ZDI-22-1295: Apple macOS TIFF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the CoreGraphics framework is required to exploit this...
DSA-5232 tinygltf – security update
It was discovered that the wordexp() function of tinygltf, a library to load/save glTF (GL Transmission Format) files was susceptible to command execution when processing...
DSA-5234 fish – security update
An arbitrary code execution vulnerability was disovered in fish, a command line shell. When using the default configuraton of fish, changing to a directory automatically...
DSA-5233 e17 – security update
Maher Azzouzi discovered that missing input sanitising in the Enlightenment window manager may result in local privilege escalation to root. Read More
CVE-2020-36602
There is an out-of-bounds read and write vulnerability in some headset products. An unauthenticated attacker gets the device physically and crafts malformed message with specific...
CVE-2021-46834
A permission bypass vulnerability in Huawei cross device task management could allow an attacker to access certain resource in the attacked devices. Affected product versions...
webkitgtk-2.38.0-2.fc37
FEDORA-2022-0c00617967 Packages in this update: webkitgtk-2.38.0-2.fc37 Update description: Update to 2.38.0 Remove /usr/bin/WebKitWebDriver from webkit2gtk5.0 package to avoid conflict with webkit2gtk4.1 Security fixes: CVE-2022-32886 Read...
CVE-2016-20015
In the ebuild package through smokeping-2.7.3-r1 for SmokePing on Gentoo, the initscript allows the smokeping user to gain ownership of any file, allowing for the...
CVE-2017-20147
In the ebuild package through smokeping-2.7.3-r1 for SmokePing on Gentoo, the initscript uses a PID file that is writable by the smokeping user. By writing...
CVE-2017-20148
In the ebuild package through logcheck-1.3.23.ebuild for Logcheck on Gentoo, it is possible to achieve root privilege escalation from the logcheck user because of insecure...