A vulnerability, which was classified as problematic, has been found in Alpine PhotoTile for Instagram Plugin 1.2.7.7. Affected by this issue is some unknown functionality. The manipulation leads to basic cross site scripting. The attack may be launched remotely.
A vulnerability, which was classified as critical, was found in VaultPress Plugin 1.8.4. This affects an unknown part. The manipulation leads to code injection. It is possible to initiate the attack remotely.
A vulnerability has been found in Atahualpa Theme and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to basic cross site scripting. The attack can be launched remotely.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint Server. Authentication is required to exploit this vulnerability.
cadvisor-0.44.1-3.fc37
containerd-1.6.6-4.fc37
golang-github-cloudflare-redoctober-0-0.12.20210114git99c99a8.fc37
golang-github-intel-goresctrl-0.2.0-6.fc37
golang-github-oklog-0.3.2-11.20190701gitca7cdf5.fc37
golang-github-prometheus-2.32.1-6.fc37
golang-github-prometheus-node-exporter-1.3.1-9.fc37
golang-github-theupdateframework-notary-0.7.0-6.fc37
nebula-1.5.2-5.fc37
open-policy-agent-0.31.0-6.fc37
Rebuild to mitigate CVE-2022-21698 (rhbz#2067400).
A new research project has uncovered 56 vulnerabilities in operational technology (OT) devices from 10 different vendors, all of which stem from insecurely designed or implemented functionality rather than programming errors. This highlights that despite the increased attention this type of critical devices have received over the past decade from both security researchers and malicious attackers, the industry is still not following fundamental secure-by-design principles.
“Exploiting these vulnerabilities, attackers with network access to a target device could remotely execute code, change the logic, files or firmware of OT devices, bypass authentication, compromise credentials, cause denials of service or have a variety of operational impacts,” researchers from security firm Forescout said in their new report.
xen-4.15.2-5.fc35
x86: MMIO Stale Data vulnerabilities [XSA-404, CVE-2022-21123,
CVE-2022-21125, CVE-2022-21166]
x86 pv: Race condition in typeref acquisition [XSA-401, CVE-2022-26362]
x86 pv: Insufficient care with non-coherent mappings [ XSA-402,
CVE-2022-26363, CVE-2022-26364]
golang-github-prometheus-client-1.12.2-2.fc36
Update to 1.12.1 Close: rhbz#2042592
Mitigate CVE-2022-21698 (rhbz#2067400).
xen-4.16.1-4.fc36
x86: MMIO Stale Data vulnerabilities [XSA-404, CVE-2022-21123,
CVE-2022-21125, CVE-2022-21166]
apptainer-1.0.2-2.fc36
asciigraph-0.5.5-2.fc36
buildah-1.26.1-4.fc36
butane-0.14.0-2.fc36
caddy-2.4.6-3.fc36
cheat-4.2.2-4.fc36
clipman-1.6.1-3.fc36
cri-o-1.24.1-2.fc36
deepin-gir-generator-2.1.0-3.fc36
docker-distribution-2.6.2-17.git48294d9.fc36
git-lfs-3.1.2-4.fc36
git-octopus-2.0-0.4.beta.3.fc36.12
gmailctl-0.10.4-3.fc36
go-bindata-3.0.7-22.gita0ff256.fc36
godep-62-17.fc36
golang-1.18.3-2.fc36
golang-ariga-atlas-0.3.6-3.fc36
golang-entgo-ent-0.10.0-4.fc36
golang-github-chromedp-0.8.1-2.fc36
golang-github-client9-gospell-0-0.11.20190524git90dfc71.fc36
golang-github-elves-elvish-0.15.0-4.fc36
golang-github-google-dap-0.4.0-4.fc36
golang-github-heistp-irtt-0.9.1-2.fc36
golang-github-kalafut-imohash-1.0.2-3.fc36
golang-github-letsencrypt-pebble-2.3.1-5.fc36
golang-github-lofanmi-pinyin-1.0-4.fc36
golang-github-lunixbochs-vtclean-1.0.0-8.fc36
golang-github-mbndr-figlet4go-0-0.8.20191009gitd6cef5b.fc36
golang-github-mozillazg-pinyin-0.19.0-4.fc36
golang-github-msprev-fzf-bibtex-1.1-5.20220205gitd5df2c6.fc36
golang-github-rickb777-date-1.19.1-2.fc36
golang-github-segmentio-ksuid-1.0.4-3.fc36
golang-github-sqshq-sampler-1.1.0-9.fc36
golang-github-tomnomnom-xtermcolor-0.1.2-8.fc36
golang-github-tscholl2-siec-0-3.20211128git9bdfc48.fc36
golang-github-zyedidia-highlight-0-0.6.20200218git291680f.fc36
golang-rsc-pdf-0.1.1-10.fc36
golang-starlark-0-0.7.20210113gite81fc95.fc36
gomtree-0.4.0-11.fc36
google-guest-agent-20201217.02-4.fc36
gotun-0-0.14.gita9dbe4d.fc36
grafana-7.5.15-3.fc36
grafana-pcp-3.2.0-3.fc36
gron-0.7.1-2.fc36
ignition-2.14.0-2.fc36
kata-containers-2.3.3-2.fc36.1
kompose-1.17.0-9.fc36
manifest-tool-2.0.3-2.fc36
oci-seccomp-bpf-hook-1.2.5-3.fc36
origin-3.11.2-6.fc36
osbuild-composer-55-2.fc36
pack-0.27.0~rc1-4.fc36
podman-4.1.1-2.fc36
reposurgeon-4.32-2.fc36
restic-0.12.1-3.fc36
runc-1.1.1-2.fc36
singularity-3.8.7-2.fc36
skopeo-1.8.0-9.fc36
xe-guest-utilities-latest-7.30.0-4.fc36
Rebuilt for CVE-2022-1996, CVE-2022-24675, CVE-2022-28327, CVE-2022-27191, CVE-2022-29526, CVE-2022-30629.
osbuilder: Fix wrong config setting
