Important: redis6

Issue Overview: Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to manipulate the garbage collector and potentially lead to remote code execution. The problem is fixed in 7.4.2, 7.2.7, and 6.2.17. An additional...

PT-2022-23853 · Msys2 · Msys2

Name of the Vulnerable Software and Affected Versions: Msys2 versions v20220603 and below Description: The issue is related to incorrect access control in the install directory of Msys2, specifically C:msys64, which allows authenticated attackers to execute arbitrary code by overwriting binaries...

PT-2018-10108 · Cksource +1 · Ckeditor +1

Name of the Vulnerable Software and Affected Versions: Liferay versions 6.2.x and earlier Description: The issue concerns an FCKeditor configuration that may allow an attacker to upload or transfer files of potentially dangerous types. These files can be automatically processed within the product...

jre7-openjdk: multiple issues

CVE-2015-4734 information disclosure It was discovered that the JGSS component of OpenJDK did not properly hide Kerberos realm information from all error exceptions when running under Security Manager. An untrusted Java application or applet could use this flaw to obtain certain information about...