MKCMS V6.2 has SQL injection via the /ucenter/active.php verify parameter.

Read More

MKCMS V6.2 has SQL injection via the /ucenter/repass.php name parameter.

Read More

MKCMS V6.2 has SQL injection via /ucenter/reg.php name parameter.

Read More

Devin Jeanpierre discovered that Python incorrectly handled sockets when
the multiprocessing module was being used. A local attacker could possibly
use this issue to execute arbitrary code and escalate privileges.

Read More

It was discovered that SQLite did not properly handle large string
inputs in certain circumstances. An attacker could possibly use this
issue to cause a denial of service or arbitrary code execution.

Read More

USN-5711-1 fixed a vulnerability in NTFS-3G. This update provides
the corresponding update for Ubuntu 14.04 ESM Ubuntu 16.04 ESM.

Original advisory details:

Yuchen Zeng and Eduardo Vela discovered that NTFS-3G incorrectly validated
certain NTFS metadata. A local attacker could possibly use this issue to
gain privileges.

Read More

FEDORA-2022-06e4f1dd58

Packages in this update:

vim-9.0.828-1.fc36

Update description:

Security fix for CVE-2022-3705

Read More

FEDORA-2022-4bc60c32a2

Packages in this update:

vim-9.0.828-1.fc37

Update description:

Security fix for CVE-2022-3705

Read More

FEDORA-2022-76b3530ac2

Packages in this update:

php-pear-CAS-1.6.0-1.fc35

Update description:

Changes in version 1.6.0

Bug Fixes:

Introduce required service_name constructor argument to fix service hostname discovery exploitation vulnerability CVE-2022-39369 (Henry Pan)
Set user agent [#421] (Fydon)

Read More

FEDORA-2022-d6c6782130

Packages in this update:

php-pear-CAS-1.6.0-1.fc37

Update description:

Changes in version 1.6.0

Bug Fixes:

Introduce required service_name constructor argument to fix service hostname discovery exploitation vulnerability CVE-2022-39369 (Henry Pan)
Set user agent [#421] (Fydon)

Read More