8175 matches found
Ubuntu: Security Advisory (USN-6480-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
dotnet: ASP.NET Security Feature Bypass Vulnerability in Blazor forms
A security feature bypass vulnerability was found in Blazor forms in ASP.NET in the .NET package...
dotnet: ASP.NET Security Feature Bypass Vulnerability in Blazor forms
A security feature bypass vulnerability was found in Blazor forms in ASP.NET in the .NET package...
dotnet: ASP.NET Security Feature Bypass Vulnerability in Blazor forms
A security feature bypass vulnerability was found in Blazor forms in ASP.NET in the .NET package...
dotnet: ASP.NET Security Feature Bypass Vulnerability in Blazor forms
A security feature bypass vulnerability was found in Blazor forms in ASP.NET in the .NET package...
Moderate: Red Hat Security Advisory: dotnet6.0 security update
An update for dotnet6.0 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
dotnet: ASP.NET Security Feature Bypass Vulnerability in Blazor forms
A security feature bypass vulnerability was found in Blazor forms in ASP.NET in the .NET package...
dotnet: ASP.NET Security Feature Bypass Vulnerability in Blazor forms
A security feature bypass vulnerability was found in Blazor forms in ASP.NET in the .NET package...
dotnet: ASP.NET Security Feature Bypass Vulnerability in Blazor forms
A security feature bypass vulnerability was found in Blazor forms in ASP.NET in the .NET package...
CVE-2023-36558
A security feature bypass vulnerability was found in Blazor forms in ASP.NET in the .NET package. Mitigation Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability t...
Remote Code Execution (RCE)
statamic/cms is vulnerable to Remote Code Execution RCE. This vulnerability impacts both front-end forms employing the Forms feature and asset upload fields in the control panel. Malicious actors can exploit this loophole to introduce and execute arbitrary code via uploading image files...
Moderate: dotnet7.0 security update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.114 and .NET Runtime 7.0.14...
Moderate: dotnet8.0 security update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Security Fixes: dotnet: Arbitrary File Write and Deletion Vulnerability: FormatFtpCommand CVE-2023-36049 dotnet: ASP.NET Security Feature Bypass...
ALSA-2023:7253 Moderate: dotnet8.0 security update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Security Fixes: dotnet: Arbitrary File Write and Deletion Vulnerability: FormatFtpCommand CVE-2023-36049 dotnet: ASP.NET Security Feature Bypass...
ALSA-2023:7258 Moderate: dotnet6.0 security update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.125 and .NET Runtime 6.0.25...
Statamic CMS vulnerable to remote code execution via form uploads
Impact Similar to another advisory, certain additional PHP files crafted to look like images may be uploaded regardless of mime type validation rules. This affects front-end forms using the "Forms" feature, and asset upload fields in the control panel. Patches It has been patched in 3.4.14 and...
CVE-2023-48217
Statamic is a flat-first, Laravel + Git powered CMS designed for building websites. In affected versions certain additional PHP files crafted to look like images may be uploaded regardless of mime type validation rules. This affects front-end forms using the "Forms" feature, and asset upload fiel...
CVE-2023-48217 Remote code execution via form uploads in statamic/cms
Statamic is a flat-first, Laravel + Git powered CMS designed for building websites. In affected versions certain additional PHP files crafted to look like images may be uploaded regardless of mime type validation rules. This affects front-end forms using the "Forms" feature, and asset upload fiel...
CVE-2023-48217 Remote code execution via form uploads in statamic/cms
Statamic is a flat-first, Laravel + Git powered CMS designed for building websites. In affected versions certain additional PHP files crafted to look like images may be uploaded regardless of mime type validation rules. This affects front-end forms using the "Forms" feature, and asset upload fiel...
CVE-2023-47545
Auth. editor+ Stored Cross-Site Scripting XSS vulnerability in Fatcat Apps Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin = 2.5.4 versions...