Category: Advisories

It was discovered that Kerberos incorrectly handled GSS message tokens where an unwrapped token could appear to be truncated. An attacker could possibly use this...

Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. https://security-tracker.debian.org/tracker/DSA-5741-1 Read More

Multiple cross-site scripting vulnerabilities were discovered in RoundCube webmail. https://security-tracker.debian.org/tracker/DSA-5743-1 Read More

A vulnerability was discovered in odoo, a suite of web based open source business apps. It could result in the execution of arbitrary code. https://security-tracker.debian.org/tracker/DSA-5742-1...

Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code. https://security-tracker.debian.org/tracker/DSA-5744-1 Read More

Posted by KoreLogic Disclosures via Fulldisclosure on Aug 07 KL-001-2024-010: Journyx Unauthenticated XML External Entities Injection Title: Journyx Unauthenticated