LPE and RCE in RenderDoc: CVE-2023-33865, CVE-2023-33864, CVE-2023-33863
Posted by Qualys Security Advisory via Fulldisclosure on Jun 07 Qualys Security Advisory LPE and RCE in RenderDoc: CVE-2023-33865, CVE-2023-33864, CVE-2023-33863 ======================================================================== Contents ======================================================================== Summary...
CVE-2023-0121
A denial of service issue was discovered in GitLab CE/EE affecting all versions starting from 13.2.4 before 15.10.8, all versions starting from 15.11 before 15.11.7,...
matrix-synapse-1.85.1-1.fc38
FEDORA-2023-e191040276 Packages in this update: matrix-synapse-1.85.1-1.fc38 Update description: Update to v1.85.1 Update to v1.85.0 Fixes CVE-2023-32682, CVE-2023-32683 Update to v1.84.1 Read More
CVE-2021-46889
The 10Web Photo Gallery plugin through 1.5.69 for WordPress allows XSS via theme_id for bwg_frontend_data. NOTE: other parameters are covered by CVE-2021-24291, CVE-2021-25041, and CVE-2021-31693....
CVE-2022-31693
VMware Tools for Windows (12.x.y prior to 12.1.5, 11.x.y and 10.x.y) contains a denial-of-service vulnerability in the VM3DMP driver. A malicious actor with local user...
USN-6145-1: Sysstat vulnerabilities
It was discovered that Sysstat incorrectly handled certain arithmetic multiplications. An attacker could use this issue to cause Sysstat to crash, resulting in a denial...
python3.7-3.7.16-4.fc38
FEDORA-2023-f52390b9d2 Packages in this update: python3.7-3.7.16-4.fc38 Update description: Fix for CVE-2023-24329 Read More
python3.7-3.7.16-2.fc37
FEDORA-2023-dd526ed2e4 Packages in this update: python3.7-3.7.16-2.fc37 Update description: Fix for CVE-2023-24329 Read More
CVE-2020-36705
The Adning Advertising plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the _ning_upload_image function in versions up...
CVE-2020-36728
The Adning Advertising plugin for WordPress is vulnerable to file deletion via path traversal in versions up to, and including, 1.5.5. This allows unauthenticated attackers...