GSD-2022-1006572 mm/slub: fix to return errno if kmalloc() fails

mm/slub: fix to return errno if kmalloc fails This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.71 by commit...

CVE-2022-41847

An issue was discovered in Bento4 1.6.0-639. A memory leak exists in AP4StdcFileByteStream::CreateAP4FileByteStream, char const, AP4FileByteStream::Mode, AP4ByteStream& in System/StdC/Ap4StdCFileByteStream.cpp...

CVE-2022-41845

An issue was discovered in Bento4 1.6.0-639. There ie excessive memory consumption in the function AP4Array::EnsureCapacity in Core/Ap4Array.h...

CVE-2022-3297 Use After Free in vim/vim

Use After Free in GitHub repository vim/vim prior to 9.0.0579...

GHSA-JWH2-VRR9-VCP2 mz-avro's incorrect use of `set_len` allows for un-initialized memory

Affected versions of this crate passes an uninitialized buffer to a user-provided Read implementation. Arbitrary Read implementations can read from the uninitialized buffer memory exposure and also can return incorrect number of bytes written to the buffer. Reading from uninitialized memory...

mz-avro's incorrect use of `set_len` allows for un-initialized memory

Affected versions of this crate passes an uninitialized buffer to a user-provided Read implementation. Arbitrary Read implementations can read from the uninitialized buffer memory exposure and also can return incorrect number of bytes written to the buffer. Reading from uninitialized memory...

Playing Doom on a John Deere tractor with Sick Codes: Lock and Code S03E18

In 1993, the video game developers at id Software released Doom, a first-person shooter that placed a nameless protagonist into the fiery depths of hell, equipped with an arsenal of weapons to mow down imps, demons, lost souls, and the intimidating "Barons of Hell." In 2022, the hacker Sick Codes...

Unable to receive email and calendar notifications from Secure Mail on Android 13

customers are unable to receive email and/or calendar notifications on Android 13...

SUSE-SU-2022:2871-1 Security update for p11-kit

This update for p11-kit fixes the following issues: - CVE-2020-29362: Fixed a 4 byte overread that could lead to crashes bsc1180065...

MAL-2022-7134 Malicious code in wheen (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 655201563d4b139a1598af2b64d99cc06c1daa8321feb29318732a99ce418374 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-5112 Malicious code in optional-dep-wont-be-found (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2226cdc4dac73c40bc10584ecdb520dfdf47b568418de61acf37fd8cef42daf5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

PT-2022-22491 · Pngdec · Pngdec

Name of the Vulnerable Software and Affected Versions: PNGDec version prior to the version that includes the fix for the issue in commit 8abf6be Description: A floating-point exception issue was discovered in PNGDec, specifically in the SaveBMP function located at /linux/main.cpp. Recommendations...

SUSE-SU-2022:2752-1 Security update for python-codecov

This update for python-codecov fixes the following issues: - CVE-2019-10800: Fixed sanitization of gcov arguments before being being provided to the popen method bsc1201494...

Workspace error 2306 happen when ICA file located in path which contains Chinese characters

Workspace error 2306 happen when ICA file located in path which contains Chinese character. Error message "Could not find the file named "C:??\.ica. Please check your installation , or contact your administrator."...

CWA Android : Citrix Workspace could not verify server or email address, Error code 437

CWA Android : Getting an error "Citrix workspace app could not verify the specified server or email address error code 437". when trying to logon to Workspace app for second time it shows this error...

OSV-2022-594 Container-overflow in STOFFStarMathToMMLConverterInternal::Parser::convert

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=49164 Crash type: Container-overflow READ 1 Crash state: STOFFStarMathToMMLConverterInternal::Parser::convert STOFFStarMathToMMLConverterInternal::Parser::parse STOFFStarMathToMMLConverter::convertStarMath...

CVE-2021-33656

When setting font with malicous data by ioctl cmd PIOFONT,kernel will write memory out of bounds...

SUSE-SU-2022:2405-2 Security update for p11-kit

This update for p11-kit fixes the following issues: - CVE-2020-29362: Fixed a 4 byte overread in p11rpcbuffergetbytearray which could lead to crashes bsc1180065...

ASB-A-231275476

In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

MAL-2022-5449 Malicious code in prepaid-paypal (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c68d977d75c5f9cd78d29e0aed942e0027de8b85b841b415f2aa34cbb91bd442 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...