Category: Advisories

The library automation system product KOHA developed by Parantez Teknoloji before version 19.05.03 has an unauthenticated SQL Injection vulnerability. This has been fixed in the...

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the CoreGraphics framework is required to exploit this...

It was discovered that the wordexp() function of tinygltf, a library to load/save glTF (GL Transmission Format) files was susceptible to command execution when processing...

An arbitrary code execution vulnerability was disovered in fish, a command line shell. When using the default configuraton of fish, changing to a directory automatically...

Maher Azzouzi discovered that missing input sanitising in the Enlightenment window manager may result in local privilege escalation to root. Read More

There is an out-of-bounds read and write vulnerability in some headset products. An unauthenticated attacker gets the device physically and crafts malformed message with specific...

A permission bypass vulnerability in Huawei cross device task management could allow an attacker to access certain resource in the attacked devices. Affected product versions...

FEDORA-2022-0c00617967 Packages in this update: webkitgtk-2.38.0-2.fc37 Update description: Update to 2.38.0 Remove /usr/bin/WebKitWebDriver from webkit2gtk5.0 package to avoid conflict with webkit2gtk4.1 Security fixes: CVE-2022-32886 Read...

In the ebuild package through smokeping-2.7.3-r1 for SmokePing on Gentoo, the initscript allows the smokeping user to gain ownership of any file, allowing for the...

In the ebuild package through smokeping-2.7.3-r1 for SmokePing on Gentoo, the initscript uses a PID file that is writable by the smokeping user. By writing...