Remote Code Execution in Kardex MLOG
Posted by Patrick Hener on Feb 16 Remote Code Execution in Kardex MLOG ======================================================================= Product: Kardex Mlog MCC Vendor: Kardex Holding AG Tested Version: 5.7.12+0-a203c2a213-master...
DSA-5353 nss – security update
Christian Holler discovered that incorrect handling of PKCS 12 Safe Bag attributes in nss, the Mozilla Network Security Service library, may result in execution of...
DSA-5352 wpewebkit – security update
The following vulnerabilities have been discovered in the WPE WebKit web engine: Read More
DSA-5351 webkit2gtk – security update
The following vulnerabilities have been discovered in the WebKitGTK web engine: Read More
CVE-2019-17003
Scanning a QR code that contained a javascript: URL would have resulted in the Javascript being executed. Read More
CVE-2020-12413
The Raccoon attack is a timing attack on DHE ciphersuites inherit in the TLS specification. To mitigate this vulnerability, Firefox disabled support for DHE ciphersuites....
CVE-2020-6817
bleach.clean behavior parsing style attributes could result in a regular expression denial of service (ReDoS). Calls to bleach.clean with an allowed tag with an allowed...
CVE-2021-23980
A mutation XSS affects users calling bleach.clean with all of: svg or math in the allowed tags p or br in allowed tags style, title,...
CVE-2021-0187
Improper access control in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local...
haproxy-2.4.22-2.fc36
FEDORA-2023-7e04833463 Packages in this update: haproxy-2.4.22-2.fc36 Update description: Security fix for CVE-2023-0056, CVE-2023-25725 Read More