Category Archives: Advisories

CVE-2019-5641

September 21, 2022

Read Time:14 Second

Rapid7 InsightVM suffers from an information exposure issue whereby, when the user’s session has ended due to inactivity, an attacker can use the Inspect Element browser feature to remove the login panel and view the details available in the last webpage visited by previous user

Advisories

thunderbird-102.3.0-1.fc37

September 21, 2022

Read Time:12 Second

FEDORA-2022-b4583f536b

Packages in this update:

thunderbird-102.3.0-1.fc37

Update description:

Update to 102.3.0 ;
https://www.mozilla.org/en-US/security/advisories/mfsa2022-42/ ;
https://www.thunderbird.net/en-US/thunderbird/102.3.0/releasenotes/

Advisories

thunderbird-102.3.0-1.fc35

September 21, 2022

Read Time:12 Second

FEDORA-2022-e88213dd24

Packages in this update:

thunderbird-102.3.0-1.fc35

Update description:

Update to 102.3.0 ;
https://www.mozilla.org/en-US/security/advisories/mfsa2022-42/ ;
https://www.thunderbird.net/en-US/thunderbird/102.3.0/releasenotes/

Advisories

thunderbird-102.3.0-1.fc36

September 21, 2022

Read Time:12 Second

FEDORA-2022-feb7bdf6b2

Packages in this update:

thunderbird-102.3.0-1.fc36

Update description:

Update to 102.3.0 ;
https://www.mozilla.org/en-US/security/advisories/mfsa2022-42/ ;
https://www.thunderbird.net/en-US/thunderbird/102.3.0/releasenotes/

Advisories

qemu-6.2.0-15.fc36

September 21, 2022

Read Time:8 Second

FEDORA-2022-f0a2695054

Packages in this update:

qemu-6.2.0-15.fc36

Update description:

nvme: Fix DMA reentrancy use-after-free (CVE-2021-3929)

Advisories

CVE-2022-0495 (koha_library_automation)

September 21, 2022

Read Time:10 Second

The library automation system product KOHA developed by Parantez Teknoloji before version 19.05.03 has an unauthenticated SQL Injection vulnerability. This has been fixed in the version 19.05.03.01.

Advisories

ZDI-22-1295: Apple macOS TIFF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

September 21, 2022

Read Time:11 Second

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the CoreGraphics framework is required to exploit this vulnerability but attack vectors may vary depending on the implementation.

Advisories

DSA-5232 tinygltf – security update

September 21, 2022

Read Time:9 Second

It was discovered that the wordexp() function of tinygltf, a library to
load/save glTF (GL Transmission Format) files was susceptible to command
execution when processing untrusted files.

Advisories

DSA-5234 fish – security update

September 21, 2022

Read Time:17 Second

An arbitrary code execution vulnerability was disovered in fish, a
command line shell. When using the default configuraton of fish,
changing to a directory automatically ran `git` commands in order to
display information about the current repository in the prompt. Such
repositories can contain per-repository configuration that change the
behavior of git, including running arbitrary commands.

Advisories

DSA-5233 e17 – security update

September 21, 2022

Read Time:6 Second

Maher Azzouzi discovered that missing input sanitising in the
Enlightenment window manager may result in local privilege escalation to
root.

News, Advisories and much more

Exit mobile version