Read Time:4 Second
The following vulnerabilities have been discovered in the WPE WebKit
web engine:
Category Archives: Advisories
DSA-5240 webkit2gtk – security update
Read Time:3 Second
The following vulnerabilities have been discovered in the WebKitGTK
web engine:
DSA-5243 lighttpd – security update
Read Time:4 Second
Several vulnerabilities were discovered in lighttpd, a fast webserver
with minimal memory footprint.
DSA-5242 maven-shared-utils – security update
Read Time:10 Second
It was discovered that the Commandline class in maven-shared-utils, a
collection of various utility classes for the Maven build system, can
emit double-quoted strings without proper escaping, allowing shell
injection attacks.
DSA-5244 chromium – security update
Read Time:7 Second
Multiple security issues were discovered in Chromium, which could result
in the execution of arbitrary code, denial of service or information
disclosure.
CVE-2021-41433
Read Time:9 Second
SQL Injection vulnerability exists in version 1.0 of the Resumes Management and Job Application Website application login form by EGavilan Media that allows authentication bypass through login.php.
openssl3-3.0.1-41.el8.1
Read Time:9 Second
FEDORA-EPEL-2022-3bebee4625
Packages in this update:
openssl3-3.0.1-41.el8.1
Update description:
Sync with CentOS Stream 9’s openssl to pick up CVE fixes
CVE-2021-27854
Read Time:10 Second
Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using combinations of VLAN 0 headers, LLC/SNAP headers, and converting frames from Ethernet to Wifi and its reverse.
CVE-2021-27861
Read Time:7 Second
Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length (and optionally VLAN0 headers)
CVE-2021-27862
Read Time:9 Second
Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length and Ethernet to Wifi frame conversion (and optionally VLAN0 headers).