Debian Linux Security Advisory 5749-1 - Chris Williams discovered a flaw in the handling of mounts for persistent directories in Flatpak, an application deployment framework for desktop apps. A malicious or compromised Flatpak app using persistent directories could take advantage of this flaw to access files outside of the sandbox.
49a4d77eea8ea35889feae10e2fadeec7696c09090cf0416837385589db5c828
LG Simple Editor versions 3.21.0 and below suffer from an unauthenticated command injection vulnerability. The vulnerability can be exploited by a remote attacker to inject arbitrary operating system commands which will get executed in the context of NT AUTHORITY\SYSTEM.
1545a24bd538b0cf083c22f759cc58d69ea50fc039903cf220c2e8a20cefba46
This Metasploit module exploits OpenMetadata versions 1.2.3 and below by chaining an API authentication bypass using JWT tokens along with a SpEL injection vulnerability to achieve arbitrary command execution.
713b618c2038aeb7f9469836947b05f8ccdf1cf0b8060c24f46869e85e9e93cd
This Metasploit module exploits CVE-2024-27348, a remote code execution vulnerability that exists in Apache HugeGraph Server in versions before 1.3.0. An attacker can bypass the sandbox restrictions and achieve remote code execution through Gremlin, resulting in complete control over the server.
b97d3ebb5977b249d01dc6eda8963e68e3e2fb294c007a301ee0a7f467c4e02d
Ubuntu Security Notice 6961-1 - It was discovered that BusyBox did not properly validate user input when performing certain arithmetic operations. If a user or automated system were tricked into processing a specially crafted file, an attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. It was discovered that BusyBox incorrectly managed memory when evaluating certain awk expressions. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. This issue only affected Ubuntu 24.04 LTS.
032e3b951d2c4a3d5616153f6ad7f551b1b064e6766e37c7e54cc6e5d999d625
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software. This is the LTS source code release.
d67ab299e5ca05dad3da299a5ea73d60209372a5becd7f13b9a33c290338a4e6
GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.
9ca0ddaccce28a74fa18d738744190afb3b0daebef74e6ad686bf7bef99abd60
Red Hat Security Advisory 2024-5418-03 - An update for bind9.16 is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.
c7d702e6f25f2c9be85e5d742c89a8b129957d7a6edb735119b0adcf87546676
Red Hat Security Advisory 2024-5411-03 - An update for OpenShift Jenkins is now available for Red Hat Product OCP Tools 4.14. Red Hat Product Security has rated this update as having a security impact of critical. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section.
068e4971be0ae9f67e2e1098b8d7d7b931eec474ff5000fc99f1fd09a52b5db5
Feberr version 13.4 suffers from an ignored default credential vulnerability.
2e393c441ce609493774dac1c3e5f681c5ce98d1b3702bb114041fdb03335768
Red Hat Security Advisory 2024-5410-03 - An update for OpenShift Jenkins is now available for Red Hat Product OCP Tools 4.12. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section.
eb18e0ae04d57031458b02850dcf16f3d15d47b1f69b7c3e2bd0ce55d7adfc56
Ubuntu Security Notice 6960-1 - Nick Browning discovered that RMagick incorrectly handled memory under certain operations. An attacker could possibly use this issue to cause a denial of service through memory exhaustion.
d8fb4e58635a7b08d39335638b93c2207f742867e7703c2b45154b56063f9b45
Farmacia Gama version 1.0 suffers from a cross site scripting vulnerability.
2caf36ad25ddb5e5fcd4a26fd8ac2e62e0dee3d76fbd95e698130d2b8730632e
Red Hat Security Advisory 2024-5406-03 - An update for OpenShift Jenkins is now available for Red Hat Product OCP Tools 4.13. Red Hat Product Security has rated this update as having a security impact of critical. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section.
ebc166c50f26fb0b417e894435c5b45a9476ead6a4e3b5918dbe1f7abdb30746
Ecommerce version 1.15 suffers from an ignored default credential vulnerability.
58fa74be204710f788c9686f571d322e9e021b828a468d977d0fd4a321e926aa
Red Hat Security Advisory 2024-5405-03 - An update for OpenShift Jenkins is now available for Red Hat Product OCP Tools 4.15. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section.
663a4609326d571bebbb166ff0bf2010076f838204e7b0ccdd0d93918af8667b
Ubuntu Security Notice 6951-2 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
40333bcb6bfcef7ef0b04b1f7dd14dc7bd1927d82916fa3e2c056ec935a480dd
Covid-19 Contact Tracing System version 1.0 suffers from a cross site scripting vulnerability.
daa17a59d2ea2f605f71d11b3ba6860a33f90c5ea08d666ce8a3af42e59af5fa
Red Hat Security Advisory 2024-5402-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8. Issues addressed include out of bounds read and use-after-free vulnerabilities.
87f6e5a9338154d5d05e5c0879da5ab7e24370cf7ca44814bc7c8a909cf40b4c
Red Hat Security Advisory 2024-5396-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include out of bounds read and use-after-free vulnerabilities.
dfedab7cda430f6109fa56dadc489bc25762e6c1275dd075d77106e1bffded6f
Car Rental Management System version 1.0 suffers from a cross site scripting vulnerability.
5fa10fefdc9cde30dce20a655fe24cebef24d4c036fcbee0b4bb1c708bc895ed
BloodBank version 1.1 suffers from an ignored default credential vulnerability.
e7484cc3dee661f45c55f97b4e23233108b80b1c4fe04adf3e05b62052052b97
Red Hat Security Advisory 2024-5395-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Issues addressed include out of bounds read and use-after-free vulnerabilities.
46a7b8e3d0be756d884c46e1b9b7654fe5d640c70be8175dd7eeda94436f54de
Bhojon Restaurant Management System version 2.9 suffers from an ignored default credential vulnerability.
d6e06dde4900dda1d73c9d43d3fd7bdc675753e54128cdc173c7bd195c2bae96
FlatPress version 1.3.1 suffers from a path traversal vulnerability.
93132facf1686cadc1ae8f70b92c43ad1314fd717d542ca0f3d2460a2af23e80