CVE-2020-24769
SQL injection vulnerability in takeconfirm.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the classes parameter. Read More
CVE-2020-24770
SQL injection vulnerability in modrules.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. Read More
CVE-2020-24771
Incorrect access control in NexusPHP 1.5.beta5.20120707 allows unauthorized attackers to access published content. Read More
CVE-2015-3298
Yubico ykneo-openpgp before 1.0.10 has a typo in which an invalid PIN can be used. When first powered up, a signature will be issued even...
[KIS-2022-05] Joomla! <= 4.1.0 (Tar.php) Zip Slip Vulnerability
Posted by Egidio Romano on Mar 29 ------------------------------------------------- Joomla! <= 4.1.0 (Tar.php) Zip Slip Vulnerability ------------------------------------------------- [-] Software Link: http://www.joomla.org/ [-] Affected Versions: Version 4.1.0...
USN-5351-2: Paramiko vulnerability
USN-5351-1 fixed a vulnerability in Paramiko. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Jan Schejbal discovered that Paramiko incorrectly...
USN-5313-2: OpenJDK 11 regression
USN-5313-1 fixed vulnerabilities and added features in OpenJDK. Unfortunately, that update introduced a regression in OpenJDK 11 that could impact interoperability with some popular HTTP/2...
gdal-3.2.2-3.fc34 mingw-gdal-3.2.2-3.fc34
FEDORA-2022-cffca5dbf4 Packages in this update: gdal-3.2.2-3.fc34 mingw-gdal-3.2.2-3.fc34 Update description: Backport patch for CVE-2021-45943. Read More
ZDI-22-545: (0Day) Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Write Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in...
ZDI-22-544: (Pwn2Own) Netgear R6700v3 NetUSB Integer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 routers. Authentication is not required to exploit this vulnerability. Read...