Category Archives: Advisories

python-engineio-4.3.4-2.fc38

Read Time:22 Second

FEDORA-2022-8ca9330e57

Packages in this update:

python-engineio-4.3.4-2.fc38

Update description:

Automatic update for python-engineio-4.3.4-2.fc38.

Changelog

* Thu Sep 15 2022 Benjamin A. Beasley <code@musicinmybrain.net> 4.3.4-2
– Don’t ship package-lock.json files with the examples
– This keeps from having automated bugs filed for irrelevant CVE’s in NPM
packages that are mentioned there. See RHBZ#2127005.

Read More

CVE-2018-25047

Read Time:15 Second

In Smarty before 3.1.47 and 4.x before 4.2.1, libs/plugins/function.mailto.php allows XSS. A web page that uses smarty_function_mailto, and that could be parameterized using GET or POST input parameters, could allow injection of JavaScript code by a user.

Read More

CVE-2020-36603

Read Time:15 Second

The HoYoVerse (formerly miHoYo) Genshin Impact mhyprot2.sys 1.0.0.0 anti-cheat driver does not adequately restrict unprivileged function calls, allowing local, unprivileged users to execute arbitrary code with SYSTEM privileges on Microsoft Windows systems. The mhyprot2.sys driver must first be installed by a user with administrative privileges.

Read More

CVE-2021-38924

Read Time:15 Second

IBM Maximo Asset Management 7.6.1.1 and 7.6.1.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 210163.

Read More