Read Time:6 Second
It was discovered that oslo.utils incorrectly handled certain inputs.
An attacker could possibly use this issue to expose sensitive information.
Category Archives: Advisories
Post Title
Read Time:49 Second
Multiple vulnerabilities have been discovered in VMware Products, the most severe of which could result in remote code execution.
VMware Workspace ONE Access is an access control application for Workspace ONE.
VMware Identity Manager is the identity and access management component of Workspace ONE.
vRealize Automationi is a management platform for automating the delivery of container-based applications.
VMware Cloud Foundation is a hybrid cloud platform that provides a set of software-defined services for compute, storage, networking, security and cloud management to run enterprise apps.
vRealize Suite Lifecycle Manager allows for complete lifecycle and content management capabilities for vRealize Suite products.
Successful exploitation of the most severe of these vulnerabilities could result in arbitrary code execution within the context of the application, an attacker gaining the same privileges as the logged-on user, or the bypassing of security restrictions. Depending on the permission associated with the application running the exploit, an attacker could then install programs; view, change, or delete data.
vim-8.2.4701-1.fc34
Read Time:11 Second
FEDORA-2022-e62adccfca
Packages in this update:
vim-8.2.4701-1.fc34
Update description:
Security fix for CVE-2022-1154
Security fix for CVE-2022-1160
The newest upstream commit
Security fix for CVE-2022-0943
vim-8.2.4701-1.fc35
Read Time:9 Second
FEDORA-2022-d776fcfe60
Packages in this update:
vim-8.2.4701-1.fc35
Update description:
The newest upstream commit
Security fix for CVE-2022-1160
Security fix for CVE-2022-1154
Post Title
Read Time:13 Second
A vulnerability has been discovered in FortiWAN which could allow for arbitrary code execution. FortiWAN is a product that balances traffic over multiple WAN connections. Successful exploitation of this vulnerability could allow an unauthenticated attacker to execute arbitrary code using specially crafted requests.
vim-8.2.4701-1.fc36
Read Time:9 Second
FEDORA-2022-44f5b2df35
Packages in this update:
vim-8.2.4701-1.fc36
Update description:
The newest upstream commit
Security fix for CVE-2022-1160
Security fix for CVE-2022-1154
USN-5366-1: FriBidi vulnerabilities
Read Time:38 Second
It was discovered that FriBidi incorrectly handled processing of input strings
resulting in memory corruption. An attacker could use this issue to cause
FriBidi to crash, resulting in a denial of service, or potentially execute
arbitrary code.
(CVE-2022-25308)
It was discovered that FriBidi incorrectly validated input data to its CapRTL
unicode encoder, resulting in memory corruption. An attacker could use this
issue to cause FriBidi to crash, resulting in a denial of service, or
potentially execute arbitrary code.
(CVE-2022-25309)
It was discovered that FriBidi incorrectly handled empty input when removing
marks from unicode strings, resulting in a crash. An attacker could use this
to cause FriBidi to crash, resulting in a denial of service, or potentially
execute arbitrary code.
(CVE-2022-25310)
CVE-2020-27374
Read Time:7 Second
Dr Trust USA iCheck Connect BP Monitor BP Testing 118 1.2.1 is vulnerable to a Replay Attack to BP Monitoring.
CVE-2020-27375
Read Time:7 Second
Dr Trust USA iCheck Connect BP Monitor BP Testing 118 version 1.2.1 is vulnerable to Transmitting Write Requests and Chars.
CVE-2020-27376
Read Time:6 Second
Dr Trust USA iCheck Connect BP Monitor BP Testing 118 version 1.2.1 is vulnerable to Missing Authentication.