composer-2.3.5-1.el9
FEDORA-EPEL-2022-cfff8c1f5c Packages in this update: composer-2.3.5-1.el9 Update description: Version 2.3.5 - 2022-04-13 Security: Fixed command injection vulnerability in HgDriver/GitDriver (GHSA-x7cr-6qr6-2hh6 / CVE-2022-24828) Added warning when...
composer-2.2.12-1.fc34
FEDORA-2022-617a6df23e Packages in this update: composer-2.2.12-1.fc34 Update description: Version 2.2.12 - 2022-04-13 Security: Fixed command injection vulnerability in HgDriver/GitDriver (GHSA-x7cr-6qr6-2hh6 / CVE-2022-24828) Fixed curl downloader...
composer-1.10.26-1.el7
FEDORA-EPEL-2022-a970a526cb Packages in this update: composer-1.10.26-1.el7 Update description: Version 1.10.26 - 2022-04-13 Security: Fixed command injection vulnerability in HgDriver/GitDriver (GHSA-x7cr-6qr6-2hh6 / CVE-2022-24828) Version 1.10.25 -...
Microsoft Patch Tuesday 0-day Escalation of Privilege Vulnerability (CVE-2022-24521)
Microsoft has released over 117 security fixes for this month's April 2022 release. Besides the usual security fixes, there were two zero days of note...
Industroyer2 Discovered Attacking Critical Ukrainian Verticals
FortiGuard Labs is aware of new reports of Industroyer2, the successor to the Industroyer malware. First discovered in 2016, Industroyer was attributed to energy grid...
CVE-2019-6834
A CWE-502: Deserialization of Untrusted Data vulnerability exists which could allow an attacker to execute arbitrary code on the targeted system with SYSTEM privileges when...
CVE-2021-22794
A CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause remote code execution. Affected Product: StruxureWare Data...
CVE-2021-22795
A CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could cause remote code execution when performed...
CVE-2021-22797
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal) vulnerability exists that could cause malicious script to be deployed in an...
CVE-2015-20107
In Python (aka CPython) through 3.10.4, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow...