Read Time:7 Second
It was discovered that Libtasn1 incorrectly handled certain files.
An attacker could possibly use this issue to cause a denial of service.
Category Archives: Advisories
CVE-2015-10002
Read Time:12 Second
A vulnerability classified as problematic has been found in Kiddoware Kids Place. This affects the Home Button Protection. A repeated pressing of the button causes a local denial of service. It is recommended to upgrade the affected component.
CVE-2018-25030
Read Time:14 Second
A vulnerability classified as problematic has been found in Mirmay Secure Private Browser and File Manager up to 2.5. Affected is the Auto Lock. A race condition leads to a local authentication bypass. The exploit has been disclosed to the public and may be used.
kernel-5.16.18-100.fc34
Read Time:9 Second
FEDORA-2022-8e3ac65667
Packages in this update:
kernel-5.16.18-100.fc34
Update description:
The 5.16.18 stable kernel update contains a number of important fixes across the tree.
kernel-5.16.18-200.fc35
Read Time:9 Second
FEDORA-2022-eb323bcd80
Packages in this update:
kernel-5.16.18-200.fc35
Update description:
The 5.16.18 stable kernel update contains a number of important fixes across the tree.
USN-5351-1: Paramiko vulnerability
Read Time:8 Second
Jan Schejbal discovered that Paramiko incorrectly handled permissions when
writing private key files. A local attacker could possibly use this issue
to gain access to private keys.
expat-2.4.7-1.fc34
Read Time:6 Second
FEDORA-2022-aac057a550
Packages in this update:
expat-2.4.7-1.fc34
Update description:
Rebase to version 2.4.7
USN-5349-1: GNU binutils vulnerability
Read Time:7 Second
It was discovered that GNU binutils gold incorrectly handled certain files.
An attacker could possibly use this issue to cause a denial of service.
USN-5350-1: Chromium vulnerability
Read Time:6 Second
It was discovered that Chromium incorrectly handled certain inputs.
An attacker could possibly use this issue to execute arbitrary code.
USN-5348-1: Smarty vulnerabilities
Read Time:1 Minute, 11 Second
David Gnedt and Thomas Konrad discovered that Smarty was incorrectly
sanitizing the paths present in the templates. An attacker could possibly
use this use to read arbitrary files when controlling the executed
template. (CVE-2018-13982)
It was discovered that Smarty was incorrectly sanitizing the paths
present in the templates. An attacker could possibly use this use to read
arbitrary files when controlling the executed template. (CVE-2018-16831)
It was discovered that Smarty was incorrectly validating security policy
data, allowing the execution of static classes even when not permitted by
the security settings. An attacker could possibly use this issue to
execute arbitrary code. (CVE-2021-21408)
It was discovered that Smarty was incorrectly managing access control to
template objects, which allowed users to perform a sandbox escape. An
attacker could possibly use this issue to send specially crafted input to
applications that use Smarty and execute arbitrary code. (CVE-2021-26119)
It was discovered that Smarty was not checking for special characters
when setting function names during plugin compile operations. An attacker
could possibly use this issue to send specially crafted input to
applications that use Smarty and execute arbitrary code. (CVE-2021-26120)
It was discovered that Smarty was incorrectly sanitizing characters in
math strings processed by the math function. An attacker could possibly
use this issue to send specially crafted input to applications that use
Smarty and execute arbitrary code. (CVE-2021-29454)