A directory traversal vulnerability in the SevenZipFile.extractall() function of the python library py7zr versions 0.20.0 and earlier allows attackers to read arbitrary files on the local machine via a malicious 7z file extraction.
7aa7ca72652dab91234127d8332a19316f0f61be17e1c626e65aae18d9435347
Red Hat Security Advisory 2022-8880-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR7-FP20. Issues addressed include a randomization vulnerability.
6b0e12669a496c03e3fcf417bfe87a62a2c1c1451873324aef6c10e400194730
Red Hat Security Advisory 2022-8876-01 - AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. This release of Red Hat AMQ Broker 7.10.2 includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include a denial of service vulnerability.
dd653c1e0ad52e5524dc257ed3b3491dcdb1dcd93451da4187a377acfe1bde05
Ubuntu Security Notice 5763-1 - It was discovered that NumPy did not properly manage memory when specifying arrays of large dimensions. If a user were tricked into running malicious Python file, an attacker could cause a denial of service. This issue only affected Ubuntu 20.04 LTS. It was discovered that NumPy did not properly perform string comparison operations under certain circumstances. An attacker could possibly use this issue to cause NumPy to crash, resulting in a denial of service.
40ada0f71cfe2246d74c5f52c1ed606d4312af2338630c27267a73a8c26a3306
Debian Linux Security Advisory 5297-1 - A buffer overflow was discovered in the VNC module of the VLC media player, which could result in the execution of arbitrary code.
1932c3f067fe022922016500edfcf5a3b134777fbe512aa901a245195dd1b232
Red Hat Security Advisory 2022-8831-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include an out of bounds write vulnerability.
50c271f0b0d6d84c3fb3d786ecac2acea7b4382b11e411eba6ab38cbd9f4680f
pixman versions prior to 0.42.2 suffer from an out-of-bounds write vulnerability in rasterize_edges_8 due to an integer overflow in pixman_sample_floor_y.
e8d1ce418867fdf8b59910f6c8d388ea1ee007702037ba0202790a597b53fd71
Red Hat Security Advisory 2022-8827-01 - Updated images are now available for Red Hat Advanced Cluster Security (RHACS). The updated image includes new features and bug fixes.
b2990f12fddee6673026ad3d6854e939c3c58799a4b8cdf7662cbeffd7540f1c
Red Hat Security Advisory 2022-8832-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a denial of service vulnerability.
99898e5a24c6a706859217c62159cda53c2a077c0caf7753ee1e97e40c6ad0e1
Red Hat Security Advisory 2022-8833-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a denial of service vulnerability.
e9e729a24a297018e2baaa36c9d21c52f75aa1a00dfda56fe78c6e1ad638a1df
Debian Linux Security Advisory 5296-1 - Robin Peraglie and Johannes Moritz discovered an argument injection bug in the xfce4-mime-helper component of xfce4-settings, which can be exploited using the xdg-open common tool. Since xdg-open is used by multiple standard applications for opening links, this bug could be exploited by an attacker to run arbitrary code on an user machine by providing a malicious PDF file with specifically crafted links.
5313fb47906b2d901e10c9452bdc90cb3b55ceae32efa216ba1a94c0076fec3a