Riasztások

NVD: all CVE · 2020. szeptember 19.

CVE-2020-25789

An issue was discovered in Tiny Tiny RSS (aka tt-rss) before 2020-09-16. The cached_url feature mishandles JavaScript inside an SVG document.
NVD: all CVE · 2020. szeptember 19.

CVE-2020-25790

** DISPUTED ** Typesetter CMS 5.x through 5.1 allows admins to upload and execute arbitrary PHP code via a .php file inside a ZIP archive. NOTE: the vendor disputes the significance of this report because "admins are considered trustworthy"; however, the behavior "contradicts our security policy" and is being fixed for 5.2.
NVD: all CVE · 2020. szeptember 19.

CVE-2020-25791

An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, the array size is not checked when constructed with unit().
NVD: all CVE · 2020. szeptember 19.

CVE-2020-25792

An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, the array size is not checked when constructed with pair().
NVD: all CVE · 2020. szeptember 19.

CVE-2020-25793

An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, the array size is not checked when constructed with From<InlineArray<A, T>>.
NVD: all CVE · 2020. szeptember 19.

CVE-2020-25794

An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, clone can have a memory-safety issue upon a panic.
NVD: all CVE · 2020. szeptember 19.

CVE-2020-25795

An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, insert_from can have a memory-safety issue upon a panic.
NVD: all CVE · 2020. szeptember 19.

CVE-2020-25796

An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the InlineArray implementation, an unaligned reference may be generated for a type that has a large alignment requirement.
NVD: all CVE · 2020. szeptember 19.

CVE-2020-25787

An issue was discovered in Tiny Tiny RSS (aka tt-rss) before 2020-09-16. It does not validate all URLs before requesting them.
NVD: all CVE · 2020. szeptember 19.

CVE-2020-25788

An issue was discovered in Tiny Tiny RSS (aka tt-rss) before 2020-09-16. imgproxy in plugins/af_proxy_http/init.php mishandles $_REQUEST["url"] in an error message.
NVD: all CVE · 2020. szeptember 19.

CVE-2020-25786

** UNSUPPORTED WHEN ASSIGNED ** webinc/js/info.php on D-Link DIR-816L 2.06.B09_BETA and DIR-803 1.04.B02 devices allows XSS via the HTTP Referer header. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: this is typically not exploitable because of URL encoding (except in Internet Explorer) and because a web page cannot specify that a client should make an additional HTTP request with an arbitrary Referer header.
Linux security Advisories · 2020. szeptember 19.

Fedora 31: mingw-libxml2 2020-7dd29dacad>

Add fix for CVE-2020-24977 (RHBZ#1877788, RHBZ#1877789).
Linux security Advisories · 2020. szeptember 19.

Fedora 31: gnutls 2020-30cd8d9ad6>

Update to the new upstream 3.6.15 release. ---- - Fix memory leak when serializing iovec_t (#1845083) - Fix automatic libraries sonames detection (#1845806)
Linux security Advisories · 2020. szeptember 19.

Fedora 31: cryptsetup 2020-5ed5af6275>

Update to cryptsetup 2.3.4. Security fix for CVE-2020-14382
Linux security Advisories · 2020. szeptember 19.

Fedora 32: chromium 2020-9b9e8e5306>

Update Chromium to 85.0.4183.102. Fix issue where unpackaged components prevented hardware accelerated rendering from working. Also fixes the following security issues: CVE-2020-6573 CVE-2020-6574 CVE-2020-6575 CVE-2020-6576 CVE-2020-15959
Linux security Advisories · 2020. szeptember 19.

Fedora 32: mingw-libxml2 2020-b60dbdd538>

Add fix for CVE-2020-24977 (RHBZ#1877788, RHBZ#1877789).
Linux security Advisories · 2020. szeptember 19.

openSUSE: 2020:1453-1: moderate: lilypond>

An update that fixes one vulnerability is now available.
Linux security Advisories · 2020. szeptember 19.

openSUSE: 2020:1468-1: moderate: slurm_18_08>

An update that fixes one vulnerability is now available.
Linux security Advisories · 2020. szeptember 19.

openSUSE: 2020:1458-1: moderate: libjpeg-turbo>

An update that fixes one vulnerability is now available.
Linux security Advisories · 2020. szeptember 19.

openSUSE: 2020:1465-1: moderate: libxml2>

An update that fixes one vulnerability is now available.