** UNSUPPORTED WHEN ASSIGNED ** A vulnerability in Brocade Fabric OS versions v7.4.1b and v7.3.1d could allow local users to conduct privileged directory transversal. Brocade Fabric OS versions v7.4.1.x and v7.3.x have reached end of life. Brocade Fabric OS Users should upgrade to supported versions as described in the Product End-of-Life Publish report.
Category Archives: Advisories
CVE-2021-36861 (rich_review)
Cross-Site Request Forgery (CSRF) vulnerability in Rich Reviews by Starfish plugin <= 1.9.14 at WordPress allows an attacker to delete reviews.
CVE-2016-3098
Cross-site request forgery (CSRF) vulnerability in administrate 0.1.4 and earlier allows remote attackers to hijack the user’s OAuth autorization code.
rubygem-rails-html-sanitizer-1.4.3-1.fc37
FEDORA-2022-9cd3e3a570
Packages in this update:
rubygem-rails-html-sanitizer-1.4.3-1.fc37
Update description:
Automatic update for rubygem-rails-html-sanitizer-1.4.3-1.fc37.
Changelog
* Fri Aug 5 2022 Vít Ondruch <vondruch@redhat.com> – 1.4.3-1
– Update to rails-html-sanitizer 1.4.3.
Resolves: rhbz#2095592
Resolves: rhbz#2101883
Resolves: rhbz#2113699
* Sat Jul 23 2022 Fedora Release Engineering <releng@fedoraproject.org> – 1.4.2-3
– Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
net-snmp-5.9.3-1.fc36
FEDORA-2022-3af7a32fc0
Packages in this update:
net-snmp-5.9.3-1.fc36
Update description:
New upstream release 5.9.3
mingw-gdk-pixbuf-2.42.8-1.fc35
FEDORA-2022-7254ec5e96
Packages in this update:
mingw-gdk-pixbuf-2.42.8-1.fc35
Update description:
Update to 2.42.8, fixes CVE-2021-46829.
owncloud-client-2.10.1-1.fc35
FEDORA-2022-d6faaa50eb
Packages in this update:
owncloud-client-2.10.1-1.fc35
Update description:
Security fix for CVE-2021-44537
ZDI-22-1064: OPC Foundation UA .NET Standard BrowseRequest Missing Authentication Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of OPC Foundation UA .NET Standard. Authentication is not required to exploit this vulnerability.
ZDI-22-1063: Foxit PDF Reader AcroForm deletePages Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-1062: Foxit PDF Reader AcroForm deletePages Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.