RLSA-2022:5338 Moderate: ruby:2.6 security, bug fix, and enhancement update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby 2.6.10. BZ2089374 Security Fixes: Ruby: Buffer overrun in...

ruby:2.6 security, bug fix, and enhancement update

An update is available for rubygem-bson, rubygem-mysql2, ruby, rubygem-mongo, rubygem-pg, rubygem-abrt. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Ruby is a...

The vulnerability of the Cboot module (tegrabl_cbo.c) in the NVIDIA Jetson microprogramming system driver package allows a hacker to execute arbitrary code or cause a partial service failure.

The vulnerability of the Cboot module tegrablcbo.c in the NVIDIA Jetson microprogramming system driver package is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code or cause a partial service failure...

The vulnerability of the Java Runtime Environment software platform arises from operations that go beyond the buffer boundaries in memory, allowing attackers to compromise the integrity of the runtime environment or disable the security monitor.

The vulnerability of the Java Runtime Environment software platform arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to compromise the integrity of the system or disable the security controller...

SUSE: Security Advisory (SUSE-SU-2022:2184-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2022:2184-1 Security update for liblouis

This update for liblouis fixes the following issues: - CVE-2022-26981: fix buffer overrun in compilePassOpcode bsc1197085. - CVE-2022-31783: prevent an invalid memory write in compileRule bsc1200120...

The vulnerability of the Adobe Bridge file manager, related to writing beyond the buffer boundaries in memory, allows a hacker to execute arbitrary code.

The vulnerability of the Adobe Bridge file manager is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

The vulnerability of the library for viewing, printing, rendering, creating, and processing PDF files. The PDFTron SDK software from Autodesk allows a perpetrator to execute arbitrary code.

The vulnerability of the PDFTron SDK software’s library for viewing, printing, rendering, creating, and processing PDF files is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code in the context of the current...

CVE-2022-27870

A maliciously crafted TGA file in Autodesk AutoCAD 2023 may be used to write beyond the allocated buffer while parsing TGA file. This vulnerability may be exploited to execute arbitrary code...

Exploit for CVE-2022-26937

Windows Network File System Crash PoC CVE-2022-26937...

The vulnerability of the .NET components in the communication protocol library used for connecting components of ASU systems in the Triangle MicroWorks DNP3 Source Code Library platform for managing public distribution and transmission networks. This allows a intruder to cause a service failure.

The vulnerability of .NET components in the communication protocol library used for connecting components of ASU systems in the Triangle MicroWorks DNP3 Source Code Library platform for managing public distribution and transmission networks, such as Schneider Electric Saitel DP RTU Remote Termina...

The vulnerability of the TGA file syntax analysis implementation in the Autodesk Design Review software lies in the ability to write beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the TGA file syntax analysis implementation in the Autodesk Design Review software relates to the writing beyond buffer boundaries in memory during DWG file syntax analysis. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code in the context o...

The vulnerability of the software for opening, viewing, printing, and transforming DWG TrueView file drawings lies in the writing beyond buffer boundaries in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the software for opening, viewing, printing, and transforming DWG drawing files in TrueView is related to writing beyond the buffer boundaries in memory during DWG file syntax analysis. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the...

The vulnerability in the implementation of the vim regsub_both() function in the Vim text editor allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the vim regsubboth function in the Vim text editor is related to writing data beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to execute arbitrary code or cause a service failure using a specially created file...

The vulnerability in the implementation of the vim_strncpy find_word() function in the Vim text editor allows a hacker to cause a service failure or execute arbitrary code.

The vulnerability of the vimstrncpy findword function in the Vim text editor is related to the execution of the operation beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to trigger a system failure or execute arbitrary code by loading a specially...

The vulnerability of the Corel PDF Fusion software for converting PDF files lies in the fact that it allows for writing beyond the buffer boundaries, enabling an attacker to execute arbitrary code.

The vulnerability of the Corel PDF Fusion software for converting PDF files is related to writing beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

The vulnerability of Adobe InDesign’s computer layout automation tool, related to writing beyond the buffer in memory, allows a hacker to execute arbitrary code.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...

The vulnerability of the software for working with animations in Adobe Character Animator lies in the ability to write code beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the Adobe Character Animator software for animating graphics is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code in the context of the current user, using a specially crafted SVG file...

The vulnerability of the Adobe Framemaker desktop publishing system, related to writing beyond the buffer boundaries in memory, allows a hacker to execute arbitrary code.

The vulnerability of the Adobe Framemaker desktop publishing system lies in the writing of code beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code in the context of the current user, using a specially created file...

The vulnerability of the AhciBusDxe driver in the InsydeH2O UEFI firmware creation framework allows a hacker to escalate their privileges.

The vulnerability of the AhciBusDxe driver used by the InsydeH2O UEFI firmware creation framework lies in the writing of data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to gain increased privileges...