Brief introduction
Category Archives: Advisories
CVE-2021-23180
A flaw was found in htmldoc in v1.9.12 and before. Null pointer dereference in file_extension(),in file.c may lead to execute arbitrary code and denial of service.
CVE-2021-23191
A security issue was found in htmldoc v1.9.12 and before. A NULL pointer dereference in the function image_load_jpeg() in image.cxx may result in denial of service.
shapelib-1.5.0-12.fc36
FEDORA-2022-216f0a205a
Packages in this update:
shapelib-1.5.0-12.fc36
Update description:
Backport fix for CVE-2022-0699.
mingw-protobuf-3.14.0-4.fc35
FEDORA-2022-486d5f349d
Packages in this update:
mingw-protobuf-3.14.0-4.fc35
Update description:
Backport fix for CVE-2021-22570.
mingw-protobuf-3.14.0-4.fc34
FEDORA-2022-fedff53e4e
Packages in this update:
mingw-protobuf-3.14.0-4.fc34
Update description:
Backport fix for CVE-2021-22570.
pipenv-2021.5.29-7.fc37
FEDORA-2022-8a01f4e871
Packages in this update:
pipenv-2021.5.29-7.fc37
Update description:
Automatic update for pipenv-2021.5.29-7.fc37.
Changelog
* Thu Feb 24 2022 Tomas Orsava <torsava@redhat.com> – 2021.5.29-7
– Fix for CVE-2022-21668
Resolves: rhbz#2039830
ZDI-22-430: Adobe Photoshop TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Photoshop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-429: Adobe FrameMaker TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe FrameMaker. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser used to access the Internet. Successful exploitation of the most severe of these vulnerabilities could allow an attacker to execute arbitrary code in the context of the browser. Depending on the privileges associated with the application, an attacker could view, change, or delete data. If this application has been configured to have fewer user rights on the system, exploitation of the most severe of these vulnerabilities could have less impact than if it was configured with administrative rights.