Monthly Archives: June 2023

Advisories

python-reportlab-4.0.4-2.fc38

Read Time:6 Second

FEDORA-2023-553fe307dc

Packages in this update:

python-reportlab-4.0.4-2.fc38

Update description:

Release 4.0.4

Read More

Advisories

CVE-2020-23066

Read Time:10 Second

Cross Site Scripting vulnerability in TinyMCE v.4.9.6 and before and v.5.0.0 thru v.5.1.4 allows an attacker to execute arbitrary code via the editor function.

Read More

Advisories

CVE-2020-23065

Read Time:11 Second

Cross Site Scripting vulnerabiltiy in eZ Systems AS uZPublish Platform v.5.4 and eZ Publish Legacy v.5.4 allows a remote authenticated attacker to execute arbitrary code via the video-js.swf.swf.

Read More

News

Latest MOVEit exploit hits thousands of NYC school students and staff

Read Time:29 Second

Personal data of over 45,000 public school students was compromised in a breach involving the file-transfer software MOVEit, according to a community letter sent to families and staff by the New York City Department of Education.

“DOE used MOVEit to transfer documents and data internally as well as to and from vendors, including third party special education service providers,” the letter said.  

The breach is the latest expoit of a SQL injection vulnerability found in MOVEit Transfer, a widely used file transfer software by Progress Software.

To read this article in full, please click here

Read More

Advisories

CVE-2022-40010

Read Time:10 Second

Tenda AC6 AC1200 Smart Dual-Band WiFi Router 15.03.06.50_multi was discovered to contain a cross-site scripting (XSS) vulnerability via the deviceId parameter in the Parental Control module.

Read More