A vulnerability, which was classified as critical, was found in MONyog Ultimate 6.63. This affects an unknown part of the component Cookie Handler. The manipulation of the argument HasServerEdit/IsAdmin leads to privilege escalation. It is possible to initiate the attack remotely.
Category Archives: Advisories
CVE-2019-25064
A vulnerability was found in CoreHR Core Portal up to 27.0.7. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross site request forgery. It is possible to launch the attack remotely. Upgrading to version 27.0.8 is able to address this issue. It is recommended to upgrade the affected component.
CVE-2019-25065
A vulnerability was found in OpenNetAdmin 18.1.1. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation leads to privilege escalation. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2019-25066
A vulnerability has been found in ajenti 2.1.31 and classified as critical. This vulnerability affects unknown code of the component API. The manipulation leads to privilege escalation. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.1.32 is able to address this issue. The name of the patch is 7aa146b724e0e20cfee2c71ca78fafbf53a8767c. It is recommended to upgrade the affected component.
CVE-2019-25067
A vulnerability, which was classified as critical, was found in Podman and Varlink 1.5.1. This affects an unknown part of the component API. The manipulation leads to Privilege Escalation. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2019-25068
A vulnerability classified as critical was found in Axios Italia Axios RE 1.7.0/7.0.0. This vulnerability affects unknown code of the file REDefault.aspx of the component Connection Handler. The manipulation of the argument DBIDX leads to privilege escalation. The attack can be initiated remotely.
CVE-2019-25069
A vulnerability, which was classified as problematic, has been found in Axios Italia Axios RE 1.7.0/7.0.0. This issue affects some unknown processing of the component Error Message Handler. The manipulation leads to information disclosure (ASP.NET). The attack may be initiated remotely.
python-bottle-0.12.21-1.fc35
FEDORA-2022-a656f209f0
Packages in this update:
python-bottle-0.12.21-1.fc35
Update description:
Security fix for CVE-2022-31799
python-bottle-0.12.21-1.fc36
FEDORA-2022-81276006d3
Packages in this update:
python-bottle-0.12.21-1.fc36
Update description:
Security fix for CVE-2022-3179
liblouis-3.22.0-1.fc36
FEDORA-2022-81110193e5
Packages in this update:
liblouis-3.22.0-1.fc36
Update description:
Fixes CVE-2022-26981, CVE-2022-31783, and further issues.
A detailed list of changes can be found at http://liblouis.org/liblouis/2022/06/07/liblouis-release-3.22.0.html