Skip to Content

Security Advisories Notices Update on August 16, 2022

CISA Known Exploted Vulnerabilities

Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability CVE-2022-34713
RARLAB UnRAR Directory Traversal Vulnerability CVE-2022-30333
Zimbra Collaboration (ZCS) Arbitrary File Upload Vulnerability CVE-2022-27925
Zimbra Collaboration (ZCS) Authentication Bypass Vulnerability CVE-2022-37042

Microsoft Security

Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability
Windows Bluetooth Service Remote Code Execution Vulnerability
Azure RTOS GUIX Studio Remote Code Execution Vulnerability
Azure RTOS GUIX Studio Remote Code Execution Vulnerability
Windows WebBrowser Control Remote Code Execution Vulnerability
Windows Kernel Information Disclosure Vulnerability
System Center Operations Manager: Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability
Azure Batch Node Agent Elevation of Privilege Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
Windows Partition Management Driver Elevation of Privilege Vulnerability
Azure RTOS GUIX Studio Information Disclosure Vulnerability
Azure RTOS GUIX Studio Information Disclosure Vulnerability
Azure RTOS GUIX Studio Remote Code Execution Vulnerability
Active Directory Domain Services Elevation of Privilege Vulnerability
Windows Hyper-V Remote Code Execution Vulnerability
Windows Win32k Elevation of Privilege Vulnerability
Windows Partition Management Driver Elevation of Privilege Vulnerability
Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
Windows Kernel Information Disclosure Vulnerability
Windows Defender Credential Guard Security Feature Bypass Vulnerability
Windows Defender Credential Guard Information Disclosure Vulnerability
Windows Defender Credential Guard Information Disclosure Vulnerability
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
Windows Network File System Remote Code Execution Vulnerability
Microsoft Outlook Denial of Service Vulnerability
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
Windows Digital Media Receiver Elevation of Privilege Vulnerability
Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability
HTTP.sys Denial of Service Vulnerability
Windows Digital Media Receiver Elevation of Privilege Vulnerability
Win32k Elevation of Privilege Vulnerability
Windows Hyper-V Elevation of Privilege Vulnerability
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
Unified Write Filter Elevation of Privilege Vulnerability
Windows Print Spooler Elevation of Privilege Vulnerability
Windows Kerberos Elevation of Privilege Vulnerability
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
Windows Kernel Memory Information Disclosure Vulnerability
Windows Local Security Authority (LSA) Denial of Service Vulnerability
Microsoft ATA Port Driver Elevation of Privilege Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
Storage Spaces Direct Elevation of Privilege Vulnerability
Storage Spaces Direct Elevation of Privilege Vulnerability
Storage Spaces Direct Elevation of Privilege Vulnerability
Storage Spaces Direct Elevation of Privilege Vulnerability
Storage Spaces Direct Elevation of Privilege Vulnerability
Azure RTOS GUIX Studio Remote Code Execution Vulnerability
CERT/CC: CVE-20220-34303 Crypto Pro Boot Loader Bypass
CERT/CC: CVE-2022-34301 Eurosoft Boot Loader Bypass
Azure Site Recovery Denial of Service Vulnerability
Azure Site Recovery Elevation of Privilege Vulnerability
SMB Client and Server Remote Code Execution Vulnerability
Azure Site Recovery Elevation of Privilege Vulnerability
Azure Site Recovery Elevation of Privilege Vulnerability
Microsoft Exchange Information Disclosure Vulnerability
Microsoft Exchange Server Elevation of Privilege Vulnerability
Microsoft Exchange Server Elevation of Privilege Vulnerability
Microsoft Exchange Server Elevation of Privilege Vulnerability
Microsoft Exchange Information Disclosure Vulnerability
CERT/CC: CVE-2022-34302 New Horizon Data Systems Inc Boot Loader Bypass
Microsoft Excel Security Feature Bypass Vulnerability
Windows Fax Service Elevation of Privilege Vulnerability
