CVE-2021-23648
The package @braintree/sanitize-url before 6.0.0 are vulnerable to Cross-site Scripting (XSS) due to improper sanitization in sanitizeUrl function. Read More
Drupal core – Moderately critical – Third-party libraries – SA-CORE-2022-005
Project: Drupal core Date: 2022-March-16 Security risk: Moderately critical 13∕25 AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:Default Vulnerability: Third-party libraries CVE IDs: CVE-2022-24728 CVE-2022-24729 Description: The Drupal project uses the CKEditor...
CVE-2021-23165
A flaw was found in htmldoc before v1.9.12. Heap buffer overflow in pspdf_prepare_outpages(), in ps-pdf.cxx may lead to execute arbitrary code and denial of service....
CVE-2021-23158
A flaw was found in htmldoc in v1.9.12. Double-free in function pspdf_export(),in ps-pdf.cxx may result in a write-what-where condition, allowing an attacker to execute arbitrary...
CVE-2021-20299
A flaw was found in OpenEXR's Multipart input file functionality. A crafted multi-part input file with no actual parts can trigger a NULL pointer dereference....
CVE-2021-20257
An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits (tx) descriptors in process_tx_desc if...
CVE-2021-20180
A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when...
CVE-2021-0957
In NotificationStackScrollLayout of NotificationStackScrollLayout.java, there is a possible way to bypass Factory Reset Protections. This could lead to local escalation of privilege with no additional...
CVE-2020-25721
Kerberos acceptors need easy access to stable AD identifiers (eg objectSid). Samba as an AD DC now provides a way for Linux applications to obtain...
openvpn-2.5.6-1.fc35
FEDORA-2022-a9bd17092d Packages in this update: openvpn-2.5.6-1.fc35 Update description: This is a maintenance release of OpenVPN 2.5 with a security fix when used in server mode...