#java

Avantune Genialcloud ProJ version 10 suffers from a cross site scripting vulnerability.

A cross-site scripting (XSS) vulnerability in the installer component of Mautic before 4.3.0 allows admins to inject executable javascript

Release of OpenShift Serverless Client kn 1.22.1 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-23772: golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString * CVE-2022-23773: golang: cmd/go: misinterpretation of branch names can lead to incorrect access control * CVE-2022-23806: golang: crypto/elliptic IsOnCurve returns true for invalid field elements

We take a look at a Runescape-themed phishing mail targeting players of the smash MMORPG title, and explain how they steal the data. The post Runescape phish claims your email has been changed appeared first on Malwarebytes Labs.

Red Hat Security Advisory 2022-4798-01 - The Apache Maven Shared Utils project aims to be an improved functional replacement for plexus-utils in Maven. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2022-4797-01 - The Apache Maven Shared Utils project aims to be an improved functional replacement for plexus-utils in Maven. Issues addressed include a code execution vulnerability.

Fast Food Ordering System version 1.0 suffers from a persistent cross site scripting vulnerability.

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4037: kernel: security regression for CVE-2018-13405 * CVE-2021-20322: kernel: new DNS Cache Poisoning Attack based on ICMP fragment needed packets replies * CVE-2022-27666: kernel: buffer overflow in IPsec ESP transformation code

An update for expat is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-23852: expat: Integer overflow in function XML_GetBuffer

An update for fapolicyd is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1117: fapolicyd: fapolicyd wrongly prepares ld.so path