BlackNET version 3.7.0.0 appears to allow unauthenticated access to modify data and suffers from arbitrary file deletion and directory traversal vulnerabilities while authenticated.
6e54154264109ce0380fee45cc8dba495239a6e22843e4f8d07ddd298e5af855
Ubuntu Security Notice 7015-2 - USN-7015-1 fixed several vulnerabilities in Python. This update provides one of the corresponding updates for python2.7 for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS, and a second for python3.5 for Ubuntu 16.04 LTS. It was discovered that Python allowed excessive backtracking while parsing certain tarfile headers. A remote attacker could possibly use this issue to cause Python to consume resources, leading to a denial of service. This issue only affected python3.5 for Ubuntu 16.04 LTS
550d08e8b345790a9bdb83fddf576842c6d60bb9e802b14bfb08aae08445627e
Red Hat Security Advisory 2024-6883-03 - Red Hat build of Apache Camel 3.20.7 for Spring Boot release and security update is now available. Issues addressed include denial of service, information leakage, and server-side request forgery vulnerabilities.
3045b836aeac40bf3e37920da8dbba6ec698d456fc63f1e9ac8db78b3f17f548
Red Hat Security Advisory 2024-6705-03 - Red Hat OpenShift Container Platform release 4.12.66 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include code execution and traversal vulnerabilities.
e1d594e7979e2685e06c54b467fdf7e8d166c6c158567155dab4ac4742114160
Red Hat Security Advisory 2024-6685-03 - Red Hat OpenShift Container Platform release 4.15.33 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include code execution and traversal vulnerabilities.
36b1cbfc51faea3697205cc3a774b6465d137ac0c6766ce970d40b7bc9b473bf
htmly version 2.9.9 suffers from multiple persistent cross site scripting vulnerabilities.
b19a6a9192ab7fdb974bbaace4e6310aa155520d7f2a2c087e43a0e209b862b0
Red Hat Security Advisory 2024-6753-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Issues addressed include double free and out of bounds read vulnerabilities.
53020fe72754d26170d770af2c519ca810d0be21bfda3613968b3a0616931dd9
Red Hat Security Advisory 2024-6691-03 - Red Hat OpenShift Container Platform release 4.13.50 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include code execution and traversal vulnerabilities.
3f162820304a59765b631d7f9cf18e93c3e252dea0baf6c1817bc5036e63adad
Red Hat Security Advisory 2024-6689-03 - Red Hat OpenShift Container Platform release 4.14.37 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include code execution and traversal vulnerabilities.
dfc8ec5fb40f616efd3385697be48d5f05fee7cc0ca00f9f30fe4ebe5051fff4
Red Hat Security Advisory 2024-6687-03 - Red Hat OpenShift Container Platform release 4.16.13 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include code execution and traversal vulnerabilities.
67ea9795cef54f7df0103b989b24dd862154be5392ba7a2d09b4f537c7d1510e
Ubuntu Security Notice 6885-3 - USN-6885-1 fixed several vulnerabilities in Apache. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Orange Tsai discovered that the Apache HTTP Server mod_rewrite module incorrectly handled certain substitutions. A remote attacker could possibly use this issue to execute scripts in directories not directly reachable by any URL, or cause a denial of service. Some environments may require using the new UnsafeAllow3F flag to handle unsafe substitutions.
31166839dd976fb13f0b4dbd232274dc5adcbdb22f6e4157c52f92b68f799311
Online Traffic Offense version 1.0 suffers from cross site request forgery and arbitrary file upload vulnerabilities.
e5a827b48fc4659294048f669ce8dc8150ad3c9cea88685a31c1e4fff34cdbbd
Debian Linux Security Advisory 5770-1 - Shang-Hung Wan discovered multiple vulnerabilities in the Expat XML parsing C library, which could result in denial of service or potentially the execution of arbitrary code.
c1619153de1b5b70d0c75d33d3807ae59a0796df1edfa06f7f54ce8a562d5941
Ubuntu Security Notice 7000-2 - USN-7000-1 fixed vulnerabilities in Expat. This update provides the corresponding updates for Ubuntu 22.04 LTS. Shang-Hung Wan discovered that Expat did not properly handle certain function calls when a negative input length was provided. An attacker could use this issue to cause a denial of service or possibly execute arbitrary code.
