USN-5293-1: c3p0 vulnerability
Aaron Massey discovered that c3p0 could be made to crash when parsing certain input. An attacker able to modify the application's XML configuration file could...
USN-5288-1: Expat vulnerabilities
It was discovered that Expat incorrectly handled certain files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. Read...
vim-8.2.4428-1.fc34
FEDORA-2022-7ef65e6444 Packages in this update: vim-8.2.4428-1.fc34 Update description: Security fix for CVE-2022-0696 Security fix for CVE-2022-0629 Security fix for CVE-2022-0572 Security fixes for CVE-2022-0408, CVE-2022-0413,...
vim-8.2.4428-1.fc35
FEDORA-2022-8622ebdebb Packages in this update: vim-8.2.4428-1.fc35 Update description: The newest upstream commit Security fix for CVE-2022-0629 Read More
CVE-2021-24867
Numerous Plugins and Themes from the AccessPress Themes (aka Access Keys) vendor are backdoored due to their website being compromised. Only plugins and themes downloaded...
CVE-2021-24921
The Advanced Database Cleaner WordPress plugin before 3.0.4 does not sanitise and escape $_GET keys and values before outputting them back in attributes, leading to...
CVE-2021-25055
The FeedWordPress plugin before 2022.0123 is affected by a Reflected Cross-Site Scripting (XSS) within the "visibility" parameter. Read More
CVE-2021-25057
The Translation Exchange WordPress plugin through 1.0.14 was vulnerable to Authenticated Stored Cross-Site Scripting (XSS) within the Project Key text field found in the plugin's...
CVE-2021-25058
The Buffer Button WordPress plugin through 1.0 was vulnerable to Authenticated Stored Cross Site Scripting (XSS) within the Twitter username to mention text field. Read...
CVE-2021-25060
The Five Star Business Profile and Schema WordPress plugin before 2.1.7 does not have any authorisation and CSRF in its bpfwp_welcome_add_contact_page and bpfwp_welcome_set_contact_information AJAX action,...