Posted by Egidio Romano on Jul 16

——————————————————————————-
XenForo <= 2.2.15 (Widget::actionSave) Cross-Site Request Forgery Vulnerability
——————————————————————————-

[-] Software Link:

https://xenforo.com

[-] Affected Versions:

Version 2.2.15 and prior versions.

[-] Vulnerability Description:

The XFAdminControllerWidget::actionSave() method, defined into the…

Read More

Post Content

Read More

FEDORA-2024-f78a099dd4

Packages in this update:

ghostscript-10.02.1-6.fc39

Update description:

Security fixes for CVE-2024-29509, CVE-2024-29508, CVE-2024-29507, CVE-2024-29506

Read More

FEDORA-EPEL-2024-dc9d6cf8f9

Packages in this update:

exim-4.98-1.el8

Update description:

This is new version of exim fixing CVE-2024-39929.

Read More

FEDORA-2024-baca8bae00

Packages in this update:

ghostscript-10.02.1-11.fc40

Update description:

Security fixes for CVE-2024-29509, CVE-2024-29508, CVE-2024-29507, CVE-2024-29506

Read More

FEDORA-EPEL-2024-14fca0a0a6

Packages in this update:

exim-4.98-1.el9

Update description:

This is new version of exim fixing CVE-2024-39929.

Read More

FEDORA-2024-87a7b3f47a

Packages in this update:

exim-4.98-1.fc39

Update description:

This is new version of exim fixing CVE-2024-39929.

Read More

FEDORA-2024-55603127f3

Packages in this update:

exim-4.98-1.fc40

Update description:

This is new version of exim fixing CVE-2024-39929.

Read More

FEDORA-2024-145e88df1c

Packages in this update:

gtk3-3.24.43-1.fc40

Update description:

Update to 3.24.43

Read More

It was discovered that GTK would attempt to load modules from the current
directory, contrary to expectations. If users started GTK applications from
shared directories, a local attacker could use this issue to execute
arbitrary code, and possibly escalate privileges.

Read More