Read Time:9 Second
Security issues were discovered in Chromium which could result
in the execution of arbitrary code, denial of service, or information
disclosure.
Category Archives: Advisories
proftpd-1.3.8c-2.el9
Read Time:15 Second
FEDORA-EPEL-2025-0c6eb808fc
Packages in this update:
proftpd-1.3.8c-2.el9
Update description:
This update addresses a null pointer dereferencing issue that could cause the session for a client that sent specially-crafted commands to the server to crash (not the sessions of other clients).
proftpd-1.3.8c-3.fc40
Read Time:14 Second
FEDORA-2025-d37ad923f5
Packages in this update:
proftpd-1.3.8c-3.fc40
Update description:
This update addresses a null pointer dereferencing issue that could cause the session for a client that sent specially-crafted commands to the server to crash (not the sessions of other clients).
proftpd-1.3.8c-3.fc41
Read Time:14 Second
FEDORA-2025-835949b994
Packages in this update:
proftpd-1.3.8c-3.fc41
Update description:
This update addresses a null pointer dereferencing issue that could cause the session for a client that sent specially-crafted commands to the server to crash (not the sessions of other clients).
USN-7267-1: libsndfile vulnerability
Read Time:9 Second
It was discovered that libsndfile incorrectly handled certain malformed
OggVorbis files. An attacker could possibly use this issue to cause
libsndfile to crash, resulting in a denial of service.
webkitgtk-2.46.6-1.fc40
Read Time:15 Second
FEDORA-2025-57805565ad
Packages in this update:
webkitgtk-2.46.6-1.fc40
Update description:
Update to WebKitGTK 2.46.6:
Fix a crash when enabling Skia CPU rendering.
Fix several crashes and rendering issues.
Fix CVE-2024-54543, CVE-2025-24143, CVE-2025-24150, CVE-2025-24158, CVE-2025-24162
webkitgtk-2.46.6-1.fc41
Read Time:15 Second
FEDORA-2025-3e8ed13bf0
Packages in this update:
webkitgtk-2.46.6-1.fc41
Update description:
Update to WebKitGTK 2.46.6:
Fix a crash when enabling Skia CPU rendering.
Fix several crashes and rendering issues.
Fix CVE-2024-54543, CVE-2025-24143, CVE-2025-24150, CVE-2025-24158, CVE-2025-24162
USN-6846-3: Ansible regression
Read Time:39 Second
USN-6846-1 fixed vulnerabilities in ansible. The update introduced a
regression in ansible. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
It was discovered that Ansible incorrectly handled certain inputs when
using tower_callback parameter. If a user or an automated system were
tricked into opening a specially crafted input file, a remote attacker
could possibly use this issue to obtain sensitive information. This issue
only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS.
(CVE-2022-3697)
It was discovered that Ansible incorrectly handled certain inputs. If a
user or an automated system were tricked into opening a specially crafted
input file, a remote attacker could possibly use this issue to perform a
Template Injection. (CVE-2023-5764)
SEC Consult SA-20250211-0 :: Multiple vulnerabilities in Wattsense Bridge
Read Time:14 Second
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Feb 12
SEC Consult Vulnerability Lab Security Advisory < 20250211-0 >
=======================================================================
title: Multiple vulnerabilities
product: Wattsense – Wattsense Bridge
vulnerable version: Wattsense Bridge
* Hardware Revision: WSG-EU-SC-14-00, 20230801
* Firmware Revision: Wattsense (Wattsense minimal)…
USN-7266-1: digiKam vulnerabilities
Read Time:1 Minute, 41 Second
Zinuo Han and Ao Wang discovered that the Android DNG SDK, vendored in
digiKam, did not correctly parse certain files. An attacker could possibly
use this issue to execute arbitrary code. This issue only affected
Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2017-0691)
It was discovered that Platinum Upnp SDK, vendored in digiKam, was
vulnerable to a path traversal attack. An attacker could possibly use this
issue to leak sensitive information. This issue only affected
Ubuntu 20.04 LTS. (CVE-2020-19858)
It was discovered that LibRaw, vendored in digiKam, did not correctly
handle certain memory operations. If a user or automated system were
tricked into opening a specially crafted file, an attacker could possibly
use this issue to leak sensitive information. This issue only affected
Ubuntu 20.04 LTS. (CVE-2020-22628)
It was discovered that LibRaw, vendored in digiKam, did not correctly
handle certain memory operations. If a user or automated system were
tricked into opening a specially crafted file, an attacker could possibly
use this issue to cause a denial of service or execute arbitrary code. This
issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-35530,
CVE-2020-35531, CVE-2020-35532, CVE-2020-35533)
It was discovered that LibRaw, vendored in digiKam, did not correctly
handle certain memory operations. If a user or automated system were
tricked into opening a specially crafted file, an attacker could possibly
use this issue to cause a denial of service or execute arbitrary code.
This issue only affected Ubuntu 20.04 LTS. (CVE-2021-32142)
It was discovered that LibRaw, vendored in digiKam, did not correctly
handle certain memory operations. If a user or automated system were
tricked into opening a specially crafted file, an attacker could possibly
use this issue to cause a denial of service or execute arbitrary code.
This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and
Ubuntu 22.04 LTS. (CVE-2023-1729)