SEC Consult SA-20240620-0 :: Arbitrary File Upload in edu-sharing (metaVentis GmbH)

Read Time:21 Second

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Jun 23

SEC Consult Vulnerability Lab Security Advisory < 20240620-0 >
=======================================================================
title: Arbitrary File Upload
product: edu-sharing (metaVentis GmbH)
vulnerable versions: <8.0.8-RC2, <8.1.4-RC0, <9.0.0-RC19
fixed versions: >=8.0.8-RC2, >=8.1.4-RC0, >=9.0.0-RC19
CVE number: CVE-2024-28147
impact: high…

Erlang/OTP RCE (CVE-2025-32433)

What is the Vulnerability? A critical SSH vulnerability has recently been identified in the Erlang/Open Telecom Platform (OTP). The vulnerability,...

April 22, 2025

digikam-8.6.0-4.fc40

FEDORA-2025-97687e7f68 Packages in this update: digikam-8.6.0-4.fc40 Update description: update internal Libraw to 2025/03/17 snapshot Read More

April 21, 2025

digikam-8.6.0-4.fc41

FEDORA-2025-5bbbb2df79 Packages in this update: digikam-8.6.0-4.fc41 Update description: update internal Libraw to 2025/03/17 snapshot Read More

April 21, 2025

digikam-8.6.0-4.fc42

FEDORA-2025-1c1e378468 Packages in this update: digikam-8.6.0-4.fc42 Update description: update internal Libraw to 2025/03/17 snapshot Read More

April 21, 2025

epiphany-47.6-1.fc41

FEDORA-2025-164c668d6a Packages in this update: epiphany-47.6-1.fc41 Update description: Update to 47.6, notably fixing CVE-2025-3839 Read More

April 21, 2025

epiphany-48.2-1.fc42

FEDORA-2025-efbe201596 Packages in this update: epiphany-48.2-1.fc42 Update description: Update to 48.2, notably fixing CVE-2025-3839 Read More

April 21, 2025

Microsoft Reports 92% Adoption Rate for Phishing-Resistant MFA Among Corporate Users

Android Improves Its Security

SuperCard X Enables Contactless ATM Fraud in Real-Time

Billbug Espionage Group Deploys New Tools in Southeast Asia

New Cryptojacking Malware Targets Docker with Novel Mining Technique

The AI Fix #47: An AI is the best computer programmer in the world

Scalllywag Ad Fraud Network Generates 1.4 Billion Bid Requests Daily

$40bn Southeast Asian Scam Sector Growing “Like a Cancer”

Crosswalks hacked to play fake audio of Musk, Zuck, and Jeff Bezos

SEC Consult SA-20240620-0 :: Arbitrary File Upload in edu-sharing (metaVentis GmbH)

Erlang/OTP RCE (CVE-2025-32433)

digikam-8.6.0-4.fc40

digikam-8.6.0-4.fc41

digikam-8.6.0-4.fc42

epiphany-47.6-1.fc41

epiphany-48.2-1.fc42