Microsoft Exchange Information Disclosure Vulnerability
Windows Secure Socket Tunneling Protocol (SSTP) Denial of Service Vulnerability
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
Windows Defender Credential Guard Information Disclosure Vulnerability
Windows Defender Credential Guard Elevation of Privilege Vulnerability
.NET Spoofing Vulnerability
Microsoft Office Remote Code Execution Vulnerability
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
Windows Print Spooler Elevation of Privilege Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability
Windows Error Reporting Service Elevation of Privilege Vulnerability
Windows Defender Credential Guard Elevation of Privilege Vulnerability
Windows Hello Security Feature Bypass Vulnerability
Azure Site Recovery Remote Code Execution Vulnerability
Azure Site Recovery Elevation of Privilege Vulnerability
Azure Site Recovery Elevation of Privilege Vulnerability
Azure Site Recovery Elevation of Privilege Vulnerability
Azure Site Recovery Elevation of Privilege Vulnerability
Azure Site Recovery Elevation of Privilege Vulnerability
Visual Studio Remote Code Execution Vulnerability
Azure RTOS GUIX Studio Remote Code Execution Vulnerability
Azure RTOS GUIX Studio Remote Code Execution Vulnerability
Azure Site Recovery Elevation of Privilege Vulnerability
Azure Site Recovery Elevation of Privilege Vulnerability
Azure Site Recovery Elevation of Privilege Vulnerability
Azure Site Recovery Elevation of Privilege Vulnerability
Azure Site Recovery Elevation of Privilege Vulnerability
Azure Site Recovery Elevation of Privilege Vulnerability
Azure Site Recovery Elevation of Privilege Vulnerability
Azure Site Recovery Elevation of Privilege Vulnerability
Azure Site Recovery Elevation of Privilege Vulnerability
Azure Site Recovery Elevation of Privilege Vulnerability
Azure Site Recovery Elevation of Privilege Vulnerability
Azure Site Recovery Elevation of Privilege Vulnerability
Azure Site Recovery Elevation of Privilege Vulnerability
Azure Site Recovery Elevation of Privilege Vulnerability
Azure Site Recovery Elevation of Privilege Vulnerability
Azure Site Recovery Elevation of Privilege Vulnerability
Azure Site Recovery Elevation of Privilege Vulnerability
Azure Site Recovery Elevation of Privilege Vulnerability
Azure Site Recovery Elevation of Privilege Vulnerability
Azure Site Recovery Elevation of Privilege Vulnerability
Azure Site Recovery Elevation of Privilege Vulnerability
Azure Site Recovery Elevation of Privilege Vulnerability
Azure Site Recovery Elevation of Privilege Vulnerability
Windows Bluetooth Driver Elevation of Privilege Vulnerability
Azure Sphere Information Disclosure Vulnerability
Azure Site Recovery Remote Code Execution Vulnerability
Visual Studio Remote Code Execution Vulnerability
Visual Studio Remote Code Execution Vulnerability
Visual Studio Remote Code Execution Vulnerability
Chromium: CVE-2022-2619 Insufficient validation of untrusted input in Settings
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
Chromium: CVE-2022-2624 Heap buffer overflow in PDF
Chromium: CVE-2022-2623 Use after free in Offline
Chromium: CVE-2022-2622 Insufficient validation of untrusted input in Safe Browsing
Chromium: CVE-2022-2621 Use after free in Extensions
Chromium: CVE-2022-2618 Insufficient validation of untrusted input in Internals
Chromium: CVE-2022-2617 Use after free in Extensions API
Chromium: CVE-2022-2616 Inappropriate implementation in Extensions API
Chromium: CVE-2022-2615 Insufficient policy enforcement in Cookies
Chromium: CVE-2022-2614 Use after free in Sign-In Flow
Chromium: CVE-2022-2612 Side-channel information leakage in Keyboard input
Chromium: CVE-2022-2611 Inappropriate implementation in Fullscreen API
Chromium: CVE-2022-2610 Insufficient policy enforcement in Background Fetch
Chromium: CVE-2022-2606 Use after free in Managed devices API
Chromium: CVE-2022-2605 Out of bounds read in Dawn
Chromium: CVE-2022-2604 Use after free in Safe Browsing
Chromium: CVE-2022-2603 Use after free in Omnibox
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

