Researchers Uncover New Bugs in Popular ImageMagick Image Processing Utility

Cybersecurity researchers have disclosed details of two security flaws in the open source ImageMagick software that could potentially lead to a denial-of-service DoS and information disclosure. The two issues, which were identified by Latin American cybersecurity firm Metabase Q in version...

SUSE-SU-2023:0140-1 Security update for libzypp-plugin-appdata

This update for libzypp-plugin-appdata fixes the following issues: - CVE-2023-22643: Fixed potential shell injection related to malicious repo names bsc1206836. - Added hardening to systemd service bsc1181400...

SUSE: Security Advisory (SUSE-SU-2023:0095-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2023:0095-1 Security update for libzypp-plugin-appdata

This update for libzypp-plugin-appdata fixes the following issues: - CVE-2023-22643: Fixed potential shell injection related to malicious repo names bsc1206836...

maven-shared-utils: Command injection via Commandline class

A flaw was found in the maven-shared-utils package. This issue allows a Command Injection due to improper escaping, allowing a shell injection attack...

Amazon Linux 2022 : maven-shared-utils (ALAS2022-2022-242)

The version of maven-shared-utils installed on the remote host is prior to 3.3.4-4. It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-242 advisory. - In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings...

OPENSUSE-SU-2022:10179-1 Security update for jhead

This update for jhead fixes the following issues: - CVE-2022-41751: Fixed shell injection via filenames boo1204409...

OPENSUSE-SU-2022:10178-1 Security update for jhead

This update for jhead fixes the following issues: - CVE-2022-41751: Fixed shell injection via filenames boo1204409...

Security update for jhead (important)

openSUSE Security Update: Security update for jhead Announcement ID: openSUSE-SU-2022:10178-1 Rating: important References: 1204409 Cross-References: CVE-2022-41751 CVSS scores: CVE-2022-41751 NVD : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: openSUSE Backports SLE-15-SP3 ...

Security update for jhead (important)

openSUSE Security Update: Security update for jhead Announcement ID: openSUSE-SU-2022:10179-1 Rating: important References: 1204409 Cross-References: CVE-2022-41751 CVSS scores: CVE-2022-41751 NVD : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: openSUSE Backports SLE-15-SP4 ...

Debian: Security Advisory (DSA-5242-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-5242-1 : maven-shared-utils - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5242 advisory. It was discovered that the Commandline class in maven-shared-utils, a collection of various utility classes for the Maven build system, can emit double-quoted strings...

[SECURITY] [DSA 5242-1] maven-shared-utils security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5242-1 [email protected] https://www.debian.org/security/ Aron Xu September 28, 2022 https://www.debian.org/security/faq -...

CVE-2022-40785

Unsanitized input when setting a locale file leads to shell injection in mIPC camera firmware 5.3.1.2003161406. This allows an attacker to gain remote code execution on cameras running the firmware when a victim logs into a specially crafted mobile app...

CVE-2022-40785

Unsanitized input when setting a locale file leads to shell injection in mIPC camera firmware 5.3.1.2003161406. This allows an attacker to gain remote code execution on cameras running the firmware when a victim logs into a specially crafted mobile app...

Remote code execution

Unsanitized input when setting a locale file leads to shell injection in mIPC camera firmware 5.3.1.2003161406. This allows an attacker to gain remote code execution on cameras running the firmware when a victim logs into a specially crafted mobile app...

CVE-2022-40785

CVE-2022-40785 affects mIPC camera firmware 5.3.1.2003161406. The issue arises from unsanitized input when setting a locale file, enabling shell injection. This can allow remote code execution on cameras when a victim logs into a specially crafted mobile app. The connected documents confirm the v...

CVE-2022-40785

Unsanitized input when setting a locale file leads to shell injection in mIPC camera firmware 5.3.1.2003161406. This allows an attacker to gain remote code execution on cameras running the firmware when a victim logs into a specially crafted mobile app...

PT-2022-25539 · Unknown · Mipc Camera Firmware

Name of the Vulnerable Software and Affected Versions: mIPC camera firmware version 5.3.1.2003161406 Description: Unsanitized input when setting a locale file leads to shell injection in the firmware. This allows an attacker to gain remote code execution on cameras running the firmware when a...

OESA-2022-1898 intel-sgx-ssl security update

The Intel® Software Guard Extensions SSL Intel® SGX SSL cryptographic library is intended to provide cryptographic services for Intel® Software Guard Extensions SGX enclave applications. The Intel® SGX SSL cryptographic library is based on the underlying OpenSSL Open Source project, providing a...