An Access Control vulnerability exists in HisiPHP 2.0.11 via special packets that are constructed in $files = Dir::getList($decompath. ‘/ Upload/Plugins /, which could let a remote malicious user execute arbitrary code.
A vulnerability has been discovered in Trend Micro Apex Central which could allow for arbitrary file upload. Trend Micro Apex Central is a web-based console that provides centralized management for Trend Micro products and services at the gateway, mail server, file server, and corporate desktop levels. Successful exploitation of this vulnerability could result in arbitrary file upload which could allow a remote attacker to execute arbitrary code. Depending on the privileges associated with the application, an attacker could install programs; view, change, or delete data; or create new accounts with full user rights.
A vulnerability has been discovered in versions of Zyxel Firewall’s CGI program which could allow for authentication bypass. Zyxel Firewall is a next generation firewall product which enables users to manage, detect and respond to threats on the network. Successful exploitation of this vulnerability could allow an attacker to bypass authentication and obtain administrative access to the device. Malicious actors with administrative access may be able to view, change, or delete sensitive data.
containerd-1.6.2-1.fc36
Update to 1.6.2 (rhbz#2068277). Mitigates CVE-2022-24769 / GHSA-c9cp-9c75-9v8c.
containerd-1.6.2-2.fc34
Update to 1.6.2 (rhbz#2068277). Mitigates CVE-2022-24769 / GHSA-c9cp-9c75-9v8c.
containerd-1.6.2-1.fc35
Update to 1.6.2 (rhbz#2068277). Mitigates CVE-2022-24769 / GHSA-c9cp-9c75-9v8c.
fish-3.4.1-1.fc36
Update to 3.4.1
fish-3.4.1-1.fc35
Update to 3.4.1
golang-github-containerd-imgcrypt-1.1.4-1.fc34
Update to 1.1.4 (rhbz#2068719). Mitigates CVE-2022-24778 (rhbz#2069368, rhbz#2069369).
golang-github-containerd-imgcrypt-1.1.4-1.fc35
Update to 1.1.4 (rhbz#2068719). Mitigates CVE-2022-24778 (rhbz#2069368, rhbz#2069369).
