Re: over 2000 packages depend on abort()ing libgmp
Posted by Matthew Fernandez on Sep 19 What is the security boundary being violated here? As a maintainer of some of the packages implicated here,...
Microsoft Patch Tuesday Fixed Vulnerability (CVE-2022-34718) More Likely To Be Exploited
Microsoft has released 63 security patches for this month's September 2022 release. One of the fixes is for CVE-2022-34718 (Windows TCP/IP Remote Code Execution Vulnerability)....
libofx-0.10.7-2.fc37
FEDORA-2022-cfb44eb79a Packages in this update: libofx-0.10.7-2.fc37 Update description: Memory-related security fixes, BZ 2127755 Read More
libofx-0.10.7-2.fc35
FEDORA-2022-c9028047bf Packages in this update: libofx-0.10.7-2.fc35 Update description: Memory-related security fixes, BZ 2127755 Read More
libofx-0.10.7-2.fc36
FEDORA-2022-95000d85e2 Packages in this update: libofx-0.10.7-2.fc36 Update description: Memory-related security fixes, BZ 2127755 Read More
ZDI-22-1287: Microsoft Office Visio EMF File Parsing Memory Corruption Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Visio. User interaction is required to exploit this vulnerability in...
ZDI-22-1286: Microsoft PowerPoint PPTX File Parsing Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft PowerPoint. User interaction is required to exploit this vulnerability in that...
ZDI-22-1285: Microsoft Windows Group Policy Preference Link Following Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. This vulnerability is dependent upon a Group Policy setting, and an...
ZDI-22-1284: Microsoft Windows DirectX Graphics Use-After-Free Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code...
ZDI-22-1283: Adobe Bridge DCM File Parsing Use-After-Free Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that...