Cisco Security Advisory

Cisco Adaptive Security Appliance Software Clientless SSL VPN Client-Side Request Smuggling Vulnerability
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software RSA Private Key Leak Vulnerability
Cisco Unified Communications Manager Arbitrary File Deletion Vulnerability
Cisco Identity Services Engine Sensitive Information Disclosure Vulnerability
Cisco Small Business RV Series Routers Vulnerabilities
Cisco Webex Meetings Web Interface Vulnerabilities
Cisco BroadWorks Application Delivery Platform Software Cross-Site Scripting Vulnerability

Ubuntu Security Notices

USN-5567-1: Linux kernel (OEM) vulnerabilities
USN-5566-1: Linux kernel vulnerabilities
USN-5565-1: Linux kernel vulnerabilities
USN-5564-1: Linux kernel (Intel IoTG) vulnerabilities
USN-5563-1: http-parser vulnerability
USN-5562-1: Linux kernel vulnerabilities
USN-5560-2: Linux kernel vulnerabilities
USN-5561-1: GNOME Web vulnerabilities
USN-5560-1: Linux kernel vulnerabilities
USN-5559-1: Moment.js vulnerabilities
USN-5558-1: libcdio vulnerabilities
USN-5557-1: Linux kernel vulnerabilities
USN-5555-1: GStreamer Good Plugins vulnerabilities
USN-5553-1: libjpeg-turbo vulnerabilities
USN-5554-1: GDK-PixBuf vulnerability
USN-5552-1: phpLiteAdmin vulnerability
USN-5548-1: libxml2 vulnerability
USN-5546-2: OpenJDK 8 vulnerabilities
USN-5551-1: mod-wsgi vulnerability
USN-5550-1: GnuTLS vulnerabilities
USN-5549-1: Django vulnerability
USN-5546-1: OpenJDK vulnerabilities
USN-5547-1: NVIDIA graphics drivers vulnerabilities

Adobe Security Bulletins and Advisories

Security Updates Available for Magento | APSB21-08 APSB22-38
Security update available for Adobe Acrobat and Reader | APSB21-09 APSB22-39
Security Updates Available for Adobe Framemaker | APSB21-14 APSB22-42

National Cyber Awareness System

CISA Adds Two Known Exploited Vulnerabilities to Catalog
Cisco Releases Security Update for Multiple Products
#StopRansomware: Zeppelin Ransomware
Palo Alto Networks Releases Security Update for PAN-OS
CISA Releases Cybersecurity Toolkit to Protect U.S. Elections
Microsoft Releases August 2022 Security Updates
Adobe Releases Security Updates for Multiple Products
VMware Releases Security Updates
CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog
Cisco Releases Security Updates for RV Series Routers
F5 Releases Security Updates
VMware Releases Security Updates
CISA and ACSC Release Top 2021 Malware Strains
CISA Adds One Known Exploited Vulnerability to Catalog
CISA Releases Log4Shell-Related MAR
Samba Releases Security Updates

Mozilla Security Advisories

Security Vulnerabilities fixed in Thunderbird 102.1 mfsa2022-32
Security Vulnerabilities fixed in Thunderbird 91.12 mfsa2022-31
Security Vulnerabilities fixed in Firefox ESR 91.12 mfsa2022-29
Security Vulnerabilities fixed in Firefox ESR 102.1 mfsa2022-30
Security Vulnerabilities fixed in Firefox 103 mfsa2022-28

