Post Content
Category Archives: Advisories
CVE-2021-43178
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2021. Notes: none.
ZDI-22-1044: ICONICS GENESIS64 GenBroker64 Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of ICONICS GENESIS64 GenBroker64. Authentication is not required to exploit this vulnerability.
ZDI-22-1043: ICONICS GENESIS64 GraphWorX64 TDFX File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of ICONICS GENESIS64. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-1042: ICONICS GENESIS64 colorpalletes Directory Traversal Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of ICONICS GENESIS64. Authentication is not required to exploit this vulnerability.
ZDI-22-1041: (Pwn2Own) ICONICS GENESIS64 genbroker64 Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of ICONICS GENESIS64. Authentication is not required to exploit this vulnerability.
ZDI-22-1040: (Pwn2Own) ICONICS GENESIS64 ColorPaletteEntry Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of ICONICS GENESIS64. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-1039: (Pwn2Own) ICONICS GENESIS64 TDFX File Parsing Exposed Dangerous Function Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of ICONICS GENESIS64. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
golang-cloud-google-0.103.0-2.fc37
FEDORA-2022-6e5bcf2979
Packages in this update:
golang-cloud-google-0.103.0-2.fc37
Update description:
Automatic update for golang-cloud-google-0.103.0-2.fc37.
Changelog
* Wed Aug 3 2022 Robert-André Mauchin <zebob.m@gmail.com> 0.103.0-2
– Fix tests on other arches
* Mon Aug 1 2022 Robert-André Mauchin <zebob.m@gmail.com> 0.103.0-1
– Update to 0.103.0 – Close: rhbz#2110122 rhbz#2077319 rhbz#2112949
rhbz#2112959 rhbz#2058383 rhbz#2110122
* Thu Jul 21 2022 Maxwell G <gotmax@e.email> 0.100.0-5
– Fix FTBFS
* Fri Jun 17 2022 Robert-André Mauchin <zebob.m@gmail.com> 0.100.0-4
– Rebuilt for CVE-2022-1996, CVE-2022-24675, CVE-2022-28327,
CVE-2022-27191, CVE-2022-29526, CVE-2022-30629
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser used to access the Internet.
Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.