CVE-2021-43116
An Access Control vulnerability exists in Nacos 2.0.3 in the access prompt page; enter username and password, click on login to capture packets and then...
USN-5503-1: GnuPG vulnerability
Demi Marie Obenour discovered that GnuPG incorrectly handled injection in the status message. A remote attacker could possibly use this issue to forge signatures. Read...
USN-5502-1: OpenSSL vulnerability
Alex Chernyakhovsky discovered that OpenSSL incorrectly handled AES OCB mode when using the AES-NI assembly optimized implementation on 32-bit x86 platforms. A remote attacker could...
CVE-2021-43702
ASUS RT-A88U 3.0.0.4.386_45898 is vulnerable to Cross Site Scripting (XSS). The ASUS router admin panel does not sanitize the WiFI logs correctly, if an attacker...
libtiff-4.4.0-2.fc36
FEDORA-2022-edf7301147 Packages in this update: libtiff-4.4.0-2.fc36 Update description: Fix for CVE-2022-2056, CVE-2022-2057 and CVE-2022-2058. Read More
libtiff-4.4.0-2.fc35
FEDORA-2022-b9c2a3a2b7 Packages in this update: libtiff-4.4.0-2.fc35 Update description: Fix for CVE-2022-2056, CVE-2022-2057 and CVE-2022-2058. Read More
DSA-5177 ldap-account-manager – security update
Arseniy Sharoglazov discovered multiple security issues in LDAP Account Manager (LAM), a web frontend for managing accounts in an LDAP directory, which could result in...
USN-5479-2: PHP vulnerabilities
USN-5479-1 fixed vulnerabilities in PHP. This update provides the corresponding updates for Ubuntu 16.04 ESM. Original advisory details: Charles Fol discovered that PHP incorrectly handled...
CVE-2021-25056
The Ninja Forms Contact Form WordPress plugin before 3.6.10 does not sanitise and escape field labels, allowing high privilege users to perform Cross-Site Scripting attacks...
CVE-2021-25066
The Ninja Forms Contact Form WordPress plugin before 3.6.10 does not sanitize and escape some imported data, allowing high privilege users to perform Cross-Site Scripting...