Red Hat Security Advisory

(RHSA-2022:6043) Moderate: .NET 6.0 security, bug fix, and enhancement update
(RHSA-2022:6042) Important: Release of OpenShift Serverless Client kn 1.24.0
(RHSA-2022:6040) Important: Release of OpenShift Serverless 1.24.0
(RHSA-2022:5069) Important: OpenShift Container Platform 4.11.0 bug fix and security update
(RHSA-2022:5070) Moderate: OpenShift Container Platform 4.11.0 extras and security update
(RHSA-2022:6038) Moderate: .NET 6.0 security, bug fix, and enhancement update
(RHSA-2022:5068) Moderate: OpenShift Container Platform 4.11.0 packages and security update
(RHSA-2022:6037) Moderate: .NET Core 3.1 security, bug fix, and enhancement update
(RHSA-2022:6024) Moderate: New container image for Red Hat Ceph Storage 5.2 Security update
(RHSA-2022:6003) Moderate: kernel security, bug fix, and enhancement update
(RHSA-2022:6002) Moderate: kernel-rt security and bug fix update
(RHSA-2022:5997) Moderate: Red Hat Ceph Storage Security, Bug Fix, and Enhancement Update
(RHSA-2022:5879) Important: OpenShift Container Platform 4.9.45 bug fix and security update
(RHSA-2022:5998) Moderate: kernel security and bug fix update
(RHSA-2022:5948) Moderate: galera, mariadb, and mysql-selinux security, bug fix, and enhancement update
(RHSA-2022:5942) Moderate: vim security update
(RHSA-2022:5939) Moderate: kernel-rt security and bug fix update
(RHSA-2022:5937) Moderate: kernel security and bug fix update
(RHSA-2022:5934) Moderate: kernel-rt security and bug fix update
(RHSA-2022:5875) Moderate: OpenShift Container Platform 4.10.26 security update
(RHSA-2022:5928) Moderate: Red Hat JBoss Enterprise Application Platform 7.4.6 Security update
(RHSA-2022:5923) Important: Service Telemetry Framework 1.3 security update
(RHSA-2022:5924) Important: Service Telemetry Framework 1.4 security update
(RHSA-2022:5915) Moderate: Red Hat Kiali for OpenShift Service Mesh 2.2 security update
(RHSA-2022:5914) Moderate: Red Hat Kiali for OpenShift Service Mesh 2.1 security update
(RHSA-2022:5913) Moderate: Red Hat Kiali for OpenShift Service Mesh 2.0 security update
(RHSA-2022:5909) Moderate: Openshift Logging Bug Fix and security update Release (5.2.13)
(RHSA-2022:5908) Moderate: Openshift Logging Bug Fix and security update Release (5.3.10)
(RHSA-2022:5905) Important: xorg-x11-server security update
(RHSA-2022:5904) Important: php security update
(RHSA-2022:5903) Moderate: Red Hat Process Automation Manager 7.13.0 security update
(RHSA-2022:5894) Moderate: Red Hat JBoss Enterprise Application Platform 7.4.6 Security update.
(RHSA-2022:5892) Moderate: Red Hat JBoss Enterprise Application Platform 7.4.6 Security update
(RHSA-2022:5893) Moderate: Red Hat JBoss Enterprise Application Platform 7.4.6 Security update
(RHSA-2022:5866) Important: go-toolset-1.17 and go-toolset-1.17-golang security and bug fix update
(RHSA-2022:5821) Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
(RHSA-2022:5826) Moderate: mariadb:10.5 security, bug fix, and enhancement update
(RHSA-2022:5823) Moderate: 389-ds:1.4 security update
(RHSA-2022:5839) Important: kpatch-patch security update
(RHSA-2022:5834) Important: kernel-rt security and bug fix update
(RHSA-2022:5819) Important: kernel security and bug fix update
(RHSA-2022:5818) Moderate: openssl security update
(RHSA-2022:5813) Moderate: vim security update
(RHSA-2022:5809) Moderate: pcre2 security update
