Read Time:9 Second
A security issue was found in htmldoc v1.9.12 and before. A NULL pointer dereference in the function image_load_jpeg() in image.cxx may result in denial of service.
Category Archives: Advisories
shapelib-1.5.0-12.fc36
Read Time:6 Second
FEDORA-2022-216f0a205a
Packages in this update:
shapelib-1.5.0-12.fc36
Update description:
Backport fix for CVE-2022-0699.
mingw-protobuf-3.14.0-4.fc35
Read Time:7 Second
FEDORA-2022-486d5f349d
Packages in this update:
mingw-protobuf-3.14.0-4.fc35
Update description:
Backport fix for CVE-2021-22570.
mingw-protobuf-3.14.0-4.fc34
Read Time:7 Second
FEDORA-2022-fedff53e4e
Packages in this update:
mingw-protobuf-3.14.0-4.fc34
Update description:
Backport fix for CVE-2021-22570.
pipenv-2021.5.29-7.fc37
Read Time:15 Second
FEDORA-2022-8a01f4e871
Packages in this update:
pipenv-2021.5.29-7.fc37
Update description:
Automatic update for pipenv-2021.5.29-7.fc37.
Changelog
* Thu Feb 24 2022 Tomas Orsava <torsava@redhat.com> – 2021.5.29-7
– Fix for CVE-2022-21668
Resolves: rhbz#2039830
ZDI-22-430: Adobe Photoshop TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
Read Time:11 Second
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Photoshop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-429: Adobe FrameMaker TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
Read Time:11 Second
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe FrameMaker. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
Read Time:31 Second
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser used to access the Internet. Successful exploitation of the most severe of these vulnerabilities could allow an attacker to execute arbitrary code in the context of the browser. Depending on the privileges associated with the application, an attacker could view, change, or delete data. If this application has been configured to have fewer user rights on the system, exploitation of the most severe of these vulnerabilities could have less impact than if it was configured with administrative rights.
A Vulnerability in Mitel MiCollab and MiVoice Business Express Could Allow for Unauthorized Disclosure of Data
Read Time:32 Second
A vulnerability has been discovered in Mitel MiCollab and MiVoice Business Express, which could allow for the unauthorized disclosure of data as well as result in denial of service.
Mitel MiCollab is an enterprise collaboration software and tools platform solution that securely provides communications.
MiVoice Business Express provides a complete communications solution for small to mid-range businesses.
Successful exploitation of this vulnerability could allow for unauthorized disclosure of data as well as result in denial of service. Depending on the goal of the attacker they could view sensitive information that should not be accessible, or create denial of service conditions within impacted the system.
CVE-2020-15936
Read Time:13 Second
A improper input validation in Fortinet FortiGate version 6.4.3 and below, version 6.2.5 and below, version 6.0.11 and below, version 5.6.13 and below allows attacker to disclose sensitive information via SNI Client Hello TLS packets.