Read Time:9 Second
A flaw was found in htmldoc before v1.9.12. Heap buffer overflow in pspdf_prepare_outpages(), in ps-pdf.cxx may lead to execute arbitrary code and denial of service.
Category Archives: Advisories
CVE-2020-25721
Read Time:10 Second
Kerberos acceptors need easy access to stable AD identifiers (eg objectSid). Samba as an AD DC now provides a way for Linux applications to obtain a reliable SID (and samAccountName) in issued tickets.
CVE-2021-0957
Read Time:14 Second
In NotificationStackScrollLayout of NotificationStackScrollLayout.java, there is a possible way to bypass Factory Reset Protections. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-193149550
CVE-2021-20180
Read Time:15 Second
A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.
CVE-2021-20257
Read Time:19 Second
An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits (tx) descriptors in process_tx_desc if various descriptor fields are initialized with invalid values. This flaw allows a guest to consume CPU cycles on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability.
openvpn-2.5.6-1.fc35
Read Time:18 Second
FEDORA-2022-a9bd17092d
Packages in this update:
openvpn-2.5.6-1.fc35
Update description:
This is a maintenance release of OpenVPN 2.5 with a security fix when used in server mode (CVE-2022-0547). The other changes are available in Changes.rst.
NOTE Please read the CVE description carefully if you use authentication plug-ins with a server configuration.
openvpn-2.5.6-1.fc34
Read Time:18 Second
FEDORA-2022-7d46acce7c
Packages in this update:
openvpn-2.5.6-1.fc34
Update description:
This is a maintenance release of OpenVPN 2.5 with a security fix when used in server mode (CVE-2022-0547). The other changes are available in Changes.rst.
NOTE Please read the CVE description carefully if you use authentication plug-ins with a server configuration.
openvpn-2.5.6-1.fc36
Read Time:18 Second
FEDORA-2022-cb4c1146dc
Packages in this update:
openvpn-2.5.6-1.fc36
Update description:
This is a maintenance release of OpenVPN 2.5 with a security fix when used in server mode (CVE-2022-0547). The other changes are available in Changes.rst.
NOTE Please read the CVE description carefully if you use authentication plug-ins with a server configuration.
USN-5331-1: tcpdump vulnerabilities
Read Time:17 Second
It was discovered that tcpdump incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a denial of service,
or possibly execute arbitrary code. (CVE-2018-16301)
It was discovered that tcpdump incorrectly handled certain captured data.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2020-8037)
nicotine+-3.2.1-1.fc34
Read Time:9 Second
FEDORA-2022-066232000e
Packages in this update:
nicotine+-3.2.1-1.fc34
Update description:
Update to 3.2.1 (fix CVE-2021-45848: DoS via malicious download request)