(RHSA-2022:5840) Moderate: Migration Toolkit for Containers (MTC) 1.7.3 security and bug fix update
(RHSA-2022:5837) Moderate: java-1.8.0-ibm security update
(RHSA-2022:5804) Important: kpatch-patch security update
(RHSA-2022:5802) Important: kernel security update
(RHSA-2022:5806) Important: kernel security update
(RHSA-2022:5805) Important: kernel security update
(RHSA-2022:5799) Important: go-toolset and golang security and bug fix update
(RHSA-2022:5730) Moderate: OpenShift Container Platform 4.10.25 bug fix and security update
(RHSA-2022:5729) Moderate: OpenShift Container Platform 4.10.25 security update
(RHSA-2022:5779) Moderate: ruby:2.5 security update
(RHSA-2022:5775) Important: go-toolset:rhel8 security and bug fix update
(RHSA-2022:5777) Important: firefox security update
(RHSA-2022:5778) Important: thunderbird security update
(RHSA-2022:5776) Important: firefox security update
(RHSA-2022:5772) Important: thunderbird security update
(RHSA-2022:5774) Important: thunderbird security update
(RHSA-2022:5773) Important: thunderbird security update
(RHSA-2022:5769) Important: firefox security update
(RHSA-2022:5771) Important: thunderbird security update
(RHSA-2022:5770) Important: thunderbird security update
(RHSA-2022:5767) Important: firefox security update
(RHSA-2022:5765) Important: firefox security update
(RHSA-2022:5766) Important: firefox security update
(RHSA-2022:5759) Moderate: rh-mariadb105-galera and rh-mariadb105-mariadb security and bugfix update
(RHSA-2022:5758) Important: OpenJDK 17.0.4 Security Update for Portable Linux Builds
(RHSA-2022:5757) Important: OpenJDK 17.0.4 security update for Windows Builds
(RHSA-2022:5756) Important: OpenJDK 11.0.16 security update for Windows Builds
(RHSA-2022:5755) Important: OpenJDK 11.0.16 Security Update for Portable Linux Builds
(RHSA-2022:5753) Important: OpenJDK 8u342 Windows builds release and security update
(RHSA-2022:5699) Moderate: Secondary Scheduler Operator for Red Hat OpenShift 1.0.1 security update
(RHSA-2022:5738) Important: Django 3.2.14 Security Update
(RHSA-2022:5736) Important: java-17-openjdk security, bug fix, and enhancement update
(RHSA-2022:5726) Important: java-17-openjdk security, bug fix, and enhancement update
(RHSA-2022:5717) Important: grafana security update
(RHSA-2022:5719) Important: grafana security update
(RHSA-2022:5718) Important: grafana security update
(RHSA-2022:5716) Important: grafana security update
(RHSA-2022:5720) Important: grafana security update
(RHSA-2022:5709) Important: java-1.8.0-openjdk security, bug fix, and enhancement update
(RHSA-2022:5704) Moderate: ACS 3.71 enhancement and security update
(RHSA-2022:5703) Important: Red Hat Ansible Automation Platform 1.2 security update
(RHSA-2022:5702) Important: Red Hat Ansible Automation Platform 2.1.2 security and bug fix update
(RHSA-2022:5700) Important: java-1.8.0-openjdk security update
(RHSA-2022:5701) Important: java-1.8.0-openjdk security update
(RHSA-2022:5697) Important: java-1.8.0-openjdk security and bug fix update
(RHSA-2022:5698) Important: java-1.8.0-openjdk security, bug fix, and enhancement update
(RHSA-2022:5696) Important: java-1.8.0-openjdk security, bug fix, and enhancement update
(RHSA-2022:5695) Important: java-11-openjdk security, bug fix, and enhancement update
(RHSA-2022:5664) Important: OpenShift Container Platform 4.10.24 bug fix and security update

