An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages (CVE-2022-46872). A drag-and-dropped file with a long filename could have had its filename
Affected versions of FreeRDP are missing input length validation in 'drive' channel. A malicious server can trick a FreeRDP based client to read out of bound data and send it back to the server. (CVE-2022-41877) References:
This update fixes a denial of service vulnerability in leptonlib. It can be made to crash with an arithmetic exception on specially crafted JPEG files. (CVE-2022-38266) References:
Fixes missing certificate hostname validation References: - https://bugs.mageia.org/show_bug.cgi?id=31200 - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/RDCGUJ5VBYUCDAXSHYA5NX2THU2RYIXE/
Isaac Boukris reported that the Heimdal KDC before 7.7.1 does not apply delegation_not_allowed (aka not-delegated) user attributes for S4U2Self. Instead the forwardable flag is set even if the impersonated client has the not-delegated flag set. (CVE-2019-14870)
Greg Hudson discovered integer overflow flaws in the PAC parsing in krb5, the MIT implementation of Kerberos, which may result in remote code execution (in a KDC, kadmin, or GSS or Kerberos application server process), information exposure (to a cross-realm KDC acting maliciously), or denial of service (KDC or kadmind process crash).
In Apache CouchDB prior to 3.2.2, an attacker can access an improperly secured default installation without authenticating and gain admin privileges. The CouchDB documentation has always made recommendations for properly securing an installation, including recommending using a firewall in front of all CouchDB installations. (CVE-2022-24706)
matio (aka MAT File I/O Library) 1.5.18 through 1.5.21 has a heap-based buffer overflow in ReadInt32DataDouble (called from ReadInt32Data and Mat_VarRead4). (CVE-2020-36428) matio (aka MAT File I/O Library) 1.5.20 and 1.5.21 has a heap-based
Heap based buffer overflow in vim/vim 9.0.0946 and below by allowing an attacker to CTRL-W gf in the expression used in the RHS of the substitute command. (CVE-2022-4141) References:
node-json-schema, JSON Schema validation and specifications, was vulnerable to Improperly Controlled Modification of Object Prototype Attributes. (CVE-2021-3918) References:
Set CKA_NSS_SERVER_DISTRUST_AFTER and CKA_NSS_EMAIL_DISTRUST_AFTER for 3 TrustCor Root Certificates. r=KathleenWilson References: - https://bugs.mageia.org/show_bug.cgi?id=31232
AWStats 7.x through 7.8 allows XSS in the hostinfo plugin due to printing a response from Net::XWhois without proper checks. (CVE-2022-46391) References: - https://bugs.mageia.org/show_bug.cgi?id=31230
2-byte DoS in netkit-telnetd. (CVE-2022-39028) References: - https://bugs.mageia.org/show_bug.cgi?id=31229 - https://pierrekim.github.io/blog/2022-08-24-2-byte-dos-freebsd-netbsd-telnetd-netkit-telnetd-inetutils-telnetd-kerberos-telnetd.html
rxvt-unicode 9.25 and 9.26 are vulnerable to remote code execution, in the Perl background extension, when an attacker can control the data written to the user's terminal and certain options are set. (CVE-2022-4170) References:
A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function. (CVE-2022-30065) References:
GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "ctags *" command (suggested in the ctags documentation) in a situation where the current working
Security fix for TALOS-2022-1594. References: - https://bugs.mageia.org/show_bug.cgi?id=31207 - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/IWF2CGKHHMVPAEZ2VSMQDVMDS4VUYMV3/