This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Animate. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
Category Archives: Advisories
ZDI-22-1289: Apple macOS vImage ICC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-1288: Microsoft SharePoint Workflow Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint. Authentication is required to exploit this vulnerability.
webkitgtk-2.38.0-1.fc37
FEDORA-2022-4f12baa610
Packages in this update:
webkitgtk-2.38.0-1.fc37
Update description:
Update to 2.38.0
Security fixes: CVE-2022-32886
DSA-5231 connman – security update
Several vulnerabilities were discovered in ConnMan, a network manager
for embedded devices, which could result in denial of service or the
execution of arbitrary code.
webkit2gtk3-2.38.0-2.fc35
FEDORA-2022-ece798a8d4
Packages in this update:
webkit2gtk3-2.38.0-2.fc35
Update description:
New media controls UI style.
Add new API to set WebView’s Content-Security-Policy for web extensions support.
Make it possible to use the remote inspector from other browsers using WEBKIT_INSPECTOR_HTTP_SERVER env var.
MediaSession is enabled by default, allowing remote media control using MPRIS.
Add support for PDF documents using PDF.js.
Security fixes: CVE-2022-32886
webkit2gtk3-2.38.0-2.fc36
FEDORA-2022-a77b646471
Packages in this update:
webkit2gtk3-2.38.0-2.fc36
Update description:
New media controls UI style.
Add new API to set WebView’s Content-Security-Policy for web extensions support.
Make it possible to use the remote inspector from other browsers using WEBKIT_INSPECTOR_HTTP_SERVER env var.
MediaSession is enabled by default, allowing remote media control using MPRIS.
Add support for PDF documents using PDF.js.
Security fixes: CVE-2022-32886
CVE-2020-25491
6Kare Emakin 5.0.341.0 is affected by Cross Site Scripting (XSS) via the /rpc/membership/setProfile DisplayName field, which is mishandled when rendering the Activity Stream page.
CVE-2020-36600 (emui, magic_ui)
Out-of-bounds write vulnerability in the power consumption module. Successful exploitation of this vulnerability may cause the system to restart.
CVE-2020-36601 (emui, magic_ui)
Out-of-bounds write vulnerability in the kernel modules. Successful exploitation of this vulnerability may cause a panic reboot.