CVE-2020-5297

In OctoberCMS october/october composer package versions from 1.0.319 and before 1.0.466, an attacker can exploit this vulnerability to upload jpg, jpeg, bmp, png, webp, gif, ico, css, js, woff, woff2, svg, ttf, eot, json, md, less, sass, scss, xml files to any directory of an October CMS server...

CVE-2022-28789

Unprotected activities in Voice Note prior to version 21.3.51.11 allows attackers to record voice without user interaction. The patch adds proper permission for vulnerable activities...

CVE-2022-28789

Voice Note (Samsung) vulnerabilities exist in versions before 21.3.51.11 due to unprotected activities that let an attacker record audio without user interaction. Root cause is missing permission restrictions for vulnerable activities. Impact is local: an attacker on the device could capture voic...

mod_nss security, bug fix, and enhancement update

1.0.14-7 - Add the permission patch to the repository 1312583 1.0.14-6 - Check the NSS certificate database directory for read permissions by the Apache user. 1312583 1.0.14-5 - Update clean semaphore patch to not free the pinList twice. 1364560 1.0.14-4 - Update clean semaphore patch to not clos...