Microweber version 1.3.1 allows an unauthenticated user to perform an account takeover via an XSS on the ‘select-file’ parameter.

Read More

Tiny File Manager version 2.4.8 allows an unauthenticated remote attacker to execute arbitrary code remotely on the server. This is possible because the application is vulnerable to CSRF, processes uploaded files server-side (instead of just returning them for download), and allows unauthenticated users to access uploaded files.

Read More

FEDORA-2022-cf9ae8e4ff

Packages in this update:

wireshark-4.0.1-1.fc37

Update description:

New version 4.0.1, Fix for bug #2148308, fix for CVE-2022-3725

Read More

FEDORA-2022-ec48d2c1b4

Packages in this update:

firefox-107.0-4.fc35

Update description:

Fixed VA-API playback artifacts (mzbz#1779186)

New upstream version (107.0)

Read More

FEDORA-EPEL-2022-15988b1700

Packages in this update:

qpress-20220819-3.el8

Update description:

Security fix for CVE-2022-45866

Read More

FEDORA-EPEL-2022-f6c990ebdd

Packages in this update:

qpress-20220819-1.el9

Update description:

Security fix for CVE-2022-45866

Read More

FEDORA-2022-0ff8149aad

Packages in this update:

qpress-20220819-1.fc35

Update description:

Security fix for CVE-2022-45866

Read More

FEDORA-2022-e19ca639ef

Packages in this update:

qpress-20220819-1.fc36

Update description:

Security fix for CVE-2022-45866

Read More

FEDORA-2022-dacf699829

Packages in this update:

qpress-20220819-1.fc37

Update description:

Security fix for CVE-2022-45866

Read More

FEDORA-2022-9172acadf8

Packages in this update:

qpress-20220819-1.fc38

Update description:

Automatic update for qpress-20220819-1.fc38.

Changelog

* Fri Nov 25 2022 Davide Cavalca <dcavalca@fedoraproject.org> 20220819-1
– Switch to new upstream and update to 20220819 (Fixes: RHBZ#2147535,
RHBZ#2147537)

Read More