Read Time:5 Second
SQL Injection vulnerability in function get_user in login_manager.php in rizalafani cms-php v1.
Category Archives: Advisories
CVE-2022-23740
Read Time:21 Second
CRITICAL: An improper neutralization of argument delimiters in a command vulnerability was identified in GitHub Enterprise Server that enabled remote code execution. To exploit this vulnerability, an attacker would need permission to create and build GitHub Pages using GitHub Actions. This vulnerability affected only version 3.7.0 of GitHub Enterprise Server and was fixed in version 3.7.1. This vulnerability was reported via the GitHub Bug Bounty program.
CVE-2009-1142
Read Time:12 Second
An issue was discovered in open-vm-tools 2009.03.18-154848. Local users can gain privileges via a symlink attack on /tmp files if vmware-user-suid-wrapper is setuid root and the ChmodChownDirectory function is enabled.
CVE-2009-1143
Read Time:11 Second
An issue was discovered in open-vm-tools 2009.03.18-154848. Local users can bypass intended access restrictions on mounting shares via a symlink attack that leverages a realpath race condition in mount.vmhgfs (aka hgfsmounter).
CVE-2021-35246
Read Time:13 Second
The application fails to prevent users from connecting to it over unencrypted connections. An attacker able to modify a legitimate user’s network traffic could bypass the application’s use of SSL/TLS encryption and use the application as a platform for attacks against its users.
USN-5739-1: MariaDB vulnerabilities
Read Time:19 Second
Several security issues were discovered in MariaDB and this update
includes new upstream MariaDB versions to fix these issues.
MariaDB has been updated to 10.3.37 in Ubuntu 20.04 LTS and to 10.6.11
in Ubuntu 22.04 LTS and Ubuntu 22.10.
In addition to security fixes, the updated packages contain bug fixes,
new features, and possibly incompatible changes.
USN-5638-3: Expat vulnerability
Read Time:27 Second
USN-5638-1 fixed a vulnerability in Expat. This update provides
the corresponding updates for Ubuntu 16.04 ESM, Ubuntu 18.04 LTS,
Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2022-43680)
This update also fixes a minor regression introduced in
Ubuntu 18.04 LTS.
We apologize for the inconvenience.
Original advisory details:
Rhodri James discovered that Expat incorrectly handled memory when
processing certain malformed XML files. An attacker could possibly
use this issue to cause a crash or execute arbitrary code.
mariadb-10.5-3620221121091939.5e5ad4a0
Read Time:11 Second
FEDORA-MODULAR-2022-d8e8a4ba1e
Packages in this update:
mariadb-10.5-3620221121091939.5e5ad4a0
Update description:
MariaDB 10.5.18 & Galera 26.4.13
Release notes:
mariadb-10.5-3720221121091939.9e842022
Read Time:11 Second
FEDORA-MODULAR-2022-5bfccade30
Packages in this update:
mariadb-10.5-3720221121091939.9e842022
Update description:
MariaDB 10.5.18 & Galera 26.4.13
Release notes:
mariadb-10.5-3520221121091939.f27b74a8
Read Time:11 Second
FEDORA-MODULAR-2022-87965d9e1f
Packages in this update:
mariadb-10.5-3520221121091939.f27b74a8
Update description:
MariaDB 10.5.18 & Galera 26.4.13
Release notes: