The Tipsacarrier WordPress plugin through 1.4.4.2 does not have any authorisation check in place some functions, which could allow unauthenticated users to access Orders data which could be used to retrieve the client full address, name and phone via tracking URL
Category Archives: Advisories
CVE-2021-32500
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
freetype-2.12.1-1.fc36
FEDORA-2022-2dd60f1f00
Packages in this update:
freetype-2.12.1-1.fc36
Update description:
Update to freetype 2.12.1 which fixes CVE-2022-27404, CVE-2022-27405, CVE-2022-27406 and adds support for OT-SVG fonts.
USN-5382-2: libinput vulnerability
USN-5382-1 fixed a vulnerability in libinput. This update provides the
corresponding updates for Ubuntu 22.04 LTS.
Original advisory details:
Albin Eldstål-Ahrens and Lukas Lamster discovered libinput did not properly
handle input devices with specially crafted names. A local attacker with
physical access could use this to cause libinput to crash or expose
sensitive information.
CVE-2021-31674
Cyclos 4 PRO 4.14.7 and before does not validate user input at error inform, which allows remote unauthenticated attacker to execute javascript code via undefine enum constant.
CVE-2021-31673
A Dom-based Cross-site scripting (XSS) vulnerability at registration account in Cyclos 4 PRO.14.7 and before allows remote attackers to inject arbitrary web script or HTML via the groupId parameter.
DSA-5127 linux – security update
Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.
mariadb-10.7-3420220501001308.058368ca
FEDORA-MODULAR-2022-3903b475a9
Packages in this update:
mariadb-10.7-3420220501001308.058368ca
Update description:
MariaDB 10.7.3 & Galera 26.4.11
Release notes:
mariadb-10.7-3520220501001308.f27b74a8
FEDORA-MODULAR-2022-dd33454b42
Packages in this update:
mariadb-10.7-3520220501001308.f27b74a8
Update description:
MariaDB 10.7.3 & Galera 26.4.11
Release notes:
mariadb-10.7-3620220501001308.5e5ad4a0
FEDORA-MODULAR-2022-de160960c2
Packages in this update:
mariadb-10.7-3620220501001308.5e5ad4a0
Update description:
MariaDB 10.7.3 & Galera 26.4.11
Release notes: