Category: Advisories

FEDORA-EPEL-2022-42af0c4375 Packages in this update: libcaca-0.99-0.59.beta20.el8 Update description: Clean up SPEC file. Update to beta20. CVE-2018-20545, CVE-2018-20546, CVE-2018-20547, CVE-2018-20548, CVE-2018-20549 (#1687860). CVE-2021-30498 (#1948677). CVE-2021-30499 (#1948681)....

FEDORA-2022-011c2a9ba8 Packages in this update: xen-4.15.2-2.fc35 Update description: Multiple speculative security issues [XSA-398] Read More

Multiple vulnerabilities have been discovered in Veeam Backup & Replication that could allow for remote code execution. Veeam Backup & Replication is a backup solutions...

Sam Foxman discovered that Zsh incorrectly handled certain inputs. An attacker could possibly use this issue to regain dropped privileges. (CVE-2019-20044) It was discovered that...

The Simple Download Monitor WordPress plugin before 3.9.5 allows users with a role as low as Contributor to download any file on the web server...

The Cybersoldier WordPress plugin before 1.7.0 does not sanitise and escape the URL settings before outputting it in an attribute, which could allow high privilege...

The Add Subtitle WordPress plugin through 1.1.0 does not sanitise or escape the sub-title field (available only with classic editor) when output in the page,...

The Persian Woocommerce WordPress plugin through 5.8.0 does not escape the s parameter before outputting it back in an attribute in the admin dashboard, which...

The Insight Core WordPress plugin through 1.0 does not have any authorisation and CSRF checks in the insight_customizer_options_import (available to any authenticated user), does not...

Multiple vulnerabilities have been discovered in Schneider Electric APC Smart-UPS that could allow for remote code execution. Schneider Electric APC Smart-UPS are devices that protect...