Read Time:8 Second
This affects the package codecov before 2.0.16. The vulnerability occurs due to not sanitizing gcov arguments before being being provided to the popen method.
Category Archives: Advisories
grafana-9.0.2-2.fc37
Read Time:15 Second
FEDORA-2022-8f60426b65
Packages in this update:
grafana-9.0.2-2.fc37
Update description:
Automatic update for grafana-9.0.2-2.fc37.
Changelog
* Wed Jul 13 2022 Andreas Gerstmayr <agerstmayr@redhat.com> 9.0.2-2
– use systemd-sysusers to create the Grafana user and group
CVE-2019-10761
Read Time:19 Second
This affects the package vm2 before 3.6.11. It is possible to trigger a RangeError exception from the host rather than the “sandboxed” context by reaching the stack call limit with an infinite recursion. The returned object is then used to reference the mainModule property of the host code running the script allowing it to spawn a child_process and execute arbitrary code.
USN-5256-1: uriparser vulnerabilities
Read Time:8 Second
It was discovered that uriparser incorrectly handled certain memory operations.
An attacker could use this to cause a denial of service.
(CVE-2021-46141, CVE-2021-46142)
ZDI-22-1001: Adobe Acrobat Reader DC PDF Parsing Use-After-Free Remote Code Execution Vulnerability
Read Time:12 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-1000: Adobe Acrobat Reader DC AcroForm value Use-After-Free Remote Code Execution Vulnerability
Read Time:12 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-999: Adobe Character Animator SVG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
Read Time:12 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Character Animator. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-998: Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability
Read Time:12 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-997: Adobe Character Animator SVG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
Read Time:12 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Character Animator. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-996: Adobe Acrobat Reader DC AcroForm exportValues Use-After-Free Remote Code Execution Vulnerability
Read Time:12 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.