new packages: console-setup

An update is available for console-setup. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

new packages: realtime-setup

An update is available for realtime-setup. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Lin...

Mayan EDMS multiple cross-site scripting (XSS) vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in apps/common/templates/calculateformtitle.html in Mayan EDMS 0.13 allow remote authenticated users to inject arbitrary web script or HTML via a 1 tag or the 2 title of a source in a Staging folder, 3 Name field in a bootstrap setup, or Title fie...

MODX Revolution Reflected XSS

In MODX Revolution before 2.5.7, an attacker is able to trigger Reflected XSS by injecting payloads into several fields on the setup page, as demonstrated by the databasetype parameter...

postgresql:10 security update

10.19-2 - Add missing files into file section of server package postgresql-setup v8.6 newly provides postgresql-upgrade...

OpenCart 代码问题漏洞

Opencart is an open source e-commerce system by Opencart team. The system provides modules for product reviews, product ratings, and product additions. A security vulnerability exists in the Skyoftech So Listing Tabs module for OpenCart version 2.2.0, which can be exploited by remote attackers to...

IPv6 Network Configuration Implementation with Citrix Virtual Apps & Desktops

...

HCL Technologies HCL Verse Information Disclosure Vulnerability

HCL Technologies HCL Verse is a mobile application from HCL Technologies India that allows access to emails and life plan management.A security vulnerability exists in versions of HCL Technologies HCL Verse for Android prior to version 12.0.9, which stems from a server setup and login process in...

GHSA-R5X3-2446-HRP7 Race Condition in Jenkins

A race condition during Jenkins 2.81 through 2.94 inclusive; 2.89.1 startup could result in the wrong order of execution of commands during initialization. This could in rare cases result in failure to initialize the setup wizard on the first startup. This resulted in multiple security-related...

Server-side Request Forgery (SSRF)

Overview phpmyadmin/phpmyadmin is a web interface for MySQL and MariaDB. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF through the setup script. An attacker can manipulate the server to make unauthorized requests by leveraging a race condition between editin...

CVE-2021-27768

Using the ability to perform a Man-in-the-Middle MITM attack, which indicates a lack of hostname verification, sensitive account information was able to be intercepted. In this specific scenario, the application's network traffic was intercepted using a proxy server set up in 'transparent' mode...

Exploit for Missing Authentication for Critical Function in F5 Big-Ip_Access_Policy_Manager

CVE-2022-1388 F5 BIG-IP iControl REST vulnerability RCE exploi...

HCL Technologies HCL Verse 信任管理问题漏洞

HCL Technologies HCL Verse is a mobile application from HCL Technologies India that allows access to emails and life plan management.A security vulnerability exists in versions of HCL Technologies HCL Verse for Android prior to version 12.0.9, which stems from a server setup and login process in...

gnome-initial-setup bug fix and enhancement update

An update is available for gnome-initial-setup. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rock...

gnome-initial-setup bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

rt-setup bug fix and enhancement update

An update is available for rt-setup. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 8.6...

CVE-2022-28782

Improper access control vulnerability in Contents To Window prior to SMR May-2022 Release 1 allows physical attacker to install package before completion of Setup wizard. The patch blocks entry point of the vulnerability...

CVE-2022-28782

Improper access control vulnerability in Contents To Window prior to SMR May-2022 Release 1 allows physical attacker to install package before completion of Setup wizard. The patch blocks entry point of the vulnerability...

CVE-2022-28782

Improper access control vulnerability in Contents To Window prior to SMR May-2022 Release 1 allows physical attacker to install package before completion of Setup wizard. The patch blocks entry point of the vulnerability...

Improper access control

Improper access control vulnerability in Contents To Window prior to SMR May-2022 Release 1 allows physical attacker to install package before completion of Setup wizard. The patch blocks entry point of the vulnerability...