Apple Security Advisory 2022-01-26-6 – watchOS 8.4 addresses buffer overflow, code execution, path sanitization, and use-after-free vulnerabilities.
Apple Security Advisory 2022-01-26-7 – Safari 15.3 addresses code execution and use-after-free vulnerabilities.
Fetch Softworks Fetch FTP Client version 5.8 suffers from a remote CPU consumption denial of service vulnerability.
WordPress Mortgage Calculators WP plugin version 1.52 suffers from a persistent cross site scripting vulnerability.
Oracle WebLogic Server suffers from a local file inclusion vulnerability. Versions affected include 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0.
PolicyKit-1 version 0.105-31 pkexec local privilege escalation exploit.
WordPress Modern Events Calendar plugin versions 6.1 and below suffer from an unauthenticated remote SQL injection vulnerability.
WordPress RegistrationMagic V plugin versions 5.0.1.5 and below suffer from a remote SQL injection vulnerability.
Local privilege escalation root exploit for Polkit’s pkexec vulnerability as described in CVE-2021-4034 and known as PwnKit.