ZDI-22-1302: Rockwell Automation ThinManager ThinServer URI Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Rockwell Automation ThinManager. Authentication is not required to exploit this vulnerability. Read...
dropbear-2019.78-4.el8
FEDORA-EPEL-2022-54e8e9bf3b Packages in this update: dropbear-2019.78-4.el8 Update description: Backport fix for CVE-2020-36254, resolves rhbz#1933067 Read More
dropbear-2017.75-2.el7
FEDORA-EPEL-2022-f0317a13d8 Packages in this update: dropbear-2017.75-2.el7 Update description: Backport fix for CVE-2018-15599, resolves rhbz#1623177 Backport fix for CVE-2020-36254, resolves rhbz#1933067 Read More
DSA-5241 wpewebkit – security update
The following vulnerabilities have been discovered in the WPE WebKit web engine: Read More
DSA-5240 webkit2gtk – security update
The following vulnerabilities have been discovered in the WebKitGTK web engine: Read More
DSA-5243 lighttpd – security update
Several vulnerabilities were discovered in lighttpd, a fast webserver with minimal memory footprint. Read More
DSA-5242 maven-shared-utils – security update
It was discovered that the Commandline class in maven-shared-utils, a collection of various utility classes for the Maven build system, can emit double-quoted strings without...
DSA-5244 chromium – security update
Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. Read More
CVE-2021-41433
SQL Injection vulnerability exists in version 1.0 of the Resumes Management and Job Application Website application login form by EGavilan Media that allows authentication bypass...
openssl3-3.0.1-41.el8.1
FEDORA-EPEL-2022-3bebee4625 Packages in this update: openssl3-3.0.1-41.el8.1 Update description: Sync with CentOS Stream 9's openssl to pick up CVE fixes Read More