Out-of-Band XML External Entity (OOB-XXE) vulnerability in Zoho ManageEngine Analytics Plus before 4.3.5 allows remote attackers to read arbitrary files, enumerate folders and scan internal ports via crafted XML license file.
Directory Traversal vulnerability ZDBQAREFSUBDIR parameter in /zropusermgmt API in Zoho ManageEngine Analytics Plus before 4350 allows remote attackers to run arbitrary code.
qemu-6.2.0-14.fc36
lsi53c895a: Do not abort when DMA requested and no data queued (#552)
lsi53c895a: Fix use-after-free in lsi_do_msgout (CVE-2022-0216) (rhbz#2070902)
dotnet6.0-6.0.108-1.fc35
This is the monthly update for .NET for August 2022. This updates the .NET SDK to 6.0.108 and .NET Runtime to 6.0.8.
This update includes a fix for CVE 2022-34716.
dotnet6.0-6.0.108-1.fc36
This is the monthly update for .NET for August 2022. This updates the .NET SDK to 6.0.108 and .NET Runtime to 6.0.8.
This update includes a fix for CVE 2022-34716.
vim-9.0.213-1.fc35
patchlevel 213
Security fixes for CVE-2022-2819, CVE-2022-2816, CVE-2022-2817
This vulnerability allows remote attackers to escape the sandbox on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Authentication is not required to exploit this vulnerability.
This vulnerability allows local attackers to disclose sensitive information on affected installations of NetBSD Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.
