This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
Category Archives: Advisories
CVE-2015-10105
A vulnerability, which was classified as critical, was found in IP Blacklist Cloud Plugin up to 3.42 on WordPress. This affects the function valid_js_identifier of the file ip_blacklist_cloud.php of the component CSV File Import. The manipulation of the argument filename leads to path traversal. It is possible to initiate the attack remotely. Upgrading to version 3.43 is able to address this issue. The name of the patch is 6e6fe8c6fda7cbc252eef083105e08d759c07312. It is recommended to upgrade the affected component. The identifier VDB-227757 was assigned to this vulnerability.
community-mysql-8.0.33-2.fc38
FEDORA-2023-06a49d4fb6
Packages in this update:
community-mysql-8.0.33-2.fc38
Update description:
MySQL 8.0.33
Changelog:
https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-33.html
community-mysql-8.0.33-2.fc37
FEDORA-2023-af03a123b5
Packages in this update:
community-mysql-8.0.33-2.fc37
Update description:
MySQL 8.0.33
Changelog:
https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-33.html
CVE-2015-10104
A vulnerability, which was classified as problematic, has been found in Icons for Features Plugin 1.0.0 on WordPress. Affected by this issue is some unknown functionality of the file classes/class-icons-for-features-admin.php. The manipulation of the argument redirect_url leads to open redirect. The attack may be launched remotely. Upgrading to version 1.0.1 is able to address this issue. The name of the patch is 63124c021ae24b68e56872530df26eb4268ad633. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-227756.
rubygem-redcarpet-3.3.2-26.fc36
FEDORA-2023-597f13ffb9
Packages in this update:
rubygem-redcarpet-3.3.2-26.fc36
Update description:
A security flow was found on redcarpet that escaping html was not properly done even if requested on some cases which may cause XSS vulnerability. This issue is now assigned as CVE-2020-26298. This new rpm should fix this issue.
rubygem-redcarpet-3.3.2-26.fc37
FEDORA-2023-8682a0e17d
Packages in this update:
rubygem-redcarpet-3.3.2-26.fc37
Update description:
A security flow was found on redcarpet that escaping html was not properly done even if requested on some cases which may cause XSS vulnerability. This issue is now assigned as CVE-2020-26298. This new rpm should fix this issue.
rubygem-redcarpet-3.3.2-26.fc38
FEDORA-2023-44daa9c1d4
Packages in this update:
rubygem-redcarpet-3.3.2-26.fc38
Update description:
A security flow was found on redcarpet that escaping html was not properly done even if requested on some cases which may cause XSS vulnerability. This issue is now assigned as CVE-2020-26298. This new rpm should fix this issue.
java-11-openjdk-portable-11.0.19.0.7-2.fc37
FEDORA-2023-0ab3a5423f
Packages in this update:
java-11-openjdk-portable-11.0.19.0.7-2.fc37
Update description:
Updatings portables to ajva April security update, with few enhancements be properly repacked.
DSA-5394 ffmpeg – security update
Several vulnerabilities have been discovered in the FFmpeg multimedia
framework, which could result in denial of service or potentially the
execution of arbitrary code if malformed files/streams are processed.