In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, users viewing the grade history report without the ‘access all groups’ capability were not restricted to viewing grades of users within their own groups.
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability in Brocade Fabric OS versions v7.4.1b and v7.3.1d could allow local users to conduct privileged directory transversal. Brocade Fabric OS versions v7.4.1.x and v7.3.x have reached end of life. Brocade Fabric OS Users should upgrade to supported versions as described in the Product End-of-Life Publish report.
Cross-Site Request Forgery (CSRF) vulnerability in Rich Reviews by Starfish plugin <= 1.9.14 at WordPress allows an attacker to delete reviews.
Cross-site request forgery (CSRF) vulnerability in administrate 0.1.4 and earlier allows remote attackers to hijack the user’s OAuth autorization code.
rubygem-rails-html-sanitizer-1.4.3-1.fc37
Automatic update for rubygem-rails-html-sanitizer-1.4.3-1.fc37.
* Fri Aug 5 2022 Vít Ondruch <vondruch@redhat.com> – 1.4.3-1
– Update to rails-html-sanitizer 1.4.3.
Resolves: rhbz#2095592
Resolves: rhbz#2101883
Resolves: rhbz#2113699
* Sat Jul 23 2022 Fedora Release Engineering <releng@fedoraproject.org> – 1.4.2-3
– Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
net-snmp-5.9.3-1.fc36
New upstream release 5.9.3
mingw-gdk-pixbuf-2.42.8-1.fc35
Update to 2.42.8, fixes CVE-2021-46829.
owncloud-client-2.10.1-1.fc35
Security fix for CVE-2021-44537
This vulnerability allows remote attackers to disclose sensitive information on affected installations of OPC Foundation UA .NET Standard. Authentication is not required to exploit this vulnerability.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
