Category: Advisories

Marlon Starkloff discovered that twig, a template engine for PHP, did not correctly enforce sandboxing. This would allow a malicious user to execute arbitrary code....

USN-5651-1 fixed a vulnerability in strongSwan. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Lahav Schlesinger...

Lahav Schlesinger discovered that strongSwan incorrectly handled certain OCSP URIs and and CRL distribution points (CDP) in certificates. A remote attacker could possibly use this...

USN-5614-1 fixed a vulnerability in Wayland. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that Wayland incorrectly...

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an...

Under certain conditions, an attacker could create an unintended sphere of control through a vulnerability present in file delete operation in Autodesk desktop app (ADA)....

Posted by malvuln on Oct 03 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022 Original source: https://malvuln.com/advisory/de6220a8e8fcbbee9763fb10e0ca23d7.txt Contact: malvuln13 () gmail com Media:...

Posted by malvuln on Oct 03 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022 Original source: https://malvuln.com/advisory/273fd3f33279cc9c0378a49cf63d7a06.txt Contact: malvuln13 () gmail com Media:...

Posted by Rodolfo Tavares via Fulldisclosure on Oct 03 =====[ Tempest Security Intelligence - ADV-15/2022 ]========================== Wordpress plugin - WPvivid Backup - Version < 0.9.76...

The Donation Thermometer WordPress plugin before 2.1.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin...