Joint CyberSecurity Advisory Alert on Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and “PrintNightmare” Vulnerability (AA22-074A)
FortiGuard Labs is aware of a recent report issued by the U.S. Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) that...
xen-4.16.0-4.fc36
FEDORA-2022-531e531922 Packages in this update: xen-4.16.0-4.fc36 Update description: Multiple speculative security issues [XSA-398] Read More
libass-0.15.2-1.fc34
FEDORA-2022-2af150223a Packages in this update: libass-0.15.2-1.fc34 Update description: New version Security fix for CVE-2020-36430 Read More
CVE-2021-23648
The package @braintree/sanitize-url before 6.0.0 are vulnerable to Cross-site Scripting (XSS) due to improper sanitization in sanitizeUrl function. Read More
Drupal core – Moderately critical – Third-party libraries – SA-CORE-2022-005
Project: Drupal core Date: 2022-March-16 Security risk: Moderately critical 13∕25 AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:Default Vulnerability: Third-party libraries CVE IDs: CVE-2022-24728 CVE-2022-24729 Description: The Drupal project uses the CKEditor...
CVE-2021-20299
A flaw was found in OpenEXR's Multipart input file functionality. A crafted multi-part input file with no actual parts can trigger a NULL pointer dereference....
CVE-2021-23158
A flaw was found in htmldoc in v1.9.12. Double-free in function pspdf_export(),in ps-pdf.cxx may result in a write-what-where condition, allowing an attacker to execute arbitrary...
CVE-2021-23165
A flaw was found in htmldoc before v1.9.12. Heap buffer overflow in pspdf_prepare_outpages(), in ps-pdf.cxx may lead to execute arbitrary code and denial of service....
CVE-2020-25721
Kerberos acceptors need easy access to stable AD identifiers (eg objectSid). Samba as an AD DC now provides a way for Linux applications to obtain...
CVE-2021-0957
In NotificationStackScrollLayout of NotificationStackScrollLayout.java, there is a possible way to bypass Factory Reset Protections. This could lead to local escalation of privilege with no additional...