Read Time:11 Second
FEDORA-2022-62c0ec2d98
Packages in this update:
dotnet3.1-3.1.419-1.fc35
Update description:
Upstream release notes: https://github.com/dotnet/core/blob/main/release-notes/3.1/3.1.25/3.1.25.md
Category Archives: Advisories
dotnet3.1-3.1.419-1.fc36
Read Time:11 Second
FEDORA-2022-b3a92b1881
Packages in this update:
dotnet3.1-3.1.419-1.fc36
Update description:
Upstream release notes: https://github.com/dotnet/core/blob/main/release-notes/3.1/3.1.25/3.1.25.md
CVE-2021-27780
Read Time:5 Second
The software may be vulnerable to both Un-Auth XML interaction and unauthenticated device enrollment.
CVE-2021-27781
Read Time:6 Second
The Master operator may be able to embed script tag in HTML with alert pop-up display cookie.
logrotate-3.18.1-4.fc35
Read Time:12 Second
FEDORA-2022-ff0188b37c
Packages in this update:
logrotate-3.18.1-4.fc35
Update description:
lockState: do not print error: when exit code is unaffected (#2090926)
fix potential DoS from unprivileged users via the state file (CVE-2022-1348)
logrotate-3.18.0-5.fc34
Read Time:12 Second
FEDORA-2022-14f7b1a698
Packages in this update:
logrotate-3.18.0-5.fc34
Update description:
lockState: do not print error: when exit code is unaffected (#2090926)
fix potential DoS from unprivileged users via the state file (CVE-2022-1348)
ZDI-22-805: KeySight N6841A RF Sensor UserFirmwareRequestHandler Directory Traversal Information Disclosure Vulnerability
Read Time:8 Second
This vulnerability allows remote attackers to disclose sensitive information on affected installations of KeySight N6841A RF Sensor. Authentication is not required to exploit this vulnerability.
ZDI-22-804: KeySight N6841A RF Sensor Deserialization of Untrusted Data Remote Code Execution Vulnerability
Read Time:8 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of KeySight N6841A RF Sensor. Authentication is not required to exploit this vulnerability.
ZDI-22-803: Cisco RV340 JSON RPC set-snmp Stack-based Buffer Overflow Remote Code Execution Vulnerability
Read Time:10 Second
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Cisco RV340 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
ZDI-22-802: Cisco RV340 JSON RPC set-snmp Stack-based Buffer Overflow Remote Code Execution Vulnerability
Read Time:10 Second
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Cisco RV340 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.