[SECURITY] Fedora 37 Update: nextcloud-25.0.1-1.fc37
NextCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devi ...
Continue Reading
December 09, 2022
Denial Of Service (DOS)
github.com/mattermost/mattermost-server is vulnerable to denial of service. The vulnerability exists in `user_store.go` because it will send multiple requests to one of the api endpoints which could f ...
Continue Reading
November 30, 2022
CVE-2022-41676
Raiden MAILD Mail Server website mail field has insufficient filtering for user input. A remote attacker with general user privilege can send email using the website with malicious JavaScript in the i ...
Continue Reading
November 28, 2022
CVE-2022-32966
RTL8168FP-CG Dash remote management function has missing authorization. An unauthenticated attacker within the adjacent network can connect to DASH service port to disrupt service.Read More ...
Continue Reading
November 28, 2022
Denial Of Service (DoS)
rh-mysql80-mysql is vulnerable to denial of service. The vulnerability exists in the `C API` component, allowing an attacker to cause an application crash though the multiple protocolsRead More ...
Continue Reading
November 25, 2022
Security Bulletin: A vulnerability in IBM Java Runtime affects IBM ILOG CPLEX Optimization Studio (CVE-2021-28167)
## Summary There is a vulnerability in IBM® Runtime Environment Java⢠Version 8 used by IBM CPLEX Optimization Studio. IBM CPLEX Optimization Studio has addressed the applicable CVE. ## Vulner ...
Continue Reading
November 24, 2022
CVE-2022-40976
A path traversal vulnerability was discovered in multiple Pilz products. An unauthenticated local attacker could use a zipped, malicious configuration file to trigger arbitrary file writes ('zip-slip' ...
Continue Reading
November 24, 2022
Security Bulletin: Vulnerability in IBM Java SDK affects Cloud Pak System [CVE-2021-28167]
## Summary Vulnerability in IBM Java SDK affects OS Image for Red Hat Linux Systems shipped with Cloud Pak System. Cloud Pak System has addressed vulnerability. [CVE-2021-28167] ## Vulnerability Detai ...
Continue Reading
November 23, 2022
Concrete CMS vulnerable to Session Fixation
Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 does not issue a new session ID upon successful OAuth authentication. Remediate by updating to Concrete CMS 9.1.3+ or 8.5.10+ ...
Continue Reading
November 21, 2022
Concrete CMS vulnerable to Session Fixation
Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 does not issue a new session ID upon successful OAuth authentication. Remediate by updating to Concrete CMS 9.1.3+ or 8.5.10+ ...
Continue Reading
November 21, 2022
