Moderate: Red Hat Security Advisory: vsftpd security update

An update for vsftpd is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability...

Linux Distros Unpatched Vulnerability : CVE-2022-50455

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nfs: fix possible null-ptr-deref when parsing param According to commit vfs: parse: deal with zero length string value, kernel will set the param-string to null...

CVE-2022-50455

...

libsoup: buffer overflow via UTF-8 conversion in soup_header_parse_param_list_strict

A flaw was found in the libsoup library. Decoding specially crafted UTF-8 input data with the soupheaderparseparamliststrict function can cause a heap-based buffer overflow, potentially resulting in code execution and denial of service to applications linked to the library...

X (Formerly Twitter): Incorrect param parsing in Digits web authentication

Hi, I would like to report an issue on Digits web authentication which allows attackers to retrieve the OAuth credential data of an application victims authorized. Detail Digits web authentication has strict validation on host and callbackurl. On the server side, the values are compared with the...