DLA-3159-1 libbluray - bugfix update

Bulletin has no description...

SUSE-SU-2022:3655-1 Security update for buildah

This update for buildah fixes the following issues: Buildah was updated to version 1.27.1: - CVE-2021-20206: Fixed an issue in libcni that could allow an attacker to execute arbitrary binaries on the host bsc1181961. - CVE-2020-10696: Fixed an issue that could lead to files being overwritten duri...

IPFire WebUI vulnerable to cross-site scripting

Overview The web user interface of IPFire provided by IPFire Project contains multiple stored cross-site scripting vulnerabilities CWE-79. This analysis assumes a scenario where one administrative user prepares malicious content, and then another administrative user accesses this content, resulti...

SUSE-SU-2022:3516-1 Security update for nodejs14

This update for nodejs14 fixes the following issues: Updated to version 14.20.1: - CVE-2022-32213: Fixed bypass via obs-fold mechanic bsc1201325. - CVE-2022-35256: Fixed incorrect Parsing of Header Fields bsc1203832...

WordPress WP ALL Export Pro plugin <= 1.7.8 - Authenticated Code Injection vulnerability

Authenticated Code Injection vulnerability discovered by Sanjay Das in WordPress WP ALL Export Pro plugin versions = 1.7.8. Solution Update the WordPress WP ALL Export Pro plugin to the latest available version at least 1.7.9...

DLA-3130-1 tinyxml - security update

Bulletin has no description...

WordPress Quiz And Survey Master plugin <= 7.3.4 - Insecure direct object references (IDOR) vulnerability

Insecure direct object references IDOR vulnerability leading to Changing of Quiz Content discovered by Ngo Van Thien Patchstack Alliance in WordPress Quiz And Survey Master plugin versions = 7.3.4. Solution Update the WordPress Quiz And Survey Master plugin to the latest available version at leas...

PT-2022-22595 · Unknown · Dgiot Lightweight Industrial Iot

Name of the Vulnerable Software and Affected Versions: DGIOT Lightweight industrial IoT version 4.5.4 Description: The issue concerns multiple cross-site scripting XSS vulnerabilities. XSS is a type of security vulnerability that allows an attacker to inject malicious scripts into a website,...

DLA-3124-1 webkit2gtk - security update

Bulletin has no description...

PT-2022-33354 · Habana · Habanalabs/Gaudi

Name of the Vulnerable Software and Affected Versions: habanalabs/gaudi versions prior to v5.19.4 Description: The issue is related to a shift out of bounds. The actual impact and attack plausibility have not yet been proven. Recommendations: For habanalabs/gaudi versions prior to v5.19.4, update...

DSA-5223-1 chromium - security update

Bulletin has no description...

DLA-3088-1 net-snmp - security update

Bulletin has no description...

DSA-5219-1 webkit2gtk - security update

Bulletin has no description...

PT-2022-23859 · 72Crm · 72Crm

Name of the Vulnerable Software and Affected Versions: 72crm version 9.0 Description: The issue is related to an Arbitrary file upload vulnerability. Recommendations: For 72crm version 9.0, update to a version that contains a fix for this issue...

DSA-5205-1 samba - security update

Bulletin has no description...

DLA-3071-1 libtirpc - security update

Bulletin has no description...

DSA-5201-1 chromium - security update

Bulletin has no description...

DLA-3068-1 xorg-server - security update

Bulletin has no description...

Multiple vulnerabilities in untangle

Overview untangle provided by Christian Stefanescu is a Python library for processing XML documents. untangle contains multiple vulnerabilities listed below. Improper Restriction of Recursive Entity References in DTDs CWE-776 - CVE-2022-33977 Improper Restriction of XML External Entity Reference...

DSA-5189-1 gsasl - security update

Bulletin has no description...