CVE-2022-2311
The Find and Replace All WordPress plugin before 1.3 does not sanitize and escape some parameters from its setting page before outputting them back to...
CVE-2021-25059
The Download Plugin WordPress plugin before 2.0.0 does not properly validate a user has the required privileges to access a backup's nonce identifier, which may...
USN-5744-1: libICE vulnerability
It was discovered that libICE was using a weak mechanism to generate the session cookies. A local attacker could possibly use this issue to perform...
slurm-22.05.6-1.fc38
FEDORA-2022-6a9dc1d46b Packages in this update: slurm-22.05.6-1.fc38 Update description: Automatic update for slurm-22.05.6-1.fc38. Changelog * Sun Nov 27 2022 Philip Kovacs <pkfed@fedoraproject.org> - 22.05.6-1 - Update...
DSA-5290 commons-configuration2 – security update
Apache Commons Configuration, a Java library providing a generic configuration interface, performs variable interpolation, allowing properties to be dynamically evaluated and expanded. Starting with version...
DSA-5291 mujs – security update
Multiple security issues were discovered in MuJS, a lightweight JavaScript interpreter, which could result in denial of service and potentially the execution of arbitrary code....
DSA-5289 chromium – security update
Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code. Read More
CVE-2022-24999 (express, qs)
qs before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node process hang for an Express application because...
A Vulnerability in Google Chrome Could Allow for Arbitrary Code Execution
A Vulnerability has been discovered in Google Chrome which could allow for arbitrary code execution. Google Chrome is a web browser used to access the...
CVE-2022-0698
Microweber version 1.3.1 allows an unauthenticated user to perform an account takeover via an XSS on the 'select-file' parameter. Read More