PT-2023-35859 · Git +1 · Harfbuzz

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type identified as Invalid-free. The crash state involves several function calls, including hb free impl, OT::glyf:: free...

Malicious PyPI Packages Using Compiled Python Code to Bypass Detection

Researchers have discovered a novel attack on the Python Package Index PyPI repository that employs compiled Python code to sidestep detection by application security tools. "It may be the first supply chain attack to take advantage of the fact that Python bytecode PYC files can be directly...

Huawei EulerOS: Security Advisory for pcre2 (EulerOS-SA-2023-1738)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.2.0 : pcre2 (EulerOS-SA-2023-1738)

According to the versions of the pcre2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compilexclassmatchingpath function of the...

Fedora: Security Advisory for rust-askama (FEDORA-2023-b37722768e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for mingw-binutils (FEDORA-2023-d6560c7198)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 36 Update: mingw-binutils-2.37-8.fc36

Cross compiled binutils utilities like 'strip', 'as', 'ld' which understand Windows executables and DLLs...

[SECURITY] Fedora 37 Update: mingw-binutils-2.38-8.fc37

Cross compiled binutils utilities like 'strip', 'as', 'ld' which understand Windows executables and DLLs...

Fedora: Security Advisory for mingw-binutils (FEDORA-2023-15c6e4be28)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 38 Update: mingw-binutils-2.39-6.fc38

Cross compiled binutils utilities like 'strip', 'as', 'ld' which understand Windows executables and DLLs...

ScarCruft's Evolving Arsenal: Researchers Reveal New Malware Distribution Techniques

The North Korean advanced persistent threat APT actor dubbed ScarCruft is using weaponized Microsoft Compiled HTML Help CHM files to download additional malware onto targeted machines. According to multiple reports from AhnLab Security Emergency response Center ASEC, SEKOIA.IO, and Zscaler, the...

Medium: pcre2

Issue Overview: An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compilexclassmatchingpath function of the pcre2jitcompile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not full...

Amazon Linux 2023 : pcre2, pcre2-devel, pcre2-static (ALAS2023-2023-045)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-045 advisory. An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compilexclassmatchingpath function of the pcre2jitcompile.c file. This involves a unicode property matching issue ...

Fedora: Security Advisory for mingw-binutils (FEDORA-2023-a86258ed64)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for mingw-binutils (FEDORA-2023-d044484038)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 37 Update: mingw-binutils-2.38-7.fc37

Cross compiled binutils utilities like 'strip', 'as', 'ld' which understand Windows executables and DLLs...

[SECURITY] Fedora 36 Update: mingw-binutils-2.37-7.fc36

Cross compiled binutils utilities like 'strip', 'as', 'ld' which understand Windows executables and DLLs...

Fedora: Security Advisory for mingw-binutils (FEDORA-2023-dbba9e7218)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 38 Update: mingw-binutils-2.39-5.fc38

Cross compiled binutils utilities like 'strip', 'as', 'ld' which understand Windows executables and DLLs...

SUSE CVE-2015-4469

The chmdreadheaders function in chmd.c in libmspack before 0.5 does not validate name lengths, which allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted CHM file...