Category Archives: Advisories

CVE-2021-20729

Read Time:12 Second

Cross-site scripting vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions 2.5.2 and earlier, and pfSense Plus software versions 21.05 and earlier) allows a remote attacker to inject an arbitrary script via a malicious URL.

Read More

USN-5358-1: Linux kernel vulnerabilities

Read Time:27 Second

It was discovered that the network traffic control implementation in the
Linux kernel contained a use-after-free vulnerability. A local attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2022-1055)

It was discovered that the IPsec implementation in the Linux kernel did not
properly allocate enough memory when performing ESP transformations,
leading to a heap-based buffer overflow. A local attacker could use this to
cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2022-27666)

Read More

USN-5357-1: Linux kernel vulnerability

Read Time:14 Second

It was discovered that the IPsec implementation in the Linux kernel did not
properly allocate enough memory when performing ESP transformations,
leading to a heap-based buffer overflow. A local attacker could use this to
cause a denial of service (system crash) or possibly execute arbitrary
code.

Read More

CVE-2019-12266

Read Time:18 Second

Stack-based Buffer Overflow vulnerability in Wyze Cam Pan v2, Cam v2, Cam v3 allows an attacker to run arbitrary code on the affected device. This issue affects: Wyze Cam Pan v2 versions prior to 4.49.1.47. Wyze Cam v2 versions prior to 4.9.8.1002. Wyze Cam v3 versions prior to 4.36.8.32.

Read More

CVE-2019-9564

Read Time:18 Second

A vulnerability in the authentication logic of Wyze Cam Pan v2, Cam v2, Cam v3 allows an attacker to bypass login and control the devices.
This issue affects:
Wyze Cam Pan v2
versions prior to 4.49.1.47.
Wyze Cam v2
versions prior to 4.9.8.1002.
Wyze Cam v3
versions prior to 4.36.8.32.

Read More

buildah-1.25.1-1.fc36

Read Time:32 Second

FEDORA-2022-1a15fe81f0

Packages in this update:

buildah-1.25.1-1.fc36

Update description:

Security fix for CVE-2022-27651

Gating tests: include more package versions

Automatic update for buildah-1.24.2-1.fc36.

Changelog

* Thu Feb 17 2022 Lokesh Mandvekar <lsm5@fedoraproject.org> 1.24.2-1
– bump to v1.24.2
* Fri Feb 4 2022 Lokesh Mandvekar <lsm5@fedoraproject.org> 1.24.1-1
– bump to v1.24.1

Automatic update for buildah-1.24.1-1.fc36.

Changelog

* Fri Feb 4 2022 Lokesh Mandvekar <lsm5@fedoraproject.org> 1.24.1-1
– bump to v1.24.1

Read More

USN-5355-2: zlib vulnerability

Read Time:19 Second

USN-5355-1 fixed a vulnerability in zlib. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.

Original advisory details:

Danilo Ramos discovered that zlib incorrectly handled memory when
performing certain deflating operations. An attacker could use this issue
to cause zlib to crash, resulting in a denial of service, or possibly
execute arbitrary code.

Read More

chromium-99.0.4844.84-1.el7

Read Time:13 Second

FEDORA-EPEL-2022-b3413eba96

Packages in this update:

chromium-99.0.4844.84-1.el7

Update description:

Minor update for CVE-2022-1096.

Also fixes dependency issues for chrome-remote-desktop and sizing issues where some libraries/binaries were not being stripped.

Read More