Posted by Julien Ahrens (RCE Security) on May 27
RCE Security Advisoryhttps://www.rcesecurity.com
1. ADVISORY INFORMATIONhttps://wordpress.org/plugins/user-meta
2. CREDITS
Peter Agten discovered that several modules for TCP syslog reception in
FEDORA-2022-21c312c05b
Packages in this update:
dotnet3.1-3.1.419-1.fc34
Update description:
Upstream release notes: https://github.com/dotnet/core/blob/main/release-notes/3.1/3.1.25/3.1.25.md
FEDORA-2022-62c0ec2d98
Packages in this update:
dotnet3.1-3.1.419-1.fc35
Update description:
Upstream release notes: https://github.com/dotnet/core/blob/main/release-notes/3.1/3.1.25/3.1.25.md
FEDORA-2022-b3a92b1881
Packages in this update:
dotnet3.1-3.1.419-1.fc36
Update description:
Upstream release notes: https://github.com/dotnet/core/blob/main/release-notes/3.1/3.1.25/3.1.25.md
The software may be vulnerable to both Un-Auth XML interaction and unauthenticated device enrollment.
The Master operator may be able to embed script tag in HTML with alert pop-up display cookie.
FEDORA-2022-ff0188b37c
Packages in this update:
logrotate-3.18.1-4.fc35
Update description:
lockState: do not print error: when exit code is unaffected (#2090926)
fix potential DoS from unprivileged users via the state file (CVE-2022-1348)
FEDORA-2022-14f7b1a698
Packages in this update:
logrotate-3.18.0-5.fc34
Update description:
lockState: do not print error: when exit code is unaffected (#2090926)
fix potential DoS from unprivileged users via the state file (CVE-2022-1348)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of KeySight N6841A RF Sensor. Authentication is not required to exploit this vulnerability.
Posts navigation
News, Advisories and much more
