Category Archives: Advisories

CVE-2020-27795 (radare2)

Read Time:18 Second

A segmentation fault was discovered in radare2 with adf command. In libr/core/cmd_anal.c, when command “adf” has no or wrong argument, anal_fcn_data (core, input + 1) –> RAnalFunction *fcn = r_anal_get_fcn_in (core->anal, core->offset, -1); returns null pointer for fcn causing segmentation fault later in ensure_fcn_range (fcn).

Read More

Trovent Security Advisory 2110-01 / Insecure data storage in Polar Flow Android application

Read Time:18 Second

Posted by Stefan Pietsch on Aug 19

# Trovent Security Advisory 2110-01 #
#####################################

Insecure data storage in Polar Flow Android application
#######################################################

Overview
########

Advisory ID: TRSA-2110-01
Advisory version: 1.0
Advisory status: Public
Advisory URL: https://trovent.io/security-advisory-2110-01
Affected product: Polar Flow Android mobile application (fi.polar.polarflow)
Affected version: 5.7.1
Vendor:…

Read More

APPLE-SA-2022-08-18-1 Safari 15.6.1

Read Time:26 Second

Posted by Apple Product Security via Fulldisclosure on Aug 19

APPLE-SA-2022-08-18-1 Safari 15.6.1

Safari 15.6.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213414.

WebKit
Available for: macOS Big Sur and macOS Catalina
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution. Apple is aware of a report that this issue
may have been actively exploited.
Description: An out-of-bounds write issue was…

Read More

APPLE-SA-2022-08-17-1 iOS 15.6.1 and iPadOS 15.6.1

Read Time:28 Second

Posted by Apple Product Security via Fulldisclosure on Aug 19

APPLE-SA-2022-08-17-1 iOS 15.6.1 and iPadOS 15.6.1

iOS 15.6.1 and iPadOS 15.6.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213412.

Kernel
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2
and later, iPad 5th generation and later, iPad mini 4 and later, and
iPod touch (7th generation)
Impact: An application may be able to execute arbitrary code with…

Read More

APPLE-SA-2022-08-17-2 macOS Monterey 12.5.1

Read Time:26 Second

Posted by Apple Product Security via Fulldisclosure on Aug 19

APPLE-SA-2022-08-17-2 macOS Monterey 12.5.1

macOS Monterey 12.5.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213413.

Kernel
Available for: macOS Monterey
Impact: An application may be able to execute arbitrary code with
kernel privileges. Apple is aware of a report that this issue may
have been actively exploited.
Description: An out-of-bounds write issue was addressed…

Read More

[CVE-2022-2536] Transposh <= 1.0.8.1 “tp_translation” Authorization Bypass

Read Time:24 Second

Posted by Julien Ahrens (RCE Security) on Aug 19

RCE Security Advisory
https://www.rcesecurity.com

1. ADVISORY INFORMATION
=======================
Product: Transposh WordPress Translation
Vendor URL: https://wordpress.org/plugins/transposh-translation-filter-for-wordpress/
Type: Incorrect Authorization [CWE-863]
Date found: 2022-07-23
Date published: 2022-08-16
CVSSv3 Score: 7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
CVE: CVE-2022-2536

2. CREDITS…

Read More

dotnet3.1-3.1.422-1.fc35

Read Time:17 Second

FEDORA-2022-c358d6206b

Packages in this update:

dotnet3.1-3.1.422-1.fc35

Update description:

This is the August 2022 monthly update for .NET Core 3.1. This updates the .NET Core 3.1 SDK to 3.1.422 and Runtime to 3.1.28.

This update includes a fix for CVE 2022-34716.

Read More

dotnet3.1-3.1.422-1.fc36

Read Time:17 Second

FEDORA-2022-21f203cd70

Packages in this update:

dotnet3.1-3.1.422-1.fc36

Update description:

This is the August 2022 monthly update for .NET Core 3.1. This updates the .NET Core 3.1 SDK to 3.1.422 and Runtime to 3.1.28.

This update includes a fix for CVE 2022-34716.

Read More