This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Cisco RV340 routers. User interaction is required to exploit this vulnerability in that an administrator must perform a firmware update on the device.

Read More

This vulnerability allows local attackers to escalate privileges on affected installations of Cisco RV340 routers. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Read More

This vulnerability allows network-adjacent attackers to escalate privileges on affected installations of Cisco RV340 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.

Read More

Several vulnerabilities have been discovered in Expat, an XML parsing C
library, which could result in denial of service or potentially the
execution of arbitrary code, if a malformed XML file is processed.

Read More

FEDORA-2022-7ef65e6444

Packages in this update:

vim-8.2.4428-1.fc34

Update description:

Security fix for CVE-2022-0696

Security fix for CVE-2022-0629

Security fix for CVE-2022-0572

Security fixes for CVE-2022-0408, CVE-2022-0413, CVE-2022-0393, CVE-2022-0417, CVE-2022-0443

Read More

Numerous Plugins and Themes from the AccessPress Themes (aka Access Keys) vendor are backdoored due to their website being compromised. Only plugins and themes downloaded via the vendor website are affected, and those hosted on wordpress.org are not. However, all of them were updated or removed to avoid any confusion

Read More

The Advanced Database Cleaner WordPress plugin before 3.0.4 does not sanitise and escape $_GET keys and values before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues

Read More