A reflected XSS via POST vulnerability in report scheduler of Sophos Web Appliance versions older than 4.3.10.4 allows execution of JavaScript code in the victim browser via a malicious form that must be manually submitted by the victim while logged in to SWA.
Category Archives: Advisories
USN-5995-1: Vim vulnerabilities
It was discovered that Vim incorrectly handled memory when opening certain
files. If an attacker could trick a user into opening a specially crafted
file, it could cause Vim to crash, or possible execute arbitrary code. This
issue only affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS,
and Ubuntu 22.04 LTS. (CVE-2022-0413, CVE-2022-1629, CVE-2022-1674,
CVE-2022-1733, CVE-2022-1735, CVE-2022-1785, CVE-2022-1796, CVE-2022-1851,
CVE-2022-1898, CVE-2022-1942, CVE-2022-1968, CVE-2022-2124, CVE-2022-2125,
CVE-2022-2126, CVE-2022-2129, CVE-2022-2175, CVE-2022-2183, CVE-2022-2206,
CVE-2022-2304, CVE-2022-2345, CVE-2022-2581)
It was discovered that Vim incorrectly handled memory when opening certain
files. If an attacker could trick a user into opening a specially crafted
file, it could cause Vim to crash, or possible execute arbitrary code. This
issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04
LTS. (CVE-2022-1720, CVE-2022-2571, CVE-2022-2845, CVE-2022-2849,
CVE-2022-2923)
It was discovered that Vim incorrectly handled memory when opening certain
files. If an attacker could trick a user into opening a specially crafted
file, it could cause Vim to crash, or possible execute arbitrary code. This
issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-1927,
CVE-2022-2344)
It was discovered that Vim incorrectly handled memory when opening certain
files. If an attacker could trick a user into opening a specially crafted
file, it could cause Vim to crash, or possible execute arbitrary code. This
issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS,
and Ubuntu 22.10. (CVE-2022-2946)
It was discovered that Vim incorrectly handled memory when opening certain
files. If an attacker could trick a user into opening a specially crafted
file, it could cause Vim to crash, or possible execute arbitrary code. This
issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10.
(CVE-2022-2980)
Multiple Vulnerabilities in Google Android OS Could Allow for Remote Code Execution
Multiple vulnerabilities have been discovered in Google Android OS, the most severe of which could allow for remote code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for privilege escalation. Depending on the privileges associated with the exploited component, an attacker could then install programs; view, change, or delete data; or create new accounts with full rights.
netatalk-3.1.14-3.el7
FEDORA-EPEL-2023-237e339dd2
Packages in this update:
netatalk-3.1.14-3.el7
Update description:
Security fix for CVE-2022-45188
netatalk-3.1.14-3.el8
FEDORA-EPEL-2023-711f25dbbf
Packages in this update:
netatalk-3.1.14-3.el8
Update description:
Security fix for CVE-2022-45188
netatalk-3.1.14-3.el9
FEDORA-EPEL-2023-911b83cb42
Packages in this update:
netatalk-3.1.14-3.el9
Update description:
Security fix for CVE-2022-45188
netatalk-3.1.14-3.fc36
FEDORA-2023-e714897e70
Packages in this update:
netatalk-3.1.14-3.fc36
Update description:
Security fix for CVE-2022-45188
netatalk-3.1.14-3.fc37
FEDORA-2023-aaeb45fb73
Packages in this update:
netatalk-3.1.14-3.fc37
Update description:
Security fix for CVE-2022-45188
netatalk-3.1.14-3.fc38
FEDORA-2023-599faf1b1c
Packages in this update:
netatalk-3.1.14-3.fc38
Update description:
Security fix for CVE-2022-45188
php-Smarty-3.1.48-1.fc37
FEDORA-2023-4b03f6cd8a
Packages in this update:
php-Smarty-3.1.48-1.fc37
Update description:
[3.1.48] – 2023-03-28
Security
Fixed Cross site scripting vulnerability in Javascript escaping. This addresses CVE-2023-28447.
Fixed
Output buffer is now cleaned for internal PHP errors as well, not just for Exceptions #514