Read Time:3 Second
Several vulnerabilities were discovered in BIND, a DNS server
implementation.
Category Archives: Advisories
CVE-2021-43310
Read Time:13 Second
A vulnerability in Keylime before 6.3.0 allows an attacker to craft a request to the agent that resets the U and V keys as if the agent were being re-added to a verifier. This could lead to a remote code execution.
CVE-2019-5641
Read Time:14 Second
Rapid7 InsightVM suffers from an information exposure issue whereby, when the user’s session has ended due to inactivity, an attacker can use the Inspect Element browser feature to remove the login panel and view the details available in the last webpage visited by previous user
thunderbird-102.3.0-1.fc37
Read Time:12 Second
FEDORA-2022-b4583f536b
Packages in this update:
thunderbird-102.3.0-1.fc37
Update description:
Update to 102.3.0 ;
https://www.mozilla.org/en-US/security/advisories/mfsa2022-42/ ;
https://www.thunderbird.net/en-US/thunderbird/102.3.0/releasenotes/
thunderbird-102.3.0-1.fc35
Read Time:12 Second
FEDORA-2022-e88213dd24
Packages in this update:
thunderbird-102.3.0-1.fc35
Update description:
Update to 102.3.0 ;
https://www.mozilla.org/en-US/security/advisories/mfsa2022-42/ ;
https://www.thunderbird.net/en-US/thunderbird/102.3.0/releasenotes/
thunderbird-102.3.0-1.fc36
Read Time:12 Second
FEDORA-2022-feb7bdf6b2
Packages in this update:
thunderbird-102.3.0-1.fc36
Update description:
Update to 102.3.0 ;
https://www.mozilla.org/en-US/security/advisories/mfsa2022-42/ ;
https://www.thunderbird.net/en-US/thunderbird/102.3.0/releasenotes/
qemu-6.2.0-15.fc36
Read Time:8 Second
FEDORA-2022-f0a2695054
Packages in this update:
qemu-6.2.0-15.fc36
Update description:
nvme: Fix DMA reentrancy use-after-free (CVE-2021-3929)
CVE-2022-0495 (koha_library_automation)
Read Time:10 Second
The library automation system product KOHA developed by Parantez Teknoloji before version 19.05.03 has an unauthenticated SQL Injection vulnerability. This has been fixed in the version 19.05.03.01.
ZDI-22-1295: Apple macOS TIFF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
Read Time:11 Second
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the CoreGraphics framework is required to exploit this vulnerability but attack vectors may vary depending on the implementation.
DSA-5232 tinygltf – security update
Read Time:9 Second
It was discovered that the wordexp() function of tinygltf, a library to
load/save glTF (GL Transmission Format) files was susceptible to command
execution when processing untrusted files.