Category: Advisories

Project:  Drupal core Date:  2022-May-25 Security risk:  Moderately critical 13∕25 AC:Complex/A:None/CI:Some/II:Some/E:Theoretical/TD:Uncommon Vulnerability:  Third-party libraries CVE IDs:  CVE-2022-29248 Description:  Drupal uses the third-party Guzzle library for...

FEDORA-EPEL-2022-6d6f432346 Packages in this update: rubygem-nokogiri-1.13.6-1.el9 Update description: 1.13.6 - CVE-2022-29181 and CVE-2022-24836 Read More

FEDORA-EPEL-2022-b3575fc91b Packages in this update: rubygem-nokogiri-1.6.1-1.el7.2 Update description: Backport CVE-2022-24836 (#2074347), Backport CVE-2022-29181 (#2088685) Read More

User generated PPKG file for Bulk Enroll may have unencrypted sensitive information exposed. Read More

VersionVault Express exposes sensitive information that an attacker can use to impersonate the server or eavesdrop on communications with the server. Read More

FEDORA-2022-eccaf1aee8 Packages in this update: logrotate-3.18.1-3.fc35 Update description: fix potential DoS from unprivileged users via the state file (CVE-2022-1348) Read More

FEDORA-2022-87c0f05204 Packages in this update: logrotate-3.20.1-1.fc36 Update description: fix potential DoS from unprivileged users via the state file (CVE-2022-1348) Read More

FEDORA-2022-71ece75de1 Packages in this update: logrotate-3.18.0-4.fc34 Update description: fix potential DoS from unprivileged users via the state file (CVE-2022-1348) Read More

Philips Interoperability Solution XDS versions 2.5 through 3.11 and 2018-1 through 2021-1 are vulnerable to clear text transmission of sensitive information when configured to use...

When a non-existent resource is requested, the LCDS LAquis SCADA application (version 4.3.1.1011 and prior) returns error messages which may allow reflected cross-site scripting. Read...