SiYuan cross-site scripting vulnerabilities

SiYuan is a privacy-oriented personal knowledge management system developed by SiYuan itself. Versions of SiYuan prior to 3.5.4 contained a cross-site scripting vulnerability. This vulnerability stemmed from the /api/icon/getDynamicIcon endpoint’s improper handling of uncleaned SVG inputs, which...

Fedora 40 : vips (2024-791f8d9804)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-791f8d9804 advisory. Automatic update for vips-8.15.1-1.fc40. Changelog Sat Jan 20 2024 Kleis Auke Wolthuizen - 8.15.1-1 - Update to 8.15.1 Resolves: rhbz2098477 Resolves:...