Security Warnings

<vuln:Note Title="Mariner" Type="Tag" Ordinal="20">Mariner

<vuln:Note Title="Mariner" Type="Tag" Ordinal="20">Mariner

After tar_close() libtar.c releases the memory pointed to by pointer t. After tar_close() is called in the list() function it continues to use pointer t: free_longlink_longname(t-&gt;th_buf) . As a result the released memory is used (use-after-free).

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2pdu.c has a use-after-free and OOPS for SMB2_TREE_DISCONNECT.

Insufficient randomness in github.com/Masterminds/goutils

Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser.

When doing HTTP(S) transfers libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send even when the `CURLOPT_POSTFIELDS` option has been set if the same handle previously was used to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the subsequent `POST` request. The problem exists in the logic for a reused handle when it is changed from a PUT to a POST.

Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability

Microsoft Defender SmartScreen Security Feature Bypass Vulnerability

Veeam Backup & Replication Remote Code Execution Vulnerability

Veeam Backup & Replication Remote Code Execution Vulnerability