This vulnerability allows remote attackers to execute arbitrary code on affected installations of ManageEngine OpManager. Authentication is required to exploit this vulnerability.

Read More

Posted by Apple Product Security via Fulldisclosure on Aug 31

APPLE-SA-2022-08-31-1 iOS 12.5.6

iOS 12.5.6 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213428.

iOS 12 is not impacted by CVE-2022-32894.

WebKit
Available for: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad
mini 2, iPad mini 3, and iPod touch (6th generation)
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution. Apple is aware of…

Read More

Multiple security issues were discovered in Chromium, which could result
in the execution of arbitrary code, denial of service or information
disclosure.

Read More

FEDORA-2022-6835ddb6d8

Packages in this update:

kernel-5.19.6-100.fc35

Update description:

The 5.19.6 stable kernel update contains a number of important fixes across the tree.

Read More

FEDORA-2022-ccb0138bb6

Packages in this update:

kernel-5.19.6-300.fc37

Update description:

The 5.19.6 stable kernel update contains a number of important fixes across the tree.

Read More

FEDORA-2022-35c14ba5bb

Packages in this update:

kernel-5.19.6-200.fc36

Update description:

The 5.19.6 stable kernel update contains a number of important fixes across the tree.

Read More

Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser used to access the internet. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Read More

Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser used to access the internet. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Read More

A crafted input file could cause a null pointer dereference in jcopy_sample_rows() when processed by libjpeg-turbo.

Read More

In gcc, an internal compiler error in match_reload function at lra-constraints.c may cause a crash through a crafted input file.

Read More