[SECURITY] Fedora 42 Update: qt5-qtvirtualkeyboard-5.15.18-1.fc42

The Qt Virtual Keyboard project provides an input framework and reference key board frontend for Qt 5. Key features include: Customizable keyboard layouts and styles with dynamic switching. Predictive text input with word selection. Character preview and alternative character view. Automatic...

GitLab 0.0 < 14.2.6 / 14.3 < 14.3.4 / 14.4 < 14.4.1 (CVE-2021-42574)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via control sequences, which can be used to craft sourc...

GHSA-PH9X-4VC9-M39G Vyper vulnerable to incorrect ordering of arguments for kwargs passed to internal calls

Impact Internal calls to internal functions with more than 1 default argument are compiled incorrectly. Depending on the number of arguments provided in the call, the defaults are added not right-to-left, but left-to-right. If the types are incompatible, typechecking is bypassed. In the bar...

PYSEC-2023-79

Vyper is a Pythonic smart contract language for the Ethereum virtual machine. Prior to version 0.3.8, internal calls with default arguments are compiled incorrectly. Depending on the number of arguments provided in the call, the defaults are added not right-to-left, but left-to-right. If the type...

SUSE CVE-2016-5267

Mozilla Firefox before 48.0 on Android allows remote attackers to spoof the address bar via left-to-right characters in conjunction with a right-to-left character set...

Amazon Linux 2022 : cpp, gcc, gcc-c++ (ALAS2022-2022-057)

It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-057 advisory. A flaw was found in the way Unicode standards are implemented in the context of development environments, which have specialized requirements for rendering text. An attacker could exploit this to deceiv...

Skia - Incorrect Convexity Assumptions Leading to Buffer Overflows

I was looking into the root cause of https://bugs.chromium.org/p/chromium/issues/detail?id=850350. In that bug, due to precision errors, Skia generated a concave RRect, but declared it convex. Later, the RRect was transformed with an affine transform and used as a clipping region for drawing...

DEBIAN-CVE-2018-5117

If right-to-left text is used in the addressbar with left-to-right alignment, it is possible in some circumstances to scroll this text to spoof the displayed URL. This issue could result in the wrong URL being displayed as a location, which can mislead users to believe they are on a different sit...

Mozilla: URL spoofing with right-to-left text aligned left-to-right (MFSA 2018-03)

If right-to-left text is used in the addressbar with left-to-right alignment, it is possible in some circumstances to scroll this text to spoof the displayed URL. This issue could result in the wrong URL being displayed as a location, which can mislead users to believe they are on a different sit...

Mozilla: URL spoofing with right-to-left text aligned left-to-right (MFSA 2018-03)

If right-to-left text is used in the addressbar with left-to-right alignment, it is possible in some circumstances to scroll this text to spoof the displayed URL. This issue could result in the wrong URL being displayed as a location, which can mislead users to believe they are on a different sit...

CVE-2017-7526

libgcrypt before version 1.7.8 is vulnerable to a cache side-channel attack resulting into a complete break of RSA-1024 while using the left-to-right method for computing the sliding-window expansion. The same attack is believed to work on RSA-2048 with moderately more computation. This...

CVE-2016-5267

Mozilla Firefox before 48.0 on Android allows remote attackers to spoof the address bar via left-to-right characters in conjunction with a right-to-left character set...

CVE-2016-5267

Mozilla Firefox before 48.0 on Android allows remote attackers to spoof the address bar via left-to-right characters in conjunction with a right-to-left character set...

Security update 1970-01-01

...