Month: September 2023

FEDORA-2023-1bcd79cdf6 Packages in this update: thunderbird-115.2.2-1.fc39 Update description: Update to 115.2.2 ; https://www.thunderbird.net/en-US/thunderbird/115.1.0/releasenotes/ ; https://www.thunderbird.net/en-US/thunderbird/115.1.1/releasenotes/ ; https://www.thunderbird.net/en-US/thunderbird/115.2.0/releasenotes/ ; https://www.thunderbird.net/en-US/thunderbird/115.2.1/releasenotes/ ; https://www.thunderbird.net/en-US/thunderbird/115.2.2/releasenotes/ ; https://www.mozilla.org/en-US/security/advisories/mfsa2023-33/ ; https://www.mozilla.org/en-US/security/advisories/mfsa2023-38/...

Contao 3.x before 3.5.32 allows XSS via the unsubscribe module in the frontend newsletter extension. Read More

Composer before 2016-02-10 allows cache poisoning from other projects built on the same host. This results in attacker-controlled code entering a server-side build process. The...

webViewAction in Yii (aka Yii2) 2.x before 2.0.5 allows attackers to execute any local .php file via a relative path in the view parameeter. Read...

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that...

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that...

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that...