USN-5566-1: Linux kernel vulnerabilities

Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

USN-5560-1: Linux kernel vulnerabilities

Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

CVE-2022-36197

BigTree CMS 4.4.16 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted PDF file...

Ubuntu: Security Advisory (USN-5544-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-35223 EasyUse MailHunter Ultimate - Deserialization of Untrusted Data

EasyUse MailHunter Ultimate’s cookie deserialization function has an inadequate validation vulnerability. Deserializing a cookie containing malicious payload will trigger this insecure deserialization vulnerability, allowing an unauthenticated remote attacker to execute arbitrary code, manipulate...

CVE-2022-34613

Mealie 1.0.0beta3 contains an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file...

CVE-2022-34613

Mealie 1.0.0beta3 contains an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file...

Foxit PDF Reader < 12.0.1 Multiple Vulnerabilities

According to its version, the Foxit PDF Reader application previously named Foxit Reader installed on the remote Windows host is prior to 12.0.1. It is, therefore affected by multiple vulnerabilities: - Foxit PDF Reader before 12.0.1 and PDF Editor before 12.0.1 allow a this.maildoc NULL pointer...

KLA12594 Multiple vulnerabilities in Mozilla Firefox

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code, cause denial of service, obtain sensitive information, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Security ...

Security Bulletin: Multiple Vulnerabilities in Expat component shipped with IBM Rational ClearCase ( CVE-2022-23852, CVE-2022-23990, CVE-2022-25235, CVE-2022-25315 )

Summary libexpat is a stream-oriented XML parser library used by IBM Rational ClearCase. IBM Rational ClearCase has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-23852 DESCRIPTION: Expat aka libexpat could allow a remote attacker to execute arbitrary code on the system, caus...

Input validation

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of...

CVE-2022-20877

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of...

Inductive Automation Ignition Code Issue Vulnerability

Inductive Automation Ignition is a comprehensive platform for industrial automation that provides scalable solutions for monitoring, control, data collection, and analytics.Ignition was developed by Inductive Automation to help users build and deploy automation systems that meet the specific need...

Security Bulletin: Multiple vulnerabilities have been identified in IBM WebSphere Application Liberty profile shipped with IBM Robotic Process Automation

Summary WebSphere Application Server Liberty profile is shipped as a component of IBM Robotic Process Automation. Information about security vulnerabilities affecting IBM WebSphere Application Server Liberty profile have been published in a security bulletin. Vulnerability Details...

CVE-2022-34873

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

Ubuntu: Security Advisory (USN-5517-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GHSA-6W2F-6WQ3-RJVF RuoYi 4.7.3 vulnerable to arbitrary file upload in background management module

An arbitrary file upload vulnerability in the background management module of RuoYi v4.7.3 and below allows attackers to execute arbitrary code via a crafted HTML file...

CVE-2022-32065

An arbitrary file upload vulnerability in the background management module of RuoYi v4.7.3 and below allows attackers to execute arbitrary code via a crafted HTML file...

Design/Logic Flaw

An arbitrary file upload vulnerability in the background management module of RuoYi v4.7.3 and below allows attackers to execute arbitrary code via a crafted HTML file...

USN-5510-2: X.Org X Server vulnerabilities

USN-5510-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain inputs. An attacker could use this issue to cause the server to crash,...