This vulnerability allows remote attackers to initiate arbitrary server-side requests on affected installations of Progress Software WhatsUp Gold. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.1. The following CVEs are assigned: CVE-2024-5015.
More Stories
openssl-3.2.2-7.fc41
FEDORA-2024-7d5c1bcc78 Packages in this update: openssl-3.2.2-7.fc41 Update description: Fix CVE-2024-5535: SSL_select_next_proto buffer overread Read More
USN-7006-1: Linux kernel vulnerabilities
It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a null...
USN-7005-1: Linux kernel vulnerabilities
Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could...
USN-7004-1: Linux kernel vulnerabilities
Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could...
USN-7002-1: Setuptools vulnerability
It was discovered that setuptools was vulnerable to remote code execution. An attacker could possibly use this issue to execute...
USN-7003-2: Linux kernel vulnerabilities
It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local...