I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.
6bda9aff7daa468cbf6ddf141c670140de4d1db145329645a90c22c1e5c7bc01
Ubuntu Security Notice 6723-1 - Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered that Bind incorrectly handled validating DNSSEC messages. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. It was discovered that Bind incorrectly handled preparing an NSEC3 closest encloser proof. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service.
6e047bb3283e58c0f8d840f22e9c0053696975f6a4992368ea7aec56ce6a4cc7
Red Hat Security Advisory 2024-1706-03 - An update for Red Hat Build of Apache Camel 4.0 for Quarkus 3.2 is now available. Red Hat Product Security has rated this update as having a security impact of Important. The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products. Issues addressed include denial of service and memory leak vulnerabilities.
16469c2badc4f0cd858661226922435b35e0d3cf48d81c5d93b9800f2f8855f4
Red Hat Security Advisory 2024-1700-03 - An update is now available for Red Hat OpenShift GitOps v1.10.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section. Issues addressed include bypass and denial of service vulnerabilities.
d560bde6cc2d169dc796cdc566c2fd91080752bdc5278385de85157a4ab0cf26
Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.
96491008a9e1ad7e69bc2be9e30cea2014e7ec82fcaa4c2a1a86a984844d920e
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. This is the current 3.x.x release.
71843afcc0a2c585f8f33fa304f0b58ae4b9c5d8306f894667b3746044277557
Red Hat Security Advisory 2024-1697-03 - An update is now available for Red Hat OpenShift GitOps v1.11.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section. Issues addressed include bypass and denial of service vulnerabilities.
5166d3ef9f8b3b9a5c2bb9c8856f3171de214e9ca1fa5503277a975f821bde79
Flightio.com suffers from a remote SQL injection vulnerability. The researchers reporting this claimed the site has not responded to their reports so we are posting this to add visibility to the issue.
287e946136487edac1a8bcbedb409990ac26461ab1f6840438934159773b37da
WordPress Travelscape theme version 1.0.3 suffers from an arbitrary file upload vulnerability.
8c7f57a620a7f2e630146822105069ce7c8d705a9661a1a56006b6c19ee5ae88
Daily Expense Manager version 1.0 suffers from a remote SQL injection vulnerability.
3036d5c35514225ac7efd5fae884b642a5c6e16478440cce60456af20f3c8957
Open Source Medicine Ordering System version 1.0 suffers from a remote SQL Injection vulnerability.
ddcd59d819ea5c59b6d5493517cad43c4bfefe50707cf9b222d8705aea3e670b
ZenML allows for remote privilege escalation because the /api/v1/users/{user_name_or_id}/activate REST API endpoint allows access on the basis of a valid username along with a new password in the request body. This is the proof of concept exploit. All ZenML versions below 0.46.7 are vulnerable, with the exception being patched versions 0.44.4, 0.43.1, and 0.42.2.
3c2c8e3882d5e4c0257dbb5b27f3d5dfe82d1a0ce0a5f485af9c54a883d48594
Invision Community versions 4.7.16 and below suffer from a remote code execution vulnerability in toolbar.php.
79e57c6d95c397c23ce4c4203e72406e2900a93befed691fbc0ae540ed7a9cf4
Invision Community versions 4.4.0 through 4.7.15 suffer from a remote SQL injection vulnerability in store.php.
f3e99d07ab1ab0d469a1a39ceb456ac6dc86fdcbd9071ad8690ce38ecca5a7ff
Open eShop version 2.7.0 suffers from a cross site scripting vulnerability.
ffc1ccc2b126ca15fb375709398eeafd3eb66b2b5e4657e3a0744439ad777b8c
HTMLy version 2.9.6 suffers from a persistent cross site scripting vulnerability.
7c364eb28a81f6893bdac09aa21445e515fda3d2ede1335da9224b08d6224934
UP-RESULT version 0.1 2024 suffers from a remote SQL injection vulnerability.
4add65ea93ae55c77a16552103ce0483201e157f530ea8a0e1e38f32c5d69671
Trojan.Win32.Razy.abc malware suffers from an insecure permissions vulnerability.
f42f962b787317ec42e0f8896a6024f38f8e96776bcebf7c0600a7ee39d21c1f
AnyDesk version 7.0.15 suffers from an unquoted service path vulnerability.
1235bdf38715b85c279dda71fade5447c43a019867ab310c382db75e713ca4e1
Red Hat Security Advisory 2024-1692-03 - An update for less is now available for Red Hat Enterprise Linux 9.
7c213050aef164476477c5fa3ad870203fc8c6d5d544e17298a54fe5093edbcf
Red Hat Security Advisory 2024-1691-03 - An update for varnish is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.
b730e9975f8aa0dcc58b220fdd9cb714578932b95a2a94d93fed1c1fca538e89
Red Hat Security Advisory 2024-1690-03 - An update for varnish is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.
1b7455404c89f46a3de2f63da600692f1745a89d728b55a1abd02f8d463990b1
Red Hat Security Advisory 2024-1689-03 - An update for rh-varnish6-varnish is now available for Red Hat Software Collections. Issues addressed include a denial of service vulnerability.
744bb57884c49db1585fc95caae11a3e82f78a82bfd90ea77f3032f7f3536667
Red Hat Security Advisory 2024-1688-03 - An update for the nodejs:20 module is now available for Red Hat Enterprise Linux 9. Issues addressed include bypass, denial of service, privilege escalation, and traversal vulnerabilities.
8a47da6a410f995e9176b64c70ea20b1b3e25888a506a6431ffb8f734d19e048
Red Hat Security Advisory 2024-1687-03 - An update for the nodejs:20 module is now available for Red Hat Enterprise Linux 8. Issues addressed include bypass, denial of service, privilege escalation, and traversal vulnerabilities.
ab60643fe0b19c35b45886b3810dc24cebc8401da8f057a3905ed8abd2f5d4cf