This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
Category Archives: Advisories
ZDI-22-1167: Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
DSA-5218 zlib – security update
Evgeny Legerov reported a heap-based buffer overflow vulnerability in
the inflate operation in zlib, which could result in denial of service
or potentially the execution of arbitrary code if specially crafted
input is processed.
CVE-2018-14519
An issue was discovered in Kirby 2.5.12. The delete page functionality suffers from a CSRF flaw. A remote attacker can craft a malicious CSRF page and force the user to delete a page.
CVE-2018-14520
An issue was discovered in Kirby 2.5.12. The application allows malicious HTTP requests to be sent in order to trick a user into adding web pages.
[R1] Nessus Agent Version 8.3.4 Fixes Multiple Vulnerabilities
[R1] Nessus Agent Version 8.3.4 Fixes Multiple Vulnerabilities
Arnie Cabral
Wed, 08/24/2022 – 12:18
1. CVE-2022-32973 – An authenticated attacker could create an audit file that bypasses PowerShell cmdlet checks and executes commands with administrator privileges.
2. CVE-2022-32974 – An authenticated attacker could read arbitrary files from the underlying operating system of the scanner using a custom crafted compliance audit file without providing any valid SSH credentials.
Additional details on the custom audit signing functionality can be found here: https://community.tenable.com/s/article/Audit-Signing-Overview
CVE-2020-35520
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
firefox-104.0-5.fc35
FEDORA-2022-ee0d54e824
Packages in this update:
firefox-104.0-5.fc35
Update description:
Firefox 104.0 release. For details, see https://www.mozilla.org/en-US/firefox/104.0/releasenotes/
firefox-104.0-5.fc36
FEDORA-2022-02d2625a01
Packages in this update:
firefox-104.0-5.fc36
Update description:
Firefox 104.0 release. For details, see https://www.mozilla.org/en-US/firefox/104.0/releasenotes/
firefox-104.0-5.fc37
FEDORA-2022-74ff7f9e74
Packages in this update:
firefox-104.0-5.fc37
Update description:
Firefox 104.0 release. For details, see https://www.mozilla.org/en-US/firefox/104.0/releasenotes/