59bf3b6ef3d66bb680edf070eb8e73bfa69b84933ee4e951d7c495cad067f15c
HYSCALE System version 1.9 suffers from add administrator and cross site request forgery vulnerabilities.
be1be6516ccdabbe67428de5ef0e49fca374004dda69f00f5fe8c675baa3d990
CVE-2024-30088 is a Windows kernel elevation of privilege vulnerability which affects many recent versions of Windows 10, Windows 11 and Windows Server 2022. The vulnerability exists inside the function called AuthzBasepCopyoutInternalSecurityAttributes specifically when the kernel copies the _AUTHZBASEP_SECURITY_ATTRIBUTES_INFORMATION of the current token object to user mode. When the kernel performs the copy of the SecurityAttributesList, it sets up the list of the SecurityAttributes structure directly to the user supplied pointed. It then calls RtlCopyUnicodeString and AuthzBasepCopyoutInternalSecurityAttributeValues to copy out the names and values of the SecurityAttribute leading to multiple Time Of Check Time Of Use (TOCTOU) vulnerabilities in the function.
a4e521839032a10c16e91b79eb43b6f9620dcc27482be434b0d2b62d5ac92e66
Ubuntu Security Notice 7001-2 - USN-7001-1 fixed vulnerabilities in xmltol library. This update provides the corresponding updates for Ubuntu 24.04 LTS. Shang-Hung Wan discovered that Expat, contained within the xmltok library, did not properly handle certain function calls when a negative input length was provided. An attacker could use this issue to cause a denial of service or possibly execute arbitrary code.
e8e28f2f9097ce08c9631f1af9eb47b3fb56c0e9466585153477ebbeb1f2ce61
Apple Security Advisory 09-16-2024-10 - macOS Ventura 13.7 addresses buffer overflow, bypass, out of bounds access, out of bounds read, and spoofing vulnerabilities.
83bec15ab00978bb0f11e5f9e97e565cb578510b79514deba529887e8947a015
This Python script for Linux can analyze Microsoft Windows .msi Installer files and point out potential vulnerabilities.
5acb6c6d8634611b63c2c7dbe9d099afc2807b183f5f065ed3557bc52c57aa7d
Apple Security Advisory 09-16-2024-9 - macOS Sonoma 14.7 addresses buffer overflow, bypass, out of bounds access, out of bounds read, out of bounds write, and spoofing vulnerabilities.
8c7c598c2151ce639d355f21defbebd09be8b2089b0d7ca88eaa2eab7d02cc0a
Ubuntu Security Notice 7011-2 - USN-7011-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that ClamAV incorrectly handled certain PDF files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service.
8eab588cda40b015f2993c6befd64881bea3df23eba9fc2f37d8135f1ca86eb5
Apple Security Advisory 09-16-2024-8 - iOS 17.7 and iPadOS 17.7 addresses bypass, out of bounds access, and out of bounds read vulnerabilities.
4993b0fd28e2f9894d9a7a6b11b76fd5ab68a695255e84e47ffc88d2865ddeaf
Apple Security Advisory 09-16-2024-6 - Safari 18 addresses cross site scripting and spoofing vulnerabilities.
8565030c81e5697f1f766f9a15d6dc4896c79e31fa63809ae8174b258ad1dd69
Apple Security Advisory 09-16-2024-5 - visionOS 2 addresses cross site scripting, integer overflow, out of bounds access, and out of bounds read vulnerabilities.
c33139a06c51eeb99d320b409bf3dff9bf4f6d249df655edcfd84eafd70434a2
Apple Security Advisory 09-16-2024-4 - watchOS 11 addresses cross site scripting, integer overflow, out of bounds access, and out of bounds read vulnerabilities.
cc37085fe262bc1e832562736dee07e94a59cea8867890657c7639a8a8399592