Read Time:7 Second
FEDORA-EPEL-2023-d9256ecd7c
Packages in this update:
zchunk-1.3.1-1.el7
Update description:
Fix several low severity security bugs.
Category Archives: Advisories
zchunk-1.3.1-1.fc36
Read Time:6 Second
FEDORA-2023-b41b7b1f37
Packages in this update:
zchunk-1.3.1-1.fc36
Update description:
Fix several low severity security bugs.
flatpak-runtime-f38-3820230402170524.1 flatpak-sdk-f38-3820230402170524.1
Read Time:10 Second
FEDORA-FLATPAK-2023-6d525e3a34
Packages in this update:
flatpak-runtime-f38-3820230402170524.1
flatpak-sdk-f38-3820230402170524.1
Update description:
Updated flatpak runtime and SDK, including latest Fedora 38 security and bug-fix errata.
USN-5997-1: IPMItool vulnerability
Read Time:10 Second
It was discovered that IPMItool was not properly checking the data received
from a remote LAN party. A remote attacker could possibly use this issue to
to cause a crash or arbitrary code execution.
FedEx Ship Manager (FSM) v3704 Insecure Use of .NET Remoting
Read Time:23 Second
Posted by Harrison Neal on Apr 04
Vulnerable Software Download URL:
https://www.fedex.com/en-us/shipping/ship-manager/software.html#tab-4
FSM 3704 (and some earlier versions) use .NET Remoting in a way that can
lead to unauthenticated remote code execution attacks as SYSTEM. Tools that
can successfully attack affected services are freely available.
Administrators should block or otherwise limit access to TCP ports opened
by services installed by this software wherever possible.
CVE-2020-19277
Read Time:9 Second
Cross Site Scripting vulnerability found in Phachon mm-wiki v.0.1.2 allows a remote attacker to execute arbitrary code via javascript code in the markdown editor.
CVE-2020-19278
Read Time:9 Second
Cross Site Request Forgery vulnerability found in Phachon mm-wiki v.0.1.2 allows a remote attacker to execute arbitrary code via the system/user/save parameter.
CVE-2020-19279
Read Time:5 Second
Directory Traversal vulnerability found in B3log Wide allows a an attacker to escalate privileges via symbolic links.
CVE-2020-19692
Read Time:9 Second
Buffer Overflow vulnerabilty found in Nginx NJS v.0feca92 allows a remote attacker to execute arbitrary code via the njs_module_read in the njs_module.c file.
CVE-2020-19693
Read Time:8 Second
An issue found in Espruino Espruino 6ea4c0a allows an attacker to execute arbitrrary code via oldFunc parameter of the jswrap_object.c:jswrap_function_replacewith endpoint.