This vulnerability allows remote attackers to disclose sensitive information on affected installations of Trimble SketchUp Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 3.3. The following CVEs are assigned: CVE-2024-7511.
Several vulnerabilities have been discovered in the OpenJDK Java runtime,
which may result in denial of service, information disclosure or bypass
of Java sandbox restrictions.
If LibreOffice failed to validate a signed macro, it displayed a warning
but still allowed execution of the script after printing a warning.
Going forward in high macro security mode such macros are now disabled.
For additional information please refer to
https://www.libreoffice.org/about-us/security/advisories/cve-2024-6472/
Posted by Andrey Stoykov on Aug 04
# Exploit Title: Blind SQL Injection – dolphinv7.4.2.
# Date: 8/2024
# Exploit Author: Andrey Stoykov
# Version: 7.4.2
# Tested on: Ubuntu 22.04
# Blog:
https://msecureltd.blogspot.com/2024/07/friday-fun-pentest-series-8-dolphinv742.html
SQL Injection:
Steps to Reproduce:
1. Navigate to “Builders” menu
2. The HTTP GET parameter of “?cat=builders” is displayed in the URL bar
3. That is the injection point
sqlmap -r…
python3.6-3.6.15-34.fc40
Security fix for CVE-2024-6345 in the bundled setuptools wheel.
python3.6-3.6.15-34.fc39
Security fix for CVE-2024-6345 in the bundled setuptools wheel.
python2.7-2.7.18-43.fc40
Security fix for CVE-2024-6345 in the bundled setuptools wheel.
python2.7-2.7.18-43.fc39
Security fix for CVE-2024-6345 in the bundled setuptools wheel.
tor-0.4.8.12-1.fc39
update to latest upstream release https://forum.torproject.org/t/stable-release-0-4-8-12/13060
tor-0.4.8.12-1.el9
update to latest upstream release https://forum.torproject.org/t/stable-release-0-4-8-12/13060
