Read Time:6 Second
FEDORA-2022-d165104234
Packages in this update:
weechat-3.5-2.fc36
Update description:
Update to new upstream version.
Category Archives: Advisories
weechat-3.5-2.fc34
Read Time:6 Second
FEDORA-2022-6e226a21ed
Packages in this update:
weechat-3.5-2.fc34
Update description:
Update to new upstream version.
CVE-2021-32958
Read Time:20 Second
Successful exploitation of this vulnerability on Claroty Secure Remote Access (SRA) Site versions 3.0 through 3.2 allows an attacker with local command line interface access to gain the secret key, subsequently allowing them to generate valid session tokens for the web user interface (UI). With access to the web UI an attacker can access assets managed by the SRA installation and could compromise the installation.
python-ujson-5.3.0-1.el9
Read Time:25 Second
FEDORA-EPEL-2022-d81bc92178
Packages in this update:
python-ujson-5.3.0-1.el9
Update description:
5.3.0
Added
Test Python 3.11 beta
Changed
Benchmark refactor – argparse CLI
Fixed
Fix segmentation faults when errors occur while handling unserialisable objects
Fix segmentation fault when an exception is raised while converting a dict key to a string
Fix memory leak dumping on non-string dict keys
Fix ref counting on repeated default function calls
Remove redundant wheel dependency from pyproject.toml
CVE-2021-32935
Read Time:11 Second
The affected Cognex product, the In-Sight OPC Server versions v5.7.4 (96) and prior, deserializes untrusted data, which could allow a remote attacker access to system level permission commands and local privilege escalation.
CVE-2021-32941
Read Time:13 Second
Annke N48PBB (Network Video Recorder) products of version 3.4.106 build 200422 and prior are vulnerable to a stack-based buffer overflow, which allows an unauthorized remote attacker to execute arbitrary code with the same privileges as the server user (root).
python-ujson-5.3.0-1.fc36
Read Time:24 Second
FEDORA-2022-6f51a267c6
Packages in this update:
python-ujson-5.3.0-1.fc36
Update description:
5.3.0
Added
Test Python 3.11 beta
Changed
Benchmark refactor – argparse CLI
Fixed
Fix segmentation faults when errors occur while handling unserialisable objects
Fix segmentation fault when an exception is raised while converting a dict key to a string
Fix memory leak dumping on non-string dict keys
Fix ref counting on repeated default function calls
Remove redundant wheel dependency from pyproject.toml
USN-5436-1: libXrender vulnerabilities
Read Time:10 Second
Tobias Stoeckmann discovered that libXrender incorrectly handled certain
responses. An attacker could possibly use this issue to cause a denial
of service, or possibly execute arbitrary code.
(CVE-2016-7949, CVE-2016-7950)
Disclosing Vulnerability of CLink Office 2.0
Read Time:24 Second
Posted by chan chan on May 23
Dear Sir/Madam,
I would like to submit a vulnerability found on CLink Office 2.0. I had
contacted the vendor 60 days before but in vain.
# Exploit Title: Multiple blind SQL injection vulnerabilities in in CLink
Office 2.0 Anti-Spam management console
# Date: 30 Mar 2022
# Exploit Author: Erwin Chan, Stephen Tsoi
# Vendor Homepage: https://www.communilink.net/
# Softwar: CLink Office
# Version: 2.0
# Tested on: CLink Office 2.0 Anti-Spam…
[tool] tplink backup decryptor.
Read Time:14 Second
Posted by retset on May 23
Yet another “tool” to decrypt a backup configs for some tplink wifi
routers.
Only tested on latest fw for “Archer C7”.
I hope that it will be useful for someone.