Buffer overflow vulnerability in function stbi__extend_receive in stb_image.h in stb 2.26 via a crafted JPEG file. (CVE-2021-28021) An issue was discovered in stb stb_image.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of
In zsh before 5.8.1, an attacker can achieve code execution if they control a command output inside the prompt, as demonstrated by a %F argument. This occurs because of recursive PROMPT_SUBST expansion. (CVE-2021-45444) References:
rlwrap update fixes use of /tmp/rlwrap.debug causing a denial of service for other users on the same system. References: - https://bugs.mageia.org/show_bug.cgi?id=30036
phoronix-test-suite is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'). (CVE-2022-0157) phoronix-test-suite is vulnerable to Cross-Site Request Forgery (CSRF). (CVE-2022-0196, CVE-2022-0197, CVE-2022-0238)
Stack-based buffer overflow in auphone.c that can be triggered by an environment variable. Also, the x11-util-cf-files package has been patched to allow building nas.
This update provides new and updated nonfree firmwares and fixes atleast the following security issues: Improper input validation in firmware for Intel(R) PROSet/Wireless Wi-Fi may allow an unauthenticated user to potentially enable escalation of
Updated microcodes for Intel processors, fixing various functional issues, and atleast the following security issues: Insufficient control flow management in some Intel(R) Processors may allow an authenticated user to potentially enable a denial of service via local
This kernel-linus update is based on upstream 5.15.23 and fixes atleast the following security issues: A stack overflow flaw was found in the Linux kernel TIPC protocol functionality in the way a user sends a packet with malicious content
This kernel update is based on upstream 5.15.23 and fixes atleast the following security issues: A stack overflow flaw was found in the Linux kernel TIPC protocol functionality in the way a user sends a packet with malicious content
If a user installed an extension of a particular type, the extension could have auto-updated itself and while doing so, bypass the prompt which grants the new version the new requested permissions (CVE-2022-22754). If a user was convinced to drag and drop an image to their desktop or other
Processing fixup entries may follow symbolic links. (CVE-2021-31566) libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block and process_block). (CVE-2021-36976)
Processing a maliciously crafted mail message may lead to running arbitrary javascript. Description: A validation issue was addressed with improved input sanitization. (CVE-2022-22589) Processing maliciously crafted web content may lead to arbitrary code
Ziming Zhang discovered that BlueZ incorrectly handled memory write operations in its gatt server. A remote attacker could possibly use this to cause BlueZ to crash leading to a denial of service, or potentially remotely execute code. (CVE-2022-0204)
If a user installed an extension of a particular type, the extension could have auto-updated itself and while doing so, bypass the prompt which grants the new version the new requested permissions (CVE-2022-22754). If a user was convinced to drag and drop an image to their desktop or other
For CVE-2021-20316 and CVE-2021-44141, there is only a workaround and mitigation: All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory