Category Archives: Advisories

Advisories

CVE-2017-20101

Read Time:13 Second

A vulnerability, which was classified as problematic, was found in ProjectSend r754. This affects an unknown part of the file process.php?do=zip_download. The manipulation of the argument client/file leads to information disclosure. It is possible to initiate the attack remotely.

Read More

Advisories

USN-5495-1: curl vulnerabilities

Read Time:37 Second

Harry Sintonen discovered that curl incorrectly handled certain cookies.
An attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 21.10, and Ubuntu 22.04 LTS. (CVE-2022-32205)

Harry Sintonen discovered that curl incorrectly handled certain HTTP compressions.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2022-32206)

Harry Sintonen incorrectly handled certain file permissions.
An attacker could possibly use this issue to expose sensitive information.
This issue only affected Ubuntu 21.10, and Ubuntu 22.04 LTS. (CVE-2022-32207)

Harry Sintonen discovered that curl incorrectly handled certain FTP-KRB messages.
An attacker could possibly use this to perform a machine-in-the-diddle attack.
(CVE-2022-32208)

Read More

Advisories

USN-5494-1: SpiderMonkey JavaScript Library vulnerabilities

Read Time:18 Second

It was discovered that SpiderMonkey JavaScript Library incorrectly
generated certain assembly code. An remote attacker could
possibly use this issue to cause a crash or expose sensitive
information. (CVE-2022-28285)

It was discovered that SpiderMonkey JavaScript Library incorrectly
generated certain assembly code. An remote attacker could
possibly use this issue to cause a crash. (CVE-2022-31740)

Read More