Category Archives: Advisories

DSA-5234 fish – security update

Read Time:17 Second

An arbitrary code execution vulnerability was disovered in fish, a
command line shell. When using the default configuraton of fish,
changing to a directory automatically ran `git` commands in order to
display information about the current repository in the prompt. Such
repositories can contain per-repository configuration that change the
behavior of git, including running arbitrary commands.

Read More

CVE-2020-36602

Read Time:16 Second

There is an out-of-bounds read and write vulnerability in some headset products. An unauthenticated attacker gets the device physically and crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause out-of-bounds read and write.

Read More

CVE-2021-46834

Read Time:10 Second

A permission bypass vulnerability in Huawei cross device task management could allow an attacker to access certain resource in the attacked devices. Affected product versions include:JAD-AL50 versions 102.0.0.225(C00E220R3P4).

Read More

webkitgtk-2.38.0-2.fc37

Read Time:12 Second

FEDORA-2022-0c00617967

Packages in this update:

webkitgtk-2.38.0-2.fc37

Update description:

Update to 2.38.0
Remove /usr/bin/WebKitWebDriver from webkit2gtk5.0 package to avoid conflict with webkit2gtk4.1
Security fixes: CVE-2022-32886

Read More

CVE-2016-20015

Read Time:14 Second

In the ebuild package through smokeping-2.7.3-r1 for SmokePing on Gentoo, the initscript allows the smokeping user to gain ownership of any file, allowing for the smokeping user to gain root privileges. There is a race condition involving /var/lib/smokeping and chown.

Read More