It was discovered that Open vSwitch incorrectly handled comparison of
certain minimasks. A remote attacker could use this issue to cause Open
vSwitch to crash, resulting in a denial of service, or possibly execute
arbitrary code.
php-8.0.25-1.fc35
PHP version 8.0.25 (27 Oct 2022)
GD:
Fixed bug php#81739: OOB read due to insufficient input validation in imageloadfont(). (CVE-2022-31630) (cmb)
Hash:
Fixed bug php#81738: buffer overflow in hash_update() on long parameter. (CVE-2022-37454) (nicky at mouha dot be)
Session:
Fixed bug GH-9583 (session_create_id() fails with user defined save handler that doesn’t have a validateId() method). (Girgias)
Streams:
Fixed bug GH-9590 (stream_select does not abort upon exception or empty valid fd set). (Arnaud)
Douglas Mendizabal discovered that Barbican incorrectly handled certain
query strings. A remote attacker could possibly use this issue to bypass
the access policy.
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR841N routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of GnuPG libksba. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of GnuPG libksba. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of GnuPG libksba. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Corel CorelDRAW Graphics Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of IronCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Corel CorelDRAW Graphics Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
