Category: Advisories

The All In One WP Security & Firewall WordPress plugin before 4.4.11 does not validate, sanitise and escape the redirect_to parameter before using it to...

The Tipsacarrier WordPress plugin through 1.4.4.2 does not have any authorisation check in place some functions, which could allow unauthenticated users to access Orders data...

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was...

FEDORA-2022-2dd60f1f00 Packages in this update: freetype-2.12.1-1.fc36 Update description: Update to freetype 2.12.1 which fixes CVE-2022-27404, CVE-2022-27405, CVE-2022-27406 and adds support for OT-SVG fonts. Read More

USN-5382-1 fixed a vulnerability in libinput. This update provides the corresponding updates for Ubuntu 22.04 LTS. Original advisory details: Albin Eldstål-Ahrens and Lukas Lamster discovered...

Cyclos 4 PRO 4.14.7 and before does not validate user input at error inform, which allows remote unauthenticated attacker to execute javascript code via undefine...

A Dom-based Cross-site scripting (XSS) vulnerability at registration account in Cyclos 4 PRO.14.7 and before allows remote attackers to inject arbitrary web script or HTML...

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. Read More

FEDORA-MODULAR-2022-3903b475a9 Packages in this update: mariadb-10.7-3420220501001308.058368ca Update description: MariaDB 10.7.3 & Galera 26.4.11 Release notes: https://mariadb.com/kb/en/mariadb-1073-release-notes/ Read More

FEDORA-MODULAR-2022-dd33454b42 Packages in this update: mariadb-10.7-3520220501001308.f27b74a8 Update description: MariaDB 10.7.3 & Galera 26.4.11 Release notes: https://mariadb.com/kb/en/mariadb-1073-release-notes/ Read More