A cleartext transmission vulnerability exists in the Remote Management functionality of Netgear Orbi Router RBR750 4.6.8.5. A specially-crafted man-in-the-middle attack can lead to a disclosure of sensitive information.
Category Archives: Advisories
CVE-2018-25082
A vulnerability was found in zwczou WeChat SDK Python 0.3.0 and classified as critical. This issue affects the function validate/to_xml. The manipulation leads to xml external entity reference. The attack may be initiated remotely. Upgrading to version 0.5.5 is able to address this issue. The name of the patch is e54abadc777715b6dcb545c13214d1dea63df6c9. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-223403.
CVE-2022-36429
A command execution vulnerability exists in the ubus backend communications functionality of Netgear Orbi Satellite RBS750 4.6.8.5. A specially-crafted JSON object can lead to arbitrary command execution. An attacker can send a sequence of malicious packets to trigger this vulnerability.
xen-4.17.0-8.fc38
FEDORA-2023-703f133eb3
Packages in this update:
xen-4.17.0-8.fc38
Update description:
3 security issues (#2180425)
x86 shadow plus log-dirty mode use-after-free [XSA-427, CVE-2022-42332]
x86/HVM pinned cache attributes mis-handling [XSA-428, CVE-2022-42333,
CVE-2022-42334]
x86: speculative vulnerability in 32bit SYSCALL path [XSA-429,
CVE-2022-42331]
moodle-3.11.13-1.fc36
FEDORA-2023-d9c13996b2
Packages in this update:
moodle-3.11.13-1.fc36
Update description:
Fixes for multiple CVEs.
yarnpkg-1.22.19-5.fc37
FEDORA-2023-86d75130fe
Packages in this update:
yarnpkg-1.22.19-5.fc37
Update description:
Apply fix for CVE-2022-37603.
yarnpkg-1.22.19-5.fc38
FEDORA-2023-2e38c3756f
Packages in this update:
yarnpkg-1.22.19-5.fc38
Update description:
Apply fix for CVE-2022-37603.
yarnpkg-1.22.19-5.fc36
FEDORA-2023-a4f0b29f6c
Packages in this update:
yarnpkg-1.22.19-5.fc36
Update description:
Apply fix for CVE-2022-37603.
tar-1.34-8.fc38
FEDORA-2023-f72d3caf36
Packages in this update:
tar-1.34-8.fc38
Update description:
Fix for CVE-2022-48303
tar-1.34-6.fc37
FEDORA-2023-123778d70d
Packages in this update:
tar-1.34-6.fc37
Update description:
Fix for CVE-2022-48303