It was discovered that OpenStack Heat incorrectly handled certain hidden
parameter values. A remote authenticated user could possibly use this issue
to obtain sensitive data.
Category Archives: Advisories
USN-6065-1: css-what vulnerabilities
It was discovered that css-what incorrectly handled certain inputs. If a user
or an automated system were tricked into opening a specially crafted input
file, a remote attacker could possibly use this issue to cause a denial of
service. (CVE-2021-33587, CVE-2022-21222)
USN-6064-1: SQL parse vulnerability
It was discovered that SQL parse incorrectly handled certain regular expression.
An attacker could possibly use this issue to cause a denial of service.
firefox-113.0-1.fc38
FEDORA-2023-2a5256e2a3
Packages in this update:
firefox-113.0-1.fc38
Update description:
Updated to latest upstream (113.0)
firefox-113.0-1.fc37
FEDORA-2023-45b3c1d9ed
Packages in this update:
firefox-113.0-1.fc37
Update description:
Updated to latest upstream (113.0)
firefox-113.0-1.fc36
FEDORA-2023-eee3f84a0f
Packages in this update:
firefox-113.0-1.fc36
Update description:
Updated to latest upstream (113.0)
new upstream release (112.0.2)
ZDI-23-573: Microsoft Windows PE Parsing Integer Overflow Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-23-572: Microsoft Office Visio DXF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Office Visio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-23-571: Microsoft SharePoint AdRotator Improper Input Validation NTLM Relay Vulnerability
This vulnerability allows remote attackers to relay NTLM credentials on affected installations of Microsoft SharePoint. Authentication is required to exploit this vulnerability.
ZDI-23-570: Adobe Substance 3D Painter USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Substance 3D Painter. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.