Security Bulletin: Security Vulnerabilities affect IBM Cloud Private - zabbix-agent2 package for Alpine Linux (CVE-2022-22704)

Summary Security Vulnerabilities affect IBM Cloud Private - zabbix-agent2 package for Alpine Linux Vulnerability Details CVEID: CVE-2022-22704 DESCRIPTION: zabbix-agent2 package for Alpine Linux could allow a remote authenticated attacker to gain elevated privileges on the system, caused by a...

Security Bulletin: Security Vulnerabilities affect IBM Cloud Private - xrdp package for Alpine Linux (CVE-2021-36158)

Summary Security Vulnerabilities affect IBM Cloud Private - xrdp package for Alpine Linux Vulnerability Details CVEID: CVE-2021-36158 DESCRIPTION: xrdp package for Alpine Linux is vulnerable to a man-in-the-middle attack, caused by improper generation of RSA certificates and private keys in the R...

ALPINE-CVE-2022-27404

FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfntinitface...

Slackware: Security Advisory (SSA:2021-264-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ALPINE-CVE-2022-27449

MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/itemfunc.cc:148...

ALPINE-CVE-2022-28805

singlevar in lparser.c in Lua from including 5.4.0 up to excluding 5.4.4 lacks a certain luaKexp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code...

ALPINE-CVE-2022-1160

heap buffer overflow in getonesourceline in GitHub repository vim/vim prior to 8.2.4647...

ALPINE-CVE-2018-25032

zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input has many distant matches...

ALPINE-CVE-2021-26401

LFENCE/JMP mitigation V2-2 may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs...

ALPINE-CVE-2021-23214

When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption...

ALPINE-CVE-2021-43300

Stack overflow in PJSUA API when calling pjsuarecordercreate. An attacker-controlled 'filename' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation...

ALPINE-CVE-2021-46462

njs through 0.7.1, used in NGINX, was discovered to contain a segmentation violation via njsobjectsetprototype in /src/njsobject.c...

Wslu - A Collection Of Utilities For Windows 10 Linux Subsystems

This is a collection of utilities for Windows 10 Linux Subsystem, such as retrieving Windows 10 environment variables or creating your favorite Linux GUI application shortcuts on Windows 10 Desktop. Requires Windows 10 Creators Update; Some of the feature requires a higher version of Windows 10;...

ALPINE-CVE-2021-46663

MariaDB through 10.5.13 allows a hamaria::extra application crash via certain SELECT statements...

ALPINE-CVE-2021-46661

MariaDB through 10.5.9 allows an application crash in findfieldintables and findorderinlist via an unused common table expression CTE...

ALPINE-CVE-2021-46665

MariaDB through 10.5.9 allows a sqlparse.cc application crash because of incorrect usedtables expectations...

CVE-2021-27971

Alps Alpine Touchpad Driver 10.3201.101.215 is vulnerable to DLL Injection...

CVE-2021-27971

Alps Alpine Touchpad Driver 10.3201.101.215 is vulnerable to DLL Injection...

Design/Logic Flaw

Alps Alpine Touchpad Driver 10.3201.101.215 is vulnerable to DLL Injection...

CVE-2021-27971

CVE-2021-27971 affects the Alps Alpine Touchpad Driver version 10.3201.101.215. The vulnerability is described as DLL Injection in the driver. In NVD, CVSSv3.1 base score is 7.8 (High) with LOCAL attack vector, LOW attack complexity, and LOW privileges required; impacts to confidentiality, integr...