USN-5478-1: util-linux vulnerability
Christian Moch and Michael Gruhn discovered that the libblkid library of util-linux did not properly manage memory under certain circumstances. A local attacker could possibly...
SEC Consult SA-20220614-0 :: Reflected Cross Site Scripting in SIEMENS-SINEMA Remote Connect
Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Jun 14 SEC Consult Vulnerability Lab Security Advisory < 20220614-0 > ======================================================================= title: Reflected Cross...
ghex-42.3-1.fc36
FEDORA-2022-23adf3d425 Packages in this update: ghex-42.3-1.fc36 Update description: Update to 42.3 main: Hotfix to workaround gtk #4880 (affects Save As dialogs on X11 primarily) config:...
USN-5477-1: ncurses vulnerabilities
Hosein Askari discovered that ncurses was incorrectly performing memory management operations when dealing with long filenames while writing structures into the file system. An attacker...
vim-8.2.5085-1.fc35
FEDORA-2022-c302c5f62d Packages in this update: vim-8.2.5085-1.fc35 Update description: The newest upstream commit Security fix for CVE-2022-2000 Read More
golang-github-emicklei-restful-3.8.0-1.fc35
FEDORA-2022-589a0ad690 Packages in this update: golang-github-emicklei-restful-3.8.0-1.fc35 Update description: Update to 3.8.0. Fixes rhbz#1948196. Mitigate CVE-2022-1996. Read More
golang-github-emicklei-restful-3.8.0-1.fc36
FEDORA-2022-185697ef56 Packages in this update: golang-github-emicklei-restful-3.8.0-1.fc36 Update description: Update to 3.8.0. Fixes rhbz#1948196. Mitigate CVE-2022-1996. Read More
oniguruma-6.8.2-2.el7
FEDORA-EPEL-2022-a9236c0113 Packages in this update: oniguruma-6.8.2-2.el7 Update description: Backport fix for CVE-2019-13225 from RHEL8. Read More
python-bottle-0.12.21-1.el7
FEDORA-EPEL-2022-0286a0e93a Packages in this update: python-bottle-0.12.21-1.el7 Update description: Security fix for CVE-2020-28473 Read More
PingPull RAT Activity Observed in New in the Wild Attacks (GALLIUM APT)
FortiGuard Labs is aware of a newly discovered in-the-wild remote access tool (RAT) used by GALLIUM APT, called PingPull. GALLIUM has targeted telecommunication, financial and...