A vulnerability was found in FFmpeg 2.0. It has been declared as problematic. Affected by this vulnerability is the function decode_frame of the file libavcodec/ansi.c. The manipulation leads to integer coercion error. The attack can be launched remotely. It is recommended to apply a patch to fix this issue.
A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is the function dnxhd_init_rc of the file libavcodec/dnxhdenc.c. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.
It was discovered that exo, a support library for the Xfce desktop environment,
would allow executing remote .desktop files. In some scenario, an attacker
could use this vulnerability to trick an user an execute arbitrary code on the
platform with the privileges of that user.
Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Jun 17
SEC Consult Vulnerability Lab Security Advisory < 20220615-0 >
=======================================================================
title: Hardcoded Backdoor User and Outdated Software Components
product: Nexans FTTO GigaSwitch industrial/office switches HW version 5
vulnerable version: See “Vulnerable / tested versions”
fixed version: V6.02N, V7.02
CVE number: CVE-2022-32985…
dotnet6.0-6.0.106-1.fc35
This is the June 2022 monthly release for .NET 6. This updates .NET SDK to 6.0.106 and Runtime to 6.0.6.
It includes at least one known security fix.
Upstream release notes: https://github.com/dotnet/core/blob/main/release-notes/6.0/6.0.6/6.0.6.md
dotnet6.0-6.0.106-1.fc36
This is the June 2022 monthly release for .NET 6. This updates .NET SDK to 6.0.106 and Runtime to 6.0.6.
It includes at least one known security fix.
Upstream release notes: https://github.com/dotnet/core/blob/main/release-notes/6.0/6.0.6/6.0.6.md
python2.7-2.7.18-22.fc36
Security fix for CVE-2015-20107
This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
