CVE-2020-18432
File Upload vulnerability in SEMCMS PHP 3.7 allows remote attackers to upload arbitrary files and gain escalated privileges. Read More
python-managesieve-0.7.1-6.fc37
FEDORA-2023-d797723a3e Packages in this update: python-managesieve-0.7.1-6.fc37 Update description: Fix use of ssl.wrap_socket() (CWE-295: Improper Certificate Validation) Read More
python-managesieve-0.7.1-6.fc38
FEDORA-2023-51b4d898bb Packages in this update: python-managesieve-0.7.1-6.fc38 Update description: Fix use of ssl.wrap_socket() (CWE-295: Improper Certificate Validation) Read More
golang-1.19.10-1.el7
FEDORA-EPEL-2023-560bc00f33 Packages in this update: golang-1.19.10-1.el7 Update description: Security fix for CVE-2023-29402, CVE-2023-29403,CVE-2023-29404, CVE-2023-29405, and CVE-2022-32149 Read More
CVE-2020-26710
easy-parse v0.1.1 was discovered to contain a XML External Entity Injection (XXE) vulnerability which allows attackers to execute arbitrary code via a crafted XML file....
CVE-2020-26709
py-xml v1.0 was discovered to contain an XML External Entity Injection (XXE) vulnerability which allows attackers to execute arbitrary code via a crafted XML file....
CVE-2020-26708
requests-xml v0.2.3 was discovered to contain an XML External Entity Injection (XXE) vulnerability which allows attackers to execute arbitrary code via a crafted XML file....
USN-6194-1: Linux kernel (OEM) vulnerabilities
Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a...
Russian Cybersecurity Executive Arrested for Alleged Role in 2012 Megahacks
Nikita Kislitsin, formerly the head of network security for one of Russia’s top cybersecurity firms, was arrested last week in Kazakhstan in response to 10-year-old...
NSA and CISA Release Guidelines to Secure CI/CD Environments
The guidelines highlight three key threat scenarios and recommends mitigations for each Read More