libvncclient v0.9.13 was discovered to contain a memory leak via the function rfbClientCleanup().

Read More

Modsecurity owasp-modsecurity-crs 3.2.0 (Paranoia level at PL1) has a SQL injection bypass vulnerability. Attackers can use the comment characters and variable assignments in the SQL syntax to bypass Modsecurity WAF protection and implement SQL injection attacks on Web applications.

Read More

Server-side Request Forgery (SSRF) vulnerability in PublicCMS before 4.0.202011.b via /publiccms/admin/ueditor when the action is catchimage.

Read More

FEDORA-2022-3be472fe11

Packages in this update:

protobuf-c-1.4.1-2.fc36

Update description:

Updated to version 1.4.1.

Read More

Possible authentication bypass due to improper order of signature verification and hashing in the signature verification call in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Read More

Improper checking of AP-S lock bit while verifying the secure resource group permissions can lead to non secure read and write access in Snapdragon Connectivity, Snapdragon Mobile

Read More

Possible address manipulation from APP-NS while APP-S is configuring an RG where it tries to merge the address ranges in Snapdragon Connectivity, Snapdragon Mobile

Read More

Possible authentication bypass due to improper order of signature verification and hashing in the signature verification call in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Read More

FEDORA-2022-5131c26a69

Packages in this update:

curl-7.82.0-8.fc36

Update description:

control code in cookie denial of service (CVE-2022-35252)

Read More

FEDORA-2022-20e0f8d1cd

Packages in this update:

curl-7.79.1-6.fc35

Update description:

control code in cookie denial of service (CVE-2022-35252)

Read More