zarafa-7.1.14-6.el7
FEDORA-EPEL-2023-342b96903b Packages in this update: zarafa-7.1.14-6.el7 Update description: Backported patch from Debian to fix CVE-2022-26562 (#2192126) Read More
golang-github-prometheus-alertmanager-0.23.0-15.fc39
FEDORA-2023-0c6723004f Packages in this update: golang-github-prometheus-alertmanager-0.23.0-15.fc39 Update description: Automatic update for golang-github-prometheus-alertmanager-0.23.0-15.fc39. Changelog * Sat Apr 29 2023 Sérgio M. Basto <sergio@serjux.com> - 0.23.0-15 -...
CVE-2020-21643
Cross Site Scripting (XSS) vulnerability in HongCMS 3.0 allows attackers to run arbitrary code via the callback parameter to /ajax/myshop. Read More
CVE-2020-23647
Cross Site Scripting (XSS) vulnerability in BoxBilling 4.19, 4.19.1, 4.20, and 4.21 allows remote attackers to run arbitrary code via the message field on the...
CVE-2022-31643
A potential security vulnerability has been identified in the system BIOS for certain HP PC products which may allow loss of integrity. HP is releasing...
USN-6049-1: Netty vulnerabilities
It was discovered that Netty's Zlib decoders did not limit memory allocations. A remote attacker could possibly use this issue to cause Netty to exhaust...
cloud-init-23.1.2-1.fc38
FEDORA-2023-c17dde4052 Packages in this update: cloud-init-23.1.2-1.fc38 Update description: Update to 23.1.2 and fix CVE-2023-1786 Read More
USN-6037-1: Apache Commons Net vulnerability
ZeddYu Lu discovered that the FTP client from Apache Commons Net trusted the host from PASV responses by default. A remote attacker with a malicious...
USN-6048-1: ZenLib vulnerability
It was discovered that ZenLib doesn't check the return value of a specific operation before using it. An attacker could use a specially crafted input...
Piwigo – CVE-2023-26876
Posted by Rodolfo Tavares via Fulldisclosure on Apr 28 =====[ Tempest Security Intelligence - ADV-03/2023 ]========================== Piwigo - Version 13.5.0 Author: Rodolfo Tavares Tempest Security...