This vulnerability allows remote attackers to execute arbitrary code on affected installations of Rockwell Automation ThinManager. Authentication is not required to exploit this vulnerability.

Read More

FEDORA-EPEL-2022-54e8e9bf3b

Packages in this update:

dropbear-2019.78-4.el8

Update description:

Backport fix for CVE-2020-36254, resolves rhbz#1933067

Read More

FEDORA-EPEL-2022-f0317a13d8

Packages in this update:

dropbear-2017.75-2.el7

Update description:

Backport fix for CVE-2018-15599, resolves rhbz#1623177
Backport fix for CVE-2020-36254, resolves rhbz#1933067

Read More

The following vulnerabilities have been discovered in the WPE WebKit
web engine:

Read More

The following vulnerabilities have been discovered in the WebKitGTK
web engine:

Read More

Several vulnerabilities were discovered in lighttpd, a fast webserver
with minimal memory footprint.

Read More

It was discovered that the Commandline class in maven-shared-utils, a
collection of various utility classes for the Maven build system, can
emit double-quoted strings without proper escaping, allowing shell
injection attacks.

Read More

Multiple security issues were discovered in Chromium, which could result
in the execution of arbitrary code, denial of service or information
disclosure.

Read More

SQL Injection vulnerability exists in version 1.0 of the Resumes Management and Job Application Website application login form by EGavilan Media that allows authentication bypass through login.php.

Read More

FEDORA-EPEL-2022-3bebee4625

Packages in this update:

openssl3-3.0.1-41.el8.1

Update description:

Sync with CentOS Stream 9’s openssl to pick up CVE fixes

Read More