Peter Agten discovered that several modules for TCP syslog reception in
rsyslog, a system and kernel logging daemon, have buffer overflow flaws
when octet-counted framing is used, which could result in denial of
service or potentially the execution of arbitrary code.
dotnet3.1-3.1.419-1.fc34
Upstream release notes: https://github.com/dotnet/core/blob/main/release-notes/3.1/3.1.25/3.1.25.md
dotnet3.1-3.1.419-1.fc35
Upstream release notes: https://github.com/dotnet/core/blob/main/release-notes/3.1/3.1.25/3.1.25.md
dotnet3.1-3.1.419-1.fc36
Upstream release notes: https://github.com/dotnet/core/blob/main/release-notes/3.1/3.1.25/3.1.25.md
The software may be vulnerable to both Un-Auth XML interaction and unauthenticated device enrollment.
The Master operator may be able to embed script tag in HTML with alert pop-up display cookie.
logrotate-3.18.1-4.fc35
lockState: do not print error: when exit code is unaffected (#2090926)
fix potential DoS from unprivileged users via the state file (CVE-2022-1348)
logrotate-3.18.0-5.fc34
lockState: do not print error: when exit code is unaffected (#2090926)
fix potential DoS from unprivileged users via the state file (CVE-2022-1348)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of KeySight N6841A RF Sensor. Authentication is not required to exploit this vulnerability.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of KeySight N6841A RF Sensor. Authentication is not required to exploit this vulnerability.
