FEDORA-2022-7ece4f6d74
Packages in this update:
mingw-freetype-2.12.1-1.fc36
Update description:
Update to 2.12.1.
Backport fixes for CVE-2022-27404, CVE-2022-27405, CVE-2022-27406
mingw-freetype-2.12.1-1.fc36
Update to 2.12.1.
Backport fixes for CVE-2022-27404, CVE-2022-27405, CVE-2022-27406
libxml2-2.9.14-1.fc35
Update to 2.9.14
Fix CVE-2022-29824: Integer overflow in xmlBuf and xmlBuffer
libxml2-2.9.14-1.fc36
Update to 2.9.14
Fix CVE-2022-29824: Integer overflow in xmlBuf and xmlBuffer
firefox-100.0-2.fc36
New upstream version (100.0)
Fix mozbz#1759137 (ffmpeg crash)
firefox-100.0-1.fc35
New upstream version (100.0)
firefox-100.0-1.fc34
New upstream version (100.0)
Posted by malvuln on May 02
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/40f2238875fcbd2a92cfefc4846a15a8.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Ransom.AvosLocker
Vulnerability: Code Execution
Description: The ransomware looks for and executes DLLs in its current
directory. Therefore, we can potentially hijack a vuln DLL execute our
own code, control and terminate the malware…
Posted by malvuln on May 02
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/96de05212b30ec85d4cf03386c1b84af.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Ransom.LockBit
Vulnerability: DLL Hijacking
Description: LockBit ransomware looks for and executes DLLs in its current
directory. This can potentially allow us to execute our own code, control
and terminate the malware pre-encryption. The exploit…
Posted by Minh-Khoa Tran on May 02
Advisory: Multiple Vulnerabilities in Ruijie RG-EW Series Routers
=======
Summary
=======
Multiple vulnerabilities was found in Ruijie RG-EW Series Routers from
Ruijie Networks, including 1 pre-authenticated and 5 post-authenticated
Remote Code Execution (RCE).
==============
CVE-2021-43159
==============
## Description
A Remote Code Execution (RCE) vulnerability exists in Ruijie Networks
Ruijie RG-EW Series Routers up to ReyeeOS 1.55.1915 /…
Several vulnerabilities have been discovered in the OpenJDK Java runtime,
which may result in information disclosure, incorrect validation of ECDSA
signatures or denial of service.