freerdp-2.8.1-1.fc37
FEDORA-2022-d6310a1308 Packages in this update: freerdp-2.8.1-1.fc37 Update description: Update to 2.8.1 (CVE-2022-39282, CVE-2022-39283). Read More
ZDI-22-1592: Parse Server _expandResultOnKeyPath Prototype Pollution Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Parse Server. Authentication is required to exploit this vulnerability. Read More
ZDI-22-1591: Parse Server buildUpdatedObject Prototype Pollution Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Parse Server. Authentication is required to exploit this vulnerability. Read More
ZDI-22-1590: Parse Server transformUpdate Prototype Pollution Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Parse Server. Authentication is not required to exploit this vulnerability. Read More
ZDI-22-1589: Microsoft Windows Output Protection Manager Integer Overflow Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code...
Somnia Ransomware Targets Ukraine
FortiGuard Labs is aware of a report that a new ransomware "Somnia" was observed in attacks against Ukraine. Somnia ransomware was deployed as a final...
Emotet Distributed Through U.S. Election Themed Link Files
FortiGuard Labs has discovered that Emotet was recently delivered through an archive file that has a file name targeting those interested in the U.S. midterm...
USN-5722-1: nginx vulnerabilities
It was discovered that nginx incorrectly handled certain memory operations in the ngx_http_mp4_module module. A local attacker could possibly use this issue with a specially...
python3.7-3.7.15-2.fc35
FEDORA-2022-760d1eac9b Packages in this update: python3.7-3.7.15-2.fc35 Update description: Security fix for CVE-2022-37454 Read More
DSA-5279 wordpress – security update
Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform SQL injection, create open redirects, bypass authorization access, or...