Read Time:8 Second
FEDORA-2022-29943d5ec5
Packages in this update:
java-1.8.0-openjdk-aarch32-1.8.0.345.b01-1.fc35.1
Update description:
8u345 update
Category Archives: Advisories
java-1.8.0-openjdk-aarch32-1.8.0.345.b01-1.fc36.1
Read Time:8 Second
FEDORA-2022-bada1dbc10
Packages in this update:
java-1.8.0-openjdk-aarch32-1.8.0.345.b01-1.fc36.1
Update description:
8u345 update
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
Read Time:32 Second
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser used to access the Internet.
Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
Read Time:32 Second
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser used to access the Internet.
Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights
CVE-2020-10710
Read Time:12 Second
A flaw was found where the Plaintext Candlepin password is disclosed while updating Red Hat Satellite through the satellite-installer. This flaw allows an attacker with sufficiently high privileges, such as root, to retrieve the Candlepin plaintext password.
CVE-2020-10728
Read Time:18 Second
A flaw was found in automationbroker/apb container in versions up to and including 2.0.4-1. This container grants all users sudoer permissions allowing an unauthorized user with access to the running container the ability to escalate their own privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2020-14320
Read Time:9 Second
In Moodle before 3.9.1, 3.8.4 and 3.7.7, the filter in the admin task log required extra sanitizing to prevent a reflected XSS risk.
CVE-2020-14321
Read Time:9 Second
In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, teachers of a course were able to assign themselves the manager role within that course.
CVE-2020-14322
Read Time:11 Second
In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, yui_combo needed to limit the amount of files it can load to help mitigate the risk of denial of service.
CVE-2020-14379
Read Time:9 Second
A flaw was found in Red Hat AMQ Broker in a way that a XEE attack can be done via Broker’s configuration files, leading to denial of service and information disclosure.