[SECURITY] Fedora 34 Update: golang-github-prometheus-tsdb-0.10.0-6.fc34

Package Tsdb implements a time series storage for float64 sample data...

[SECURITY] Fedora 35 Update: golang-k8s-sample-controller-1.22.0-3.fc35

This package implements a simple controller for watching Foo resources as defined with a CustomResourceDefinition CRD...

[SECURITY] Fedora 35 Update: golang-k8s-sample-apiserver-1.22.0-4.fc35

Demonstration of how to use the k8s.io/apiserver library to build a functional API server...

Buffer Over-read

Description Stack-based Buffer Overflow at index.c:991 Build git clone https://github.com/bfabiszewski/libmobi.git cd libmobi export CFLAGS="-g -O0 -lpthread -fsanitize=address" export CXXFLAGS="-g -O0 -lpthread -fsanitize=address" export LDFLAGS="-fsanitize=address" ./autogen.sh ./configure...

CVE-2022-27145

GPAC mp4box 1.1.0-DEV-rev1727-g8be34973d-master has a stack-overflow vulnerability in function gfisomgetsampleformovietime of mp4box...

DEBIAN-CVE-2022-27145

GPAC mp4box 1.1.0-DEV-rev1727-g8be34973d-master has a stack-overflow vulnerability in function gfisomgetsampleformovietime of mp4box...

UBUNTU-CVE-2022-27145

GPAC mp4box 1.1.0-DEV-rev1727-g8be34973d-master has a stack-overflow vulnerability in function gfisomgetsampleformovietime of mp4box...

Gpac MP4Box 缓冲区错误漏洞

Gpac MP4Box is multimedia packager. It is mainly used for working with ISOBMF files e.g. MP4, 3GP, but can also be used to import/export media from container files such as AVI, MPG, MKV, MPEG-2 TS, etc. A security vulnerability exists in GPAC mp4box version 1.1.0-DEV-rev1727-g8be34973d-master,...

The vulnerability of the Sample apps component of the Oracle WebLogic Server application server allows attackers to compromise the confidentiality and integrity of the protected information.

The vulnerability of the Sample apps component of the Oracle WebLogic Server application server exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality and integrity of the protected information...

WordPress Advanced Product Sample for WooCommerce plugin < 1.0.1 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Advanced Product Sample for WooCommerce plugin versions 1.0.1. Solution Update the WordPress Advanced Product Sample for WooCommerce plugin to the latest available version at least 1.0.1...

CVE-2022-21361

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Sample apps. Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic...

CVE-2022-21361

CVE-2022-21361 affects Oracle WebLogic Server (Sample apps component) in Oracle Fusion Middleware. Affected: 12.2.1.4.0 and 14.1.1.0.0. Vulnerability allows unauthenticated, network-accessible (via HTTP) compromise of WebLogic Server; exploitation requires user interaction per the description. Im...

Oracle WebLogic Server 输入验证错误漏洞

Oracle WebLogic Server is an application services middleware for cloud and legacy environments from Oracle Corporation Oracle that provides a modern lightweight development platform that supports the full lifecycle management of applications from development to production and simplifies applicati...

WordPress Core 5.8.2 - (WP_Query) SQL Injection Vulnerability

Exploit Title: WordPress Core 5.8.2 - 'WPQuery' SQL Injection Exploit Author: Aryan Chehreghani Vendor Homepage: https://wordpress.org Software Link: https://wordpress.org/download/releases Version: &nonce=a85a0c3bfa&...

kari (=0.1.0), soos-sample-project (=1.0.1) potentially affected by CVE-2020-36513 +1 more via acc_reader (=2.0.0)

accreader CARGO version =2.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on accreader and may be impacted: - kari =0.1.0 - soos-sample-project =1.0.1 Source cves: CVE-2020-36513, CVE-2020-36514 Source advisory: OSV:GHSA-799F-R78P-GQ9C...

kari (=0.1.0), soos-sample-project (=1.0.1) potentially affected by CVE-2020-36513 +1 more via acc_reader (=2.0.0)

accreader CARGO version =2.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on accreader and may be impacted: - kari =0.1.0 - soos-sample-project =1.0.1 Source cves: CVE-2020-36513, CVE-2020-36514 Source advisory: OSV:GHSA-P4CR-64X4-F92F...

Skrull - A Malware DRM, That Prevents Automatic Sample Submission By AV/EDR And Signature Scanning From Kernel

Skrull is a malware DRM, that prevents Automatic Sample Submission by AV/EDR and Signature Scanning from Kernel. It generates launchers that can run malware on the victim using the Process Ghosting technique. Also, launchers are totally anti-copy and naturally broken when got submitted. It's a...

Artifex Software Ghostscript 缓冲区错误漏洞

Artifex Software Ghostscript is an open source parser for Postscript a page description language and programming language used in the electronics industry and desktop publishing from Artifex Software, Inc. The product can display Postscript files and print them on non-Postscript printers. Artifex...

Artifex Software Ghostscript 资源管理错误漏洞

Artifex Software Ghostscript is an open source parser for Postscript a page description language and programming language used in the electronics industry and desktop publishing from Artifex Software, Inc. The product can display Postscript files and print them on non-Postscript printers. A...

[SECURITY] [DLA 2845-1] libsamplerate security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2845-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz December 14, 2021 https://wiki.debian.org/LTS -...