CVE-2022-21948

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in paste allows remote attackers to place Javascript into SVG files. This issue affects: openSUSE paste paste version b57b9f87e303a3db9465776e657378e96845493b and prior versions...

CVE-2022-21948

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in paste allows remote attackers to place Javascript into SVG files. This issue affects: openSUSE paste paste version b57b9f87e303a3db9465776e657378e96845493b and prior versions...

CVE-2022-21948 paste: XSS on the image upload function

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in paste allows remote attackers to place Javascript into SVG files. This issue affects: openSUSE paste paste version b57b9f87e303a3db9465776e657378e96845493b and prior versions...

CVE-2022-21948

The CVE-2022-21948 issue is an XSS vulnerability in openSUSE paste’s image upload handling, caused by improper input neutralization during SVG processing. Affected: paste versions prior to b57b9f87e303a3db9465776e657378e96845493b. Impact: remote attacker can inject Javascript into SVG files. Expl...

SUSE openSUSE 跨站脚本漏洞

openSUSE is a set of Linux-based free operating systems and open source community projects from SUSE Germany. A cross-site scripting vulnerability exists in openSUSE paste, which originates from the presence of cross-site scripting that can be exploited by a remote attacker to place Javascript in...

USN-5824-1 thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing,...

USN-5801-1 vim vulnerabilities

It was discovered that Vim makes illegal memory calls when pasting brackets in Ex mode. An attacker could possibly use this to crash Vim, access or modify memory, or execute arbitrary commands. This issue affected only Ubuntu 20.04 and 22.04 CVE-2022-0392 It was discovered that Vim makes illegal...

USN-5782-3 firefox regressions

USN-5782-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Firefox was using an out-of-date libusrsctp library. An attacker could possibly use th...

USN-5782-2 firefox regressions

USN-5782-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Firefox was using an out-of-date libusrsctp library. An attacker could possibly use th...

USN-5782-1: Firefox vulnerabilities

It was discovered that Firefox was using an out-of-date libusrsctp library. An attacker could possibly use this library to perform a reentrancy issue on Firefox. CVE-2022-46871 Nika Layzell discovered that Firefox was not performing a check on paste received from cross-processes. An attacker coul...

USN-5782-1 firefox vulnerabilities

It was discovered that Firefox was using an out-of-date libusrsctp library. An attacker could possibly use this library to perform a reentrancy issue on Firefox. CVE-2022-46871 Nika Layzell discovered that Firefox was not performing a check on paste received from cross-processes. An attacker coul...

incorrect commend and/or rounding issues in AutoPxGmx and AutoPxGlp

Lines of code Vulnerability details Impact The comments on the affected lines state previewWithdraw will round up. However, the implementation, an inner call to convertToShares is made, which actually calls mulDivDown. From further inspection, this pair of functions withdraw, previewWithdraw as...

Scrcpy - Display And Control Your Android Device

pronounced "scr een c opy " Read in another language This application provides display and control of Android devices connected via USB or over TCP/IP. It does not require any root access. It works on GNU/Linux , Windows and macOS. It focuses on: lightness : native, displays only the device scree...

DEBIAN-CVE-2022-37290

GNOME Nautilus 42.2 allows a NULL pointer dereference and getbasename application crash via a pasted ZIP archive...

UBUNTU-CVE-2022-37290

GNOME Nautilus 42.2 allows a NULL pointer dereference and getbasename application crash via a pasted ZIP archive...

GNOME Nautilus 代码问题漏洞

GNOME Nautilus is a file manager for use in the GNOME desktop environment. A security vulnerability exists in GNOME Nautilus version 42.2, which allows an attacker to implement a null pointer reference and cause the getbasename application to crash by pasting a ZIP archive...

slack-morphism-hyper (>=0.5.0 <=0.41.0), slack-paste (=0.1.0) potentially affected by CVE-2022-39292 via slack-morphism (>=0.10.0 <=0.9.0)

slack-morphism CARGO version =0.10.0, =0.5.0, =0.41.0 - slack-paste =0.1.0 Source cves: CVE-2022-39292 Source advisory: OSV:GHSA-4MJX-2GH5-PH8H...

slack-morphism-hyper (>=0.5.0 <=0.41.0), slack-paste (=0.1.0) potentially affected by CVE-2022-39292 via slack-morphism (>=0.10.0 <=0.9.0)

slack-morphism CARGO version =0.10.0, =0.5.0, =0.41.0 - slack-paste =0.1.0 Source cves: CVE-2022-39292 Source advisory: OSV:RUSTSEC-2022-0087...

Fedora: Security Advisory for kitty (FEDORA-2022-d718af66d1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 36 Update: kitty-0.26.3-2.fc36

Offloads rendering to the GPU for lower system load and buttery smooth scrolling. Uses threaded rendering to minimize input latency. - Supports all modern terminal features: graphics images, unicode, true-col or, OpenType ligatures, mouse protocol, focus tracking, bracketed paste and several new...