Read Time:7 Second
In Moodle 3.8, messages required extra sanitizing before updating the conversation overview, to prevent the risk of stored cross-site scripting.
Category Archives: Advisories
CVE-2020-1754
Read Time:12 Second
In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, users viewing the grade history report without the ‘access all groups’ capability were not restricted to viewing grades of users within their own groups.
CVE-2021-27798
Read Time:19 Second
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability in Brocade Fabric OS versions v7.4.1b and v7.3.1d could allow local users to conduct privileged directory transversal. Brocade Fabric OS versions v7.4.1.x and v7.3.x have reached end of life. Brocade Fabric OS Users should upgrade to supported versions as described in the Product End-of-Life Publish report.
CVE-2021-36861 (rich_review)
Read Time:7 Second
Cross-Site Request Forgery (CSRF) vulnerability in Rich Reviews by Starfish plugin <= 1.9.14 at WordPress allows an attacker to delete reviews.
CVE-2016-3098
Read Time:7 Second
Cross-site request forgery (CSRF) vulnerability in administrate 0.1.4 and earlier allows remote attackers to hijack the user’s OAuth autorization code.
rubygem-rails-html-sanitizer-1.4.3-1.fc37
Read Time:27 Second
FEDORA-2022-9cd3e3a570
Packages in this update:
rubygem-rails-html-sanitizer-1.4.3-1.fc37
Update description:
Automatic update for rubygem-rails-html-sanitizer-1.4.3-1.fc37.
Changelog
* Fri Aug 5 2022 Vít Ondruch <vondruch@redhat.com> – 1.4.3-1
– Update to rails-html-sanitizer 1.4.3.
Resolves: rhbz#2095592
Resolves: rhbz#2101883
Resolves: rhbz#2113699
* Sat Jul 23 2022 Fedora Release Engineering <releng@fedoraproject.org> – 1.4.2-3
– Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
net-snmp-5.9.3-1.fc36
Read Time:7 Second
FEDORA-2022-3af7a32fc0
Packages in this update:
net-snmp-5.9.3-1.fc36
Update description:
New upstream release 5.9.3
mingw-gdk-pixbuf-2.42.8-1.fc35
Read Time:8 Second
FEDORA-2022-7254ec5e96
Packages in this update:
mingw-gdk-pixbuf-2.42.8-1.fc35
Update description:
Update to 2.42.8, fixes CVE-2021-46829.
owncloud-client-2.10.1-1.fc35
Read Time:7 Second
FEDORA-2022-d6faaa50eb
Packages in this update:
owncloud-client-2.10.1-1.fc35
Update description:
Security fix for CVE-2021-44537
ZDI-22-1064: OPC Foundation UA .NET Standard BrowseRequest Missing Authentication Information Disclosure Vulnerability
Read Time:8 Second
This vulnerability allows remote attackers to disclose sensitive information on affected installations of OPC Foundation UA .NET Standard. Authentication is not required to exploit this vulnerability.