Category Archives: Advisories

CVE-2021-32500

Read Time:9 Second

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

Read More

freetype-2.12.1-1.fc36

Read Time:12 Second

FEDORA-2022-2dd60f1f00

Packages in this update:

freetype-2.12.1-1.fc36

Update description:

Update to freetype 2.12.1 which fixes CVE-2022-27404, CVE-2022-27405, CVE-2022-27406 and adds support for OT-SVG fonts.

Read More

USN-5382-2: libinput vulnerability

Read Time:18 Second

USN-5382-1 fixed a vulnerability in libinput. This update provides the
corresponding updates for Ubuntu 22.04 LTS.

Original advisory details:

Albin Eldstål-Ahrens and Lukas Lamster discovered libinput did not properly
handle input devices with specially crafted names. A local attacker with
physical access could use this to cause libinput to crash or expose
sensitive information.

Read More

CVE-2021-31674

Read Time:9 Second

Cyclos 4 PRO 4.14.7 and before does not validate user input at error inform, which allows remote unauthenticated attacker to execute javascript code via undefine enum constant.

Read More

CVE-2021-31673

Read Time:10 Second

A Dom-based Cross-site scripting (XSS) vulnerability at registration account in Cyclos 4 PRO.14.7 and before allows remote attackers to inject arbitrary web script or HTML via the groupId parameter.

Read More