thunderbird-stable-3720221208233638.1
Update to 102.5.1 ; https://www.mozilla.org/en-US/security/advisories/mfsa2022-50/ ; https://www.thunderbird.net/en-US/thunderbird/102.5.1/releasenotes/
pgadmin4-6.17-2.fc37
Fix compatibility with newer python-azure-mgmt-rdbms.
Update to pgadmin4-6.17, see https://www.pgadmin.org/docs/pgadmin4/development/release_notes_6_17.html for details.
rubygem-nokogiri-1.13.10-1.fc36
A potential bug was found on nokogiri on or before 1.13.9 overlooked some return values from functions used internally. This can lead to raise some illegal exception. This bug was assigned as CVE-2022-23476. This new rpm should fix this issue.
rubygem-nokogiri-1.13.10-1.fc37
A potential bug was found on nokogiri on or before 1.13.9 overlooked some return values from functions used internally. This can lead to raise some illegal exception. This bug was assigned as CVE-2022-23476. This new rpm should fix this issue.
Posted by Thomas Weber on Dec 08
CyberDanube Security Research 20221130-1
——————————————————————————-
title| Authenticated Command Injection
product| Delta Electronics DVW-W02W2-E2
vulnerable version| V2.42
fixed version| V2.5.2
CVE number| –
impact| High
homepage|…
Posted by Thomas Weber on Dec 08
CyberDanube Security Research 20221130-0
——————————————————————————-
title| Multiple Vulnerabilities
product| Delta Electronics DX-2100-L1-CN
vulnerable version| V1.5.0.10
fixed version| V1.5.0.12
CVE number| –
impact| High
homepage|…
Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Dec 08
SEC Consult Vulnerability Lab Security Advisory < 20221206-0 >
=======================================================================
title: Multiple critical vulnerabilities
product: ILIAS eLearning platform
vulnerable version: <= 7.15
fixed version: 7.16
CVE number: CVE-2022-45915, CVE-2022-45916, CVE-2022-45917,
CVE-2022-45918
impact: critical…
Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Dec 08
SEC Consult Vulnerability Lab Security Advisory < 20221201-0 >
=======================================================================
title: Replay attacks & Displaying arbitrary contents
product: Zhuhai Suny Technology ESL Tag / ETAG-TECH protocol
(electronic shelf labels)
vulnerable version: All
fixed version: –
CVE number: CVE-2022-45914
impact:…
Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Dec 08
SEC Consult Vulnerability Lab Security Advisory < 20221130-0 >
=======================================================================
title: Multiple critical vulnerabilities
product: Planet Enterprises Ltd – Planet eStream
vulnerable version: <6.72.10.07
fixed version: 6.72.10.07
CVE number: CVE-2022-45896, CVE-2022-45893, CVE-2022-45891,
CVE-2022-45889,…
Posted by Qualys Security Advisory via Fulldisclosure on Dec 08
Qualys Security Advisory
Race condition in snap-confine’s must_mkdir_and_open_with_perms()
(CVE-2022-3328)
========================================================================
Contents
========================================================================
Summary
Background
Exploitation
Acknowledgments
Timeline
I can’t help but feel a missed opportunity to integrate lyrics from
one of the best songs ever: [SNAP! – The…
