3242 matches found
Moderate: Red Hat Security Advisory: buildah security update
An update for buildah is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Important: Red Hat Security Advisory: thunderbird security update
An update for thunderbird is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...
Important: Red Hat Security Advisory: freetype security update
An update for freetype is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...
phpMyAdmin CSV Injection Vulnerability
phpMyAdmin is a free, web-based MySQL database management tool from the phpMyAdmin team. The tool is capable of creating and deleting databases, creating, deleting, and modifying database tables, executing SQL script commands, and more. A CSV injection vulnerability exists in phpMyAdmin 5.0.2 and...
CVE-2020-22278
phpMyAdmin through 5.0.2 allows CSV injection via Export Section. NOTE: the vendor disputes this because "the CSV file is accurately generated based on the database contents...
Design/Logic Flaw
phpMyAdmin through 5.0.2 allows CSV injection via Export Section. NOTE: the vendor disputes this because "the CSV file is accurately generated based on the database contents...
UBUNTU-CVE-2020-22278
DISPUTED phpMyAdmin through 5.0.2 allows CSV injection via Export Section. NOTE: the vendor disputes this because "the CSV file is accurately generated based on the database contents."...
CVE-2020-22278
Summary (CVE-2020-22278): phpMyAdmin up to 5.0.2 is listed as vulnerable to a CSV injection via the Export feature. The description notes the vendor disputes this claim by stating that the CSV is generated from database contents (i.e., the data itself, not the export process, is called out). The ...
Important: Red Hat Security Advisory: kernel-rt security update
An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
Stripo Inc: Stored XSS at Template Editor in "Section Name" Field of Block element 'Accordion'.
Summary: Hi Team, There is "Stored XSS" in Template Editor. When creating Accordion, "Section Name" field does not properly sanitize the input provided by the User leading to Stored XSS. See the Proof Of Concept below. Thank You. Steps To Reproduce: A. Open Template Editor and insert element...
cloud-utils-growpart bug fix and enhancement update
An update is available for cloud-utils-growpart. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Roc...
langtable bug fix and enhancement update
An update is available for langtable. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Enterpri...
container-tools:1.0 bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
new module: perl:5.30
An update is available for perl-Pod-Perldoc, perl-DBI, perl-Pod-Escapes, perl-Devel-PPPort, perl-Pod-Usage, perl-Sub-Exporter, perl-perlfaq, perl-Object-HashBase, perl-CPAN-Meta-YAML, perl-Digest, perl-podlators, perl-bignum, perl-Text-ParseWords, perl-Text-Template, perl-DBD-MySQL, perl-Text-Glo...
python-dasbus bug fix and enhancement update
An update is available for python-dasbus. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...
hyperv-daemons bug fix and enhancement update
The hyperv-daemons packages provide a suite of daemons that are needed when a AlmaLinux guest is running on Microsoft Hyper-V. The following daemons are included: - hypervkvpd, the guest Hyper-V Key-Value Pair KVP daemon - hypervvssd, the implementation of Hyper-V VSS functionality - hypervfcopyd...
mokutil bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
kabi-dw bug fix and enhancement update
An update is available for kabi-dw. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Enterprise...
logrotate bug fix and enhancement update
An update is available for logrotate. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Enterpri...
Moderate: libxslt security update
libxslt is a library for transforming XML files into other textual formats including HTML, plain text, and other XML representations of the underlying data using the standard XSLT stylesheet transformation mechanism. Security Fixes: libxslt: xsltCheckRead and xsltCheckWrite routines security bypa...