)
python3.9-3.9.15-1.fc35
Read Time:16 Second
FEDORA-2022-523c1c8017
Packages in this update:
python3.9-3.9.15-1.fc35
Update description:
The release you’re looking at is Python 3.9.15, a security bugfix release for the legacy 3.9 series. https://docs.python.org/release/3.9.15/whatsnew/changelog.html#python-3-9-15-final
curl-7.85.0-2.fc37
Read Time:17 Second
FEDORA-2022-e9d65906c4
Packages in this update:
curl-7.85.0-2.fc37
Update description:
url: use IDN decoded names for HSTS checks (CVE-2022-42916)
http_proxy: restore the protocol pointer on error (CVE-2022-42915)
netrc: replace fgets with Curl_get_line (CVE-2022-35260)
fix POST following PUT confusion (CVE-2022-32221)