Multiple vulnerabilities have been discovered in WordPress, the most severe of which could allow for SQL injection. WordPress is an open source content management system (CMS) which assist in the creation and hosting of web applications. Successful exploitation of the most severe of these vulnerabilities could allow for SQL injection. Depending on the privileges associated with the service, an attacker could then read, extract, or write to the backend database. Services which are configured to have fewer rights on the system and the backend database could be less impacted than those who operate with administrative rights.
FEDORA-2023-15c6e4be28 Packages in this update: mingw-binutils-2.39-6.fc38 Update description: Backport fix for CVE-2023-1579. Read More
USN-5966-2: amanda regression
USN-5966-1 fixed vulnerabilities in amanda. Unfortunately it introduced a regression in GNUTAR-based backups. This update reverts all of the changes...
FEDORA-2023-f992309b7e Packages in this update: ImageMagick-184.108.40.206-2.fc38 Update description: Fix missing epoch in ImageMagick-heic requires (#2181176) Update ImageMagick to 220.127.116.11 (#2176749)...
FEDORA-2023-354467acba Packages in this update: python-flask-restx-1.1.0-1.fc38 Update description: New upstream release Read More
The CODESYS runtime system in multiple versions allows an remote low privileged attacker to use a path traversal vulnerability to...
USN-5966-1: amanda vulnerabilities
Maher Azzouzi discovered an information disclosure vulnerability in the calcsize binary within amanda. calcsize is a suid binary owned by...