August 2023 – Page 205 – WindowsTechs.com

CVE-2022-47007 (binutils)

Posted on August 22, 2023 by National Vulnerability Database

An issue was discovered function stab_demangle_v3_arg in stabs.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks. Continue reading CVE-2022-47007 (binutils)→

CVE-2022-47696 (binutils)

Posted on August 22, 2023 by National Vulnerability Database

An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function compare_symbols. Continue reading CVE-2022-47696 (binutils)→

CVE-2022-47069 (p7zip)

Posted on August 22, 2023 by National Vulnerability Database

p7zip 16.02 was discovered to contain a heap-buffer-overflow vulnerability via the function NArchive::NZip::CInArchive::FindCd(bool) at CPP/7zip/Archive/Zip/ZipIn.cpp. Continue reading CVE-2022-47069 (p7zip)→

CVE-2022-44840 (binutils)

Posted on August 22, 2023 by National Vulnerability Database

Heap buffer overflow vulnerability in binutils readelf before 2.40 via function find_section_in_set in file readelf.c. Continue reading CVE-2022-44840 (binutils)→

CVE-2022-44729 (debian_linux, xml_graphics_batik)

Posted on August 22, 2023 by National Vulnerability Database

Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16.

On version 1.16, a malicious SVG could trigger loading external resources by default, causing … Continue reading CVE-2022-44729 (debian_linux, xml_graphics_batik)→

CVE-2022-44730 (debian_linux, xml_graphics_batik)

Posted on August 22, 2023 by National Vulnerability Database

Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16.

A malicious SVG can probe user profile / data and send it directly as parameter to a URL. Continue reading CVE-2022-44730 (debian_linux, xml_graphics_batik)→

CVE-2022-44730 (xml_graphics_batik)

Posted on August 22, 2023 by National Vulnerability Database

Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16.

A malicious SVG can probe user profile / data and send it directly as parameter to a URL. Continue reading CVE-2022-44730 (xml_graphics_batik)→

CVE-2022-43357 (libsass, sassc)

Posted on August 22, 2023 by National Vulnerability Database

Stack overflow vulnerability in ast_selectors.cpp in function Sass::CompoundSelector::has_real_parent_ref in libsass:3.6.5-8-g210218, which can be exploited by attackers to causea denial of service (DoS). Also affects the command line driver for libsas… Continue reading CVE-2022-43357 (libsass, sassc)→

CVE-2022-43358 (libsass)

Posted on August 22, 2023 by National Vulnerability Database

Stack overflow vulnerability in ast_selectors.cpp: in function Sass::ComplexSelector::has_placeholder in libsass:3.6.5-8-g210218, which can be exploited by attackers to cause a denial of service (DoS). Continue reading CVE-2022-43358 (libsass)→

CVE-2022-44215 (titan_ftp_server)

Posted on August 22, 2023 by National Vulnerability Database

There is an open redirect vulnerability in Titan FTP server 19.0 and below. Users are redirected to any target URL. Continue reading CVE-2022-44215 (titan_ftp_server)→