Google Security Advisories

Pixel Update Bulletin—August 2022 | Android Open Source Project
Android 13 Security Release Notes | Android Open Source Project
Android Security Bulletin—August 2022 | Android Open Source Project
Chrome Releases: Stable Channel Update for Desktop
Chrome Releases: Stable Channel Update for Desktop
Chrome Releases: Stable Channel Update for Desktop
Chrome Releases: Stable Channel Update for Desktop
Chrome Releases: Stable Channel Update for Desktop

Github Security Advisories

[GHSA-f4qr-f4xx-hjxw] OpenSearch vulnerable to Improper Authorization of Index Containing Sensitive Information
[GHSA-78f9-745f-278p] Neo4j Graph apoc plugins Partial Path Traversal Vulnerability
[GHSA-33wh-w4m7-c6r8] update_by_case before 0.1.3 can be vulnerable to sql injection
[GHSA-j259-6c58-9m58] loopback-connector-postgresql Vulnerable to Improper Sanitization of `contains` Filter
[GHSA-pcjh-6r5h-r92r] django-sendfile2 before 0.7.0 contains reflected file download vulnerability
[GHSA-gwj5-wp6r-5q9f] Cronos vulnerable to DoS through unintended Contract Selfdestruct
[GHSA-7r9x-qrpr-3cxw] mofh Vulnerable to Improper Restriction of XML External Entity Reference
[GHSA-qcgc-6q86-7x2p] AEM WCM Core Components CVG Image vulnerable to Reflected Cross-site Scripting
[GHSA-vjxv-45g9-9296] cosign’s `cosign verify-attestaton –type` can report a false positive if any attestation exists
[GHSA-739f-hw6h-7wq8] PolicyController before 0.2.1 may bypass attestation verification
[GHSA-9jmq-rx5f-8jwq] nbconvert vulnerable to cross-site scripting (XSS) via multiple exploit paths
[GHSA-42wq-rch8-6f6j] CKEditor5 Cross-site scripting caused by the editor instance destroying process
[GHSA-v4hr-4jpx-56gc] Streamlit directory traversal vulnerability
[GHSA-r38f-c4h4-hqq2] PostgreSQL JDBC Driver SQL Injection in ResultSet.refreshRow() with malicious column names
[GHSA-8rmh-55h4-93h5] DSpace ItemImportService API Vulnerable to Path Traversal in Simple Archive Format Package Import
[GHSA-qp5m-c3m9-8q2p] JSPUI vulnerable to path traversal in submission (resumable) upload
[GHSA-763j-q7wv-vf3m] JSPUI’s controlled vocabulary feature vulnerable to Open Redirect before v6.4 and v5.11
[GHSA-4wm8-c2vv-xrpq] JSPUI Possible Cross Site Scripting in “Request a Copy” Feature
[GHSA-c558-5gfm-p2r8] Cross Site Scripting (XSS) possible in JSPUI spellcheck and autocomplete tools
[GHSA-7w85-pp86-p4pq] XMLUI’s metadata of withdrawn Items is exposed to anonymous users
[GHSA-c2j7-66m3-r4ff] JSPUI’s “Internal System Error” page prints exceptions and stack traces without sanitization
[GHSA-j47c-j42c-mwqq] Solana Pay Vulnerable to Weakness in Transfer Validation Logic
[GHSA-7xr3-6ggc-wc9p] untangle before 1.2.1 vulnerable to XML Entity Expansion
[GHSA-f83q-2cp7-qrjg] untangle before 1.2.1 vulnerable to Improper Restriction of XML External Entity Reference
[GHSA-p6mm-27gq-9v3p] next-auth before v4.10.2 and v3.29.9 leaks excessive information into log
[GHSA-8cw9-5hmv-77w6] sanic vulnerable to Path Traversal
[GHSA-6gjm-6wj6-4px5] Byobu user preference to prevent private discussions being started are not respected
[GHSA-qrjv-rf5q-qpxc] Rust-WebSocket memory allocation based on untrusted length
[GHSA-xv97-c62v-4587] NextAuth.js before 4.10.3 and 3.29.10 sending verification requests (magic link) to unwanted emails
[GHSA-4rx6-g5vg-5f3j] Juniper is vulnerable to @DOS GraphQL Nested Fragments overflow
[GHSA-32ff-4g79-vgfc] Flask-AppBuilder before v4.1.3 allows inference of sensitive information through query strings
[GHSA-hrgx-p36p-89q4] PrestaShop eval injection possible if shop vulnerable to SQL injection
[GHSA-9x8m-2xpf-crp3] Scrapy before v2.6.2 and v1.8.3 vulnerable to one proxy sending credentials to another
[GHSA-c8rp-cgf4-937w] mezzio-swoole Applications Using Diactoros Vulnerable to HTTP Host Header Attack
[GHSA-2cpx-6pqp-wf35] fs2-io skips mTLS client verification
[GHSA-xq3c-8gqm-v648] async-graphql / async-graphql – @DOS GraphQL Nested Fragments overflow
[GHSA-5834-xv5q-cgfw] Shopware vulnerable to persistent XSS in customer module
[GHSA-8274-h5jp-97vr] Diactoros before 2.11.1 vulnerable to HTTP Host Header Attack

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.