Read Time:10 Second
The DW Question & Answer Pro WordPress plugin through 1.3.4 does not check that the comment to edit belongs to the user making the request, allowing any user to edit other comments.
Category Archives: Advisories
CVE-2021-24805
Read Time:13 Second
The DW Question & Answer Pro WordPress plugin through 1.3.4 does not properly check for CSRF in some of its functions, allowing attackers to make logged in users perform unwanted actions, such as update a comment or a question status.
USN-5376-2: Git vulnerability
Read Time:14 Second
USN-5376-1 fixed vulnerabilities in Git. This update provides the corresponding
updates for Ubuntu 22.04 LTS.
Original advisory details:
俞晨东 discovered that Git incorrectly handled certain repository paths
in platforms with multiple users support. An attacker could possibly use
this issue to run arbitrary commands.
freerdp-2.7.0-1.fc34
Read Time:9 Second
FEDORA-2022-b0a47f8060
Packages in this update:
freerdp-2.7.0-1.fc34
Update description:
Update to 2.7.0.
Security fixes for CVE-2022-24882, CVE-2022-24883.
freerdp-2.7.0-1.fc35
Read Time:9 Second
FEDORA-2022-a3e03a200b
Packages in this update:
freerdp-2.7.0-1.fc35
Update description:
Update to 2.7.0.
Security fixes for CVE-2022-24882, CVE-2022-24883.
freerdp-2.7.0-1.fc36
Read Time:9 Second
FEDORA-2022-dc48a89918
Packages in this update:
freerdp-2.7.0-1.fc36
Update description:
Update to 2.7.0.
Security fixes for CVE-2022-24882, CVE-2022-24883.
CVE-2019-25059
Read Time:6 Second
Artifex Ghostscript through 9.26 mishandles .completefont. NOTE: this issue exists because of an incomplete fix for CVE-2019-3839.
chromium-100.0.4896.127-1.fc34
Read Time:24 Second
FEDORA-2022-17aa1c62da
Packages in this update:
chromium-100.0.4896.127-1.fc34
Update description:
100 Chromium releases! Of course, at the rate they release now, we’ll probably be at 150 before the end of the year. Anyway, here’s the update.
Fixes:
CVE-2022-1232 CVE-2022-1305 CVE-2022-1306 CVE-2022-1307 CVE-2022-1308 CVE-2022-1309 CVE-2022-1310 CVE-2022-1311 CVE-2022-1312 CVE-2022-1313 CVE-2022-1314 CVE-2022-1364
chromium-100.0.4896.127-1.fc35
Read Time:24 Second
FEDORA-2022-0f14e2308e
Packages in this update:
chromium-100.0.4896.127-1.fc35
Update description:
100 Chromium releases! Of course, at the rate they release now, we’ll probably be at 150 before the end of the year. Anyway, here’s the update.
Fixes:
CVE-2022-1232 CVE-2022-1305 CVE-2022-1306 CVE-2022-1307 CVE-2022-1308 CVE-2022-1309 CVE-2022-1310 CVE-2022-1311 CVE-2022-1312 CVE-2022-1313 CVE-2022-1314 CVE-2022-1364
chromium-100.0.4896.127-1.fc36
Read Time:24 Second
FEDORA-2022-59297c8fcd
Packages in this update:
chromium-100.0.4896.127-1.fc36
Update description:
100 Chromium releases! Of course, at the rate they release now, we’ll probably be at 150 before the end of the year. Anyway, here’s the update.
Fixes:
CVE-2022-1232 CVE-2022-1305 CVE-2022-1306 CVE-2022-1307 CVE-2022-1308 CVE-2022-1309 CVE-2022-1310 CVE-2022-1311 CVE-2022-1312 CVE-2022-1313 CVE-2022-1314 CVE-2022-1364