Category Archives: Advisories

openssl11-1.1.1k-4.el7

Read Time:28 Second

FEDORA-EPEL-2022-e05ac11f9b

Packages in this update:

openssl11-1.1.1k-4.el7

Update description:

backport from 1.1.1k-7: CVE-2022-2097: AES OCB fails to encrypt some bytes on 32-bit x86

Resolves: CVE-2022-2097

backport from 1.1.1k-7: Update expired certificates used in the testsuite

Resolves: rhbz#2100554

backport from 1.1.1k-7: CVE-2022-1292: openssl: c_rehash script allows command injection

Resolves: rhbz#2090371

backport from 1.1.1k-7: CVE-2022-2068: the c_rehash script allows command injection

Resolves: rhbz#2098278

Read More

podman-4.1.1-3.fc36

Read Time:10 Second

FEDORA-2022-482b42705f

Packages in this update:

podman-4.1.1-3.fc36

Update description:

Rebuild v4.1.1 to mitigate CVE-2022-{1705,32148,30631,30633,28131,30635,30632,30630,1962} in golang

Read More

CVE-2017-20139

Read Time:27 Second

A vulnerability was found in Itech Movie Portal Script 7.36. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /show_news.php. The manipulation of the argument id with the input AND (SELECT 1222 FROM(SELECT COUNT(*),CONCAT(0x71786b7a71,(SELECT (ELT(1222=1222,1))),0x717a627871,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) leads to sql injection (Error). The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Read More

CVE-2017-20140

Read Time:22 Second

A vulnerability was found in Itech Movie Portal Script 7.36. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /movie.php. The manipulation of the argument f with the input <img src=i onerror=prompt(1)> leads to basic cross site scripting (Reflected). The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Read More

CVE-2017-20141

Read Time:17 Second

A vulnerability classified as critical has been found in Itech Movie Portal Script 7.36. This affects an unknown part of the file /movie.php. The manipulation of the argument f leads to sql injection (Union). It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Read More

CVE-2017-20142

Read Time:16 Second

A vulnerability classified as critical was found in Itech Movie Portal Script 7.36. This vulnerability affects unknown code of the file /artist-display.php. The manipulation of the argument act leads to sql injection (Union). The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Read More

CVE-2017-20143

Read Time:18 Second

A vulnerability, which was classified as critical, has been found in Itech Movie Portal Script 7.36. This issue affects some unknown processing of the file /film-rating.php. The manipulation of the argument v leads to sql injection (Error). The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Read More

CVE-2020-14114

Read Time:9 Second

information leakage vulnerability exists in the Xiaomi SmartHome APP. This vulnerability is caused by illegal calls of some sensitive JS interfaces, which can be exploited by attackers to leak sensitive information.

Read More

CVE-2020-14126

Read Time:9 Second

Information leakage vulnerability exists in the Mi Sound APP. This vulnerability is caused by illegal calls of some sensitive JS interfaces, which can be exploited by attackers to leak sensitive information.

Read More