This vulnerability allows remote attackers to disclose sensitive information on affected installations of Centreon. Authentication is required to exploit this vulnerability.

Read More

This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploit this vulnerability.

Read More

Multiple vulnerabilities have been discovered in Google Android OS, the most severe of which could allow for arbitrary code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution. Depending on the privileges associated with the exploited component, an attacker could then install programs; view, change, or delete data; or create new accounts with full rights.

Read More

A insecure configuration for certificate verification (http.verify_mode = OpenSSL::SSL::VERIFY_NONE) may lead to verification bypass in Red Hat CloudForms 5.x.

Read More

EidoGo is susceptible to Cross-Site Scripting (XSS) attacks via maliciously crafted SGF input.

Read More

custom-content-type-manager WordPress plugin can be used by an administrator to achieve arbitrary PHP remote code execution.

Read More

FEDORA-2022-1124e5882d

Packages in this update:

gnupg2-2.3.4-2.fc35

Update description:

Fix for CVE-2022-34903 (#2103242)

Read More

USN-5488-1 fixed vulnerabilities in OpenSSL. This update provides the
corresponding updates for Ubuntu 16.04 ESM.

Original advisory details:

Chancen and Daniel Fiala discovered that OpenSSL incorrectly handled the
c_rehash script. A local attacker could possibly use this issue to execute
arbitrary commands when c_rehash is run.

Read More

A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker may take advantage of that to cause heap data corruption or eventually arbitrary code execution and circumvent secure boot protections. This issue has a high complexity to be exploited as an attacker needs to perform some triage over the heap layout to achieve signifcant results, also the values written into the memory are repeated three times in a row making difficult to produce valid payloads. This flaw affects grub2 versions prior grub-2.12.

Read More

An issue was discovered in PESCMS-V2.3.3. There is a CSRF vulnerability that can modify admin and other members’ passwords.

Read More