ZDI-24-086: TP-Link Omada ER605 Access Control Command Injection Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Omada ER605. Authentication is required to exploit this vulnerability. The ZDI...
DSA-5616-1 ruby-sanitize – security update
It was discovered that ruby-sanitize, a whitelist-based HTML sanitizer, insufficiently sanitised Read More
python-cryptography-41.0.7-1.fc39
FEDORA-2024-91f5df4002 Packages in this update: python-cryptography-41.0.7-1.fc39 Update description: Security fix for CVE-2023-49083 Read More
python-cryptography-41.0.7-1.fc40
FEDORA-2024-9d2de2b051 Packages in this update: python-cryptography-41.0.7-1.fc40 Update description: Automatic update for python-cryptography-41.0.7-1.fc40. Changelog * Thu Feb 1 2024 Benjamin A. Beasley <code@musicinmybrain.net> - 41.0.7-1 -...
APPLE-SA-02-02-2024-1 visionOS 1.0.2
Posted by Apple Product Security via Fulldisclosure on Feb 04 APPLE-SA-02-02-2024-1 visionOS 1.0.2 visionOS 1.0.2 addresses the following issues. Information about the security content is...
Out-of-bounds read & write in the glibc’s qsort()
Posted by Qualys Security Advisory via Fulldisclosure on Feb 04 Qualys Security Advisory For the algorithm lovers: Nontransitive comparison functions lead to out-of-bounds read &...
CVE-2023-6246: Heap-based buffer overflow in the glibc’s syslog()
Posted by Qualys Security Advisory via Fulldisclosure on Feb 04 Qualys Security Advisory CVE-2023-6246: Heap-based buffer overflow in the glibc's syslog() ======================================================================== Contents ======================================================================== Summary...
Research about usage & possible issues of the NVD
Posted by Andreas Hammer on Feb 04 Hello there! The University of Erlangen-Nuremberg (Germany) is conducting a research study to investigate the usage and possible...
TROJAN.WIN32 BANKSHOT / Remote Stack Buffer Overflow (SEH)
Posted by malvuln on Feb 04 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/f2fd6a7b400782bb43499e722fb62cf4.txt Contact: malvuln13 () gmail com Media:...
[KIS-2024-01] XenForo <= 2.2.13 (ArchiveImport.php) Zip Slip Vulnerability
Posted by Egidio Romano on Feb 04 ------------------------------------------------------------ XenForo <= 2.2.13 (ArchiveImport.php) Zip Slip Vulnerability ------------------------------------------------------------ [-] Software Link: https://xenforo.com [-] Affected Versions: Version 2.2.13...