#java

A Buffer Overflow vulnerability exists in zlog 1.2.15 via zlog_conf_build_with_file in src/zlog/src/conf.c.

An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1097: Mozilla: Use-after-free in NSSToken objects * CVE-2022-1196: Mozilla: Use-after-free after VR Process destruction * CVE-2022-24713: Mozilla: Denial of Service via complex regular expressions * CVE-2022-28281: Mozilla: Out of bounds write due to unexpected WebAuthN Extensions * CVE-2022-28282: Mozilla: Use-after-free in DocumentL10n::TranslateDocu...

An update for firefox is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1097: Mozilla: Use-after-free in NSSToken objects * CVE-2022-1196: Mozilla: Use-after-free after VR Process destruction * CVE-2022-24713: Mozilla: Denial of Service via complex regular expressions * CVE-2022-28281: Mozilla: Out of bounds write due to unexpected WebAuthN Extensions * CVE-2022-28282: Mozilla: Use-after-free in D...

An update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1097: Mozilla: Use-after-free in NSSToken objects * CVE-2022-1196: Mozilla: Use-after-free after VR Process destruction * CVE-2022-24713: Mozilla: Denial of Service via complex regular expressions * CVE-2022-28281: Mozilla: Out of bounds write due to unexpected WebAuthN Extensions * CVE-2022-28282: Mozilla: Use-after-free in DocumentL10n::TranslateDocu...

An update for firefox is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1097: Mozilla: Use-after-free in NSSToken objects * CVE-2022-1196: Mozilla: Use-after-free after VR Process destruction * CVE-2022-24713: Mozilla: Denial of Service via complex regular expressions * CVE-2022-28281: Mozilla: Out of bounds write due to unexpected WebAuthN Extensions * CVE-2022-28282: Mozilla: Use-after-free in D...

An update for firefox is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1097: Mozilla: Use-after-free in NSSToken objects * CVE-2022-1196: Mozilla: Use-after-free after VR Process destruction * CVE-2022-24713: Mozilla: Denial of Service via complex regular expressions * CVE-2022-28281: Mozilla: Out of bounds write due to unexpected WebAuthN Extensions * CVE-2022-28282: Mozilla: Use-after...

A cross-site scripting (XSS) vulnerability in ONLYOFFICE Document Server Example before v7.0.0 allows remote attackers inject arbitrary HTML or JavaScript through /example/editor.

Red Hat OpenShift Container Platform release 4.9.27 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0567: ovn-kubernetes: Ingress network policy can be overruled by egress network policy on another pod

Social Codia SMS v1 was discovered to contain an arbitrary file upload vulnerability via addteacher.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.

Ecommerce-Website v1 was discovered to contain an arbitrary file upload vulnerability via /customer_register.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.