USN-5333-1: Apache HTTP Server vulnerabilities
Chamal De Silva discovered that the Apache HTTP Server mod_lua module incorrectly handled certain crafted request bodies. A remote attacker could possibly use this issue...
USN-5332-1: Bind vulnerabilities
Xiang Li, Baojun Liu, Chaoyi Lu, and Changgen Zou discovered that Bind incorrectly handled certain bogus NS records when using forwarders. A remote attacker could...
openssl3-3.0.1-18.el8.1
FEDORA-EPEL-2022-1edabe7090 Packages in this update: openssl3-3.0.1-18.el8.1 Update description: Security fix for CVE-2022-0778 Read More
Joint CyberSecurity Advisory Alert on Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and “PrintNightmare” Vulnerability (AA22-074A)
FortiGuard Labs is aware of a recent report issued by the U.S. Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) that...
xen-4.16.0-4.fc36
FEDORA-2022-531e531922 Packages in this update: xen-4.16.0-4.fc36 Update description: Multiple speculative security issues [XSA-398] Read More
libass-0.15.2-1.fc34
FEDORA-2022-2af150223a Packages in this update: libass-0.15.2-1.fc34 Update description: New version Security fix for CVE-2020-36430 Read More
CVE-2021-23648
The package @braintree/sanitize-url before 6.0.0 are vulnerable to Cross-site Scripting (XSS) due to improper sanitization in sanitizeUrl function. Read More
Drupal core – Moderately critical – Third-party libraries – SA-CORE-2022-005
Project: Drupal core Date: 2022-March-16 Security risk: Moderately critical 13∕25 AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:Default Vulnerability: Third-party libraries CVE IDs: CVE-2022-24728 CVE-2022-24729 Description: The Drupal project uses the CKEditor...
CVE-2021-20299
A flaw was found in OpenEXR's Multipart input file functionality. A crafted multi-part input file with no actual parts can trigger a NULL pointer dereference....
CVE-2021-23158
A flaw was found in htmldoc in v1.9.12. Double-free in function pspdf_export(),in ps-pdf.cxx may result in a write-what-where condition, allowing an attacker to execute arbitrary...