Read Time:9 Second
An anonymous user can craft a URL with text that ends up in the log viewer as is. The text can then include textual messages to mislead the administrator.
Category Archives: Advisories
CVE-2021-23267
Read Time:8 Second
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker static methods.
USN-5422-1: libxml2 vulnerabilities
Read Time:23 Second
Shinji Sato discovered that libxml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to cause a crash, resulting in a
denial of service, or possibly execute arbitrary code. This issue only
affected Ubuntu 14.04 ESM, and Ubuntu 16.04 ESM. (CVE-2022-23308)
It was discovered that libxml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to cause a crash or execute
arbitrary code. (CVE-2022-29824)
CVE-2021-25119
Read Time:12 Second
The AGIL WordPress plugin through 1.0 accepts all zip files and automatically extracts the zip file without validating the extracted file type. Allowing high privilege users such as admin to upload an arbitrary file like PHP, leading to RCE
USN-5421-1: LibTIFF vulnerabilities
Read Time:42 Second
It was discovered that LibTIFF incorrectly handled certain images.
An attacker could possibly use this issue to cause a crash,
resulting in a denial of service. This issue only affects
Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS and
Ubuntu 20.04 LTS. (CVE-2020-35522)
Chintan Shah discovered that LibTIFF incorrectly handled memory when
handling certain images. An attacker could possibly use this issue to
cause a crash, resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2022-0561, CVE-2022-0562, CVE-2022-0891)
It was discovered that LibTIFF incorrectly handled certain images.
An attacker could possibly use this issue to cause a crash,
resulting in a denial of service. This issue only affects
Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 21.10. (CVE-2022-0865)
plantuml-1.2022.5-1.el9
Read Time:9 Second
FEDORA-EPEL-2022-a0a3d90422
Packages in this update:
plantuml-1.2022.5-1.el9
Update description:
Security fix for CVE-2022-1379
Updated version to 1.2022.4
plantuml-1.2022.5-1.fc36
Read Time:6 Second
FEDORA-2022-e6c09a89eb
Packages in this update:
plantuml-1.2022.5-1.fc36
Update description:
Security fix for CVE-2022-1379
plib-1.8.5-30.fc36
Read Time:6 Second
FEDORA-2022-08022e9452
Packages in this update:
plib-1.8.5-30.fc36
Update description:
Security fix for CVE-2021-38714
plib-1.8.5-30.fc34
Read Time:6 Second
FEDORA-2022-1cf3c9578f
Packages in this update:
plib-1.8.5-30.fc34
Update description:
Security fix for CVE-2021-38714
plib-1.8.5-30.fc35
Read Time:6 Second
FEDORA-2022-bcc0df5180
Packages in this update:
plib-1.8.5-30.fc35
Update description:
Security fix for CVE-2021-38714