1065 matches found
DSA-5390-1 chromium - security update
Bulletin has no description...
Multiple mobile printing apps for Android vulnerable to improper intent handling
Overview Multiple mobile printing apps for Android are vulnerable to improper intent handling CWE-668. Johan Francsics reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer. Impact When a malicious app is installed on the victim user's Android device, the app may send...
DLA-3390-1 zabbix - security update
Bulletin has no description...
DLA-3374-1 libmicrohttpd - security update
Bulletin has no description...
PT-2023-1929 · Adobe · Dimension
Name of the Vulnerable Software and Affected Versions: Adobe Dimension versions 3.4.7 and earlier Description: The issue is related to a Heap-based Buffer Overflow vulnerability when processing USD files, which could result in arbitrary code execution in the context of the current user...
DLA-3353-1 xfig - security update
Bulletin has no description...
DLA-3352-1 libde265 - security update
Bulletin has no description...
Multiple vulnerabilities in Trend Micro Maximum Security
Overview Trend Micro Incorporated has released security updates for Trend Micro Maximum Security. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN. Impact Trend Micro Maximum Security 2022 Arbitrary file deletion due to link...
JVN#57224029: Multiple vulnerabilities in SS1 and Rakuraku PC Cloud
SS1 is asset management software and Rakuraku PC Cloud is cloud-based asset management service. SS1 and Rakuraku PC Cloud Agent contain multiple vulnerabilities listed below. Improper Access Control CWE-284 - CVE-2023-22335 Version| Vector| Score ---|---|--- CVSS v3|...
DLA-3340-1 libgit2 - security update
Bulletin has no description...
JVN#18765463: Multiple cross-site scripting vulnerabilities in SHIRASAGI
SHIRASAGI provided by SHIRASAGI Project contains multiple vulnerabilities listed below. Stored cross-site scripting vulnerability on Schedule function CWE-79 - CVE-2023-22425 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N| Base Score: 5.4 CVSS v2|...
DSA-5354-1 snort - security update
Bulletin has no description...
DSA-5351-1 webkit2gtk - security update
Bulletin has no description...
SUSE-SU-2023:0395-1 Security update for python-py
This update for python-py fixes the following issues: - CVE-2022-42969: Fixed an excessive resource consumption that could be triggered when interacting with a Subversion repository containing crated data bsc1204364. This also updates python3-py to version 1.8.1 for SUSE Linux Enterprise Server...
DLA-3316-1 postgresql-11 - security update
Bulletin has no description...
SUSE-SU-2022:0525-2 Security update for polkit
This update for polkit fixes the following issues: - CVE-2021-4115: Fixed a denial of service via file descriptor leak bsc1195542...
Contec CONPROSYS HMI System (CHS) vulnerable to multiple SQL injections
Overview CONPROSYS HMI System CHS provided by CONTEC CO.,LTD. contains multiple SQL injection vulnerabilities CWE-89. Mosin from ELEX FEIGONG RESEARCH INSTITUTE of Elex CyberSecurity, Inc., reported these vulnerabilities to Contec Co., Ltd. Contec Co., Ltd. reported the issues to JPCERT/CC in ord...
JVN#05288621: EasyMail vulnerable to cross-site scripting
EasyMail provided by First Net Japan Inc. contains a stored cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the web browser of the user who accessed the site using the product. Solution Update the software Update the software to the latest version accordin...
PT-2023-33362 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.227 Description: The issue is related to the invocation of MMU notifiers in shmem/file collapse paths in the Linux Kernel. The actual impact and attack plausibility have not yet been proven. Recommendations...
DSA-5316-1 netty - security update
Bulletin has no description...