Category Archives: Advisories

USN-5510-1: X.Org X Server vulnerabilities

July 12, 2022

Read Time:12 Second

Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled
certain inputs. An attacker could use this issue to cause the server to
crash, resulting in a denial of service, or possibly execute arbitrary
code and escalate privileges.

Advisories

USN-5503-2: GnuPG vulnerability

July 12, 2022

Read Time:15 Second

USN-5503-1 fixed a vulnerability in GnuPG. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.

Original advisory details:

Demi Marie Obenour discovered that GnuPG incorrectly handled injection in
the status message. A remote attacker could possibly use this issue to
forge signatures.

Advisories

graphviz-5.0.0-1.fc37

July 12, 2022

Read Time:25 Second

FEDORA-2022-e715590b2d

Packages in this update:

graphviz-5.0.0-1.fc37

Update description:

Automatic update for graphviz-5.0.0-1.fc37.

Changelog

* Tue Jul 12 2022 Jaroslav Škarvada <jskarvad@redhat.com> – 5.0.0-1
– New version
Resolves: rhbz#2105006
* Sun Jul 10 2022 Elliott Sales de Andrade <quantum.analyst@gmail.com> – 4.0.0-9
– Rebuilt for CVE-2022-1996, CVE-2022-24675, CVE-2022-28327, CVE-2022-27191,
CVE-2022-29526, CVE-2022-30629

Advisories

ZDI-22-968: BMC Track-It! HTTP Module Improper Access Control Remote Code Execution Vulnerability

July 12, 2022

Read Time:7 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of BMC Track-It!. Authentication is not required to exploit this vulnerability.

Advisories

ZDI-22-967: BMC Track-It! GetPopupSubQueryDetails SQL Injection Information Disclosure Vulnerability

July 12, 2022

Read Time:7 Second

This vulnerability allows remote attackers to disclose sensitive information on affected installations of BMC Track-It!. Authentication is required to exploit this vulnerability.

Advisories

ZDI-22-966: Siemens Simcenter Femap X_T File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

July 12, 2022

Read Time:12 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

Advisories

ZDI-22-965: Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

July 12, 2022

Read Time:12 Second

Advisories

ZDI-22-964: X.Org Server ProcXkbSetGeometry Out-Of-Bounds Access Local Privilege Escalation Vulnerability

July 12, 2022

Read Time:11 Second

This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Advisories

ZDI-22-963: X.Org Server ProcXkbSetDeviceInfo Out-Of-Bounds Access Local Privilege Escalation Vulnerability

July 12, 2022

Read Time:11 Second

Advisories

ZDI-22-978: Microsoft Windows win32kfull UMPDDrvStretchBltROP Use-After-Free Local Privilege Escalation Vulnerability

July 12, 2022

Read Time:11 Second

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

News, Advisories and much more

Exit mobile version