** UNSUPPORTED WHEN ASSIGNED ** An issue in the UPnP protocol in 4thline cling 2.0.0 through 2.1.2 allows remote attackers to cause a denial of service via an unchecked CALLBACK parameter in the request header.
Directory Traversal vulnerability ZDBQAREFSUBDIR parameter in /zropusermgmt API in Zoho ManageEngine Analytics Plus before 4350 allows remote attackers to run arbitrary code.
Out-of-Band XML External Entity (OOB-XXE) vulnerability in Zoho ManageEngine Analytics Plus before 4.3.5 allows remote attackers to read arbitrary files, enumerate folders and scan internal ports via crafted XML license file.
Directory traversal vulnerability in wkhtmltopdf through 0.12.5 allows remote attackers to read local files and disclose sensitive information via a crafted html file running with the default configurations.
qemu-6.2.0-14.fc36
lsi53c895a: Do not abort when DMA requested and no data queued (#552)
lsi53c895a: Fix use-after-free in lsi_do_msgout (CVE-2022-0216) (rhbz#2070902)
After deploying the initial attack, the researcher was able to escape the macOS sandbox
The news comes from two different security reports published by SEKOIA and Trend Micro
dotnet6.0-6.0.108-1.fc35
This is the monthly update for .NET for August 2022. This updates the .NET SDK to 6.0.108 and .NET Runtime to 6.0.8.
This update includes a fix for CVE 2022-34716.
dotnet6.0-6.0.108-1.fc36
This is the monthly update for .NET for August 2022. This updates the .NET SDK to 6.0.108 and .NET Runtime to 6.0.8.
This update includes a fix for CVE 2022-34716.
vim-9.0.213-1.fc35
patchlevel 213
Security fixes for CVE-2022-2819, CVE-2022-2816, CVE-2022-2817
