RLSA-2023:2417 Moderate: php:8.1 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php 8.1.14. Security Fixes: XKCP: buffer overflow in the SHA-3 reference implementation CVE-2022-37454 php: standard insecure cookie could b...

SUSE CVE-2015-4598

PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls 1 a DOMDocument save method or 2 the GD imagepsloadfont function...

SUSE CVE-2017-14685

Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016aa61" on Windows. This occurs because xpsloadlinksinglyphs in...

CVE-2022-45407

If an attacker loaded a font using FontFace on a background worker, a use-after-free could have occurred, leading to a potentially exploitable crash. This vulnerability affects Firefox 107...

UBUNTU-CVE-2022-45407

If an attacker loaded a font using FontFace on a background worker, a use-after-free could have occurred, leading to a potentially exploitable crash. This vulnerability affects Firefox 107...

Private EUDCs are not displayed in Character Map after you apply update 2982791 in Windows 7 or Windows Server 2008 R2

Private EUDCs are not displayed in Character Map after you apply update 2982791 in Windows 7 or Windows Server 2008 R2 This article describes an end-user-defined characters EUDCs load issue that occurs after you apply update 2982791 in Windows 7 Service Pack 1 SP1 or Windows Server 2008 R2 SP1. W...

UBUNTU-CVE-2017-14685

Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016aa61" on Windows. This occurs because xpsloadlinksinglyphs in...

Microsoft Windows - Custom Font Disable Policy Bypass

Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=779 Windows: Custom Font Disable Policy Bypass Platform: Windows 10 Only Class: Security Feature Bypass Summary: It’s possible to bypass the ProcessFontDisablePolicy check in win32...