A vulnerability was found in Air Transfer 1.0.14/1.2.1. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to basic cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Read More

A vulnerability, which was classified as problematic, was found in ProjectSend r754. This affects an unknown part of the file process.php?do=zip_download. The manipulation of the argument client/file leads to information disclosure. It is possible to initiate the attack remotely.

Read More

Harry Sintonen discovered that curl incorrectly handled certain cookies.
An attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 21.10, and Ubuntu 22.04 LTS. (CVE-2022-32205)

Harry Sintonen discovered that curl incorrectly handled certain HTTP compressions.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2022-32206)

Harry Sintonen incorrectly handled certain file permissions.
An attacker could possibly use this issue to expose sensitive information.
This issue only affected Ubuntu 21.10, and Ubuntu 22.04 LTS. (CVE-2022-32207)

Harry Sintonen discovered that curl incorrectly handled certain FTP-KRB messages.
An attacker could possibly use this to perform a machine-in-the-diddle attack.
(CVE-2022-32208)

Read More

FEDORA-2022-53e0f427dd

Packages in this update:

pack-0.27.0-1.fc36

Update description:

auto bump to v0.27.0

Read More

FEDORA-2022-cbc7bfd88c

Packages in this update:

yubihsm-connector-3.0.3-3.fc36

Update description:

New upstream release (#2100541)

Read More

It was discovered that SpiderMonkey JavaScript Library incorrectly
generated certain assembly code. An remote attacker could
possibly use this issue to cause a crash or expose sensitive
information. (CVE-2022-28285)

It was discovered that SpiderMonkey JavaScript Library incorrectly
generated certain assembly code. An remote attacker could
possibly use this issue to cause a crash. (CVE-2022-31740)

Read More

FEDORA-2022-e620fb15d5

Packages in this update:

httpd-2.4.54-3.fc36

Update description:

new version 2.4.54
various security fixes

Read More

FEDORA-2022-b54a8dee29

Packages in this update:

httpd-2.4.54-1.fc35

Update description:

new version 2.4.54

Read More

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Prosys OPC UA SDK for Java. Authentication is not required to exploit this vulnerability.

Read More

It was discovered that the 8 Devices USB2CAN interface implementation in
the Linux kernel did not properly handle certain error conditions, leading
to a double-free. A local attacker could possibly use this to cause a
denial of service (system crash).

Read More