Category Archives: Advisories

APPLE-SA-2022-08-17-1 iOS 15.6.1 and iPadOS 15.6.1

Read Time:28 Second

Posted by Apple Product Security via Fulldisclosure on Aug 19

APPLE-SA-2022-08-17-1 iOS 15.6.1 and iPadOS 15.6.1

iOS 15.6.1 and iPadOS 15.6.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213412.

Kernel
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: An application may be able to execute arbitrary code with…

Read More

APPLE-SA-2022-08-17-2 macOS Monterey 12.5.1

Read Time:26 Second

Posted by Apple Product Security via Fulldisclosure on Aug 19

APPLE-SA-2022-08-17-2 macOS Monterey 12.5.1

macOS Monterey 12.5.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213413.

Kernel
Available for: macOS Monterey
Impact: An application may be able to execute arbitrary code with
kernel privileges. Apple is aware of a report that this issue may
have been actively exploited.
Description: An out-of-bounds write issue was addressed…

Read More

[CVE-2022-2536] Transposh <= 1.0.8.1 “tp_translation” Authorization Bypass

Read Time:24 Second

Posted by Julien Ahrens (RCE Security) on Aug 19

RCE Security Advisory
https://www.rcesecurity.com

1. ADVISORY INFORMATION
=======================
Product: Transposh WordPress Translation
Vendor URL: https://wordpress.org/plugins/transposh-translation-filter-for-wordpress/
Type: Incorrect Authorization [CWE-863]
Date found: 2022-07-23
Date published: 2022-08-16
CVSSv3 Score: 7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
CVE: CVE-2022-2536

2. CREDITS…

Read More

dotnet3.1-3.1.422-1.fc35

Read Time:17 Second

FEDORA-2022-c358d6206b

Packages in this update:

dotnet3.1-3.1.422-1.fc35

Update description:

This is the August 2022 monthly update for .NET Core 3.1. This updates the .NET Core 3.1 SDK to 3.1.422 and Runtime to 3.1.28.

This update includes a fix for CVE 2022-34716.

Read More

dotnet3.1-3.1.422-1.fc36

Read Time:17 Second

FEDORA-2022-21f203cd70

Packages in this update:

dotnet3.1-3.1.422-1.fc36

Update description:

This is the August 2022 monthly update for .NET Core 3.1. This updates the .NET Core 3.1 SDK to 3.1.422 and Runtime to 3.1.28.

This update includes a fix for CVE 2022-34716.

Read More

CVE-2020-27788

Read Time:13 Second

An out-of-bounds read access vulnerability was discovered in UPX in PackLinuxElf64::canPack() function of p_lx_elf.cpp file. An attacker with a crafted input file could trigger this issue that could cause a crash leading to a denial of service.

Read More

CVE-2020-27787

Read Time:11 Second

A Segmentaation fault was found in UPX in invert_pt_dynamic() function in p_lx_elf.cpp. An attacker with a crafted input file allows invalid memory address access that could lead to a denial of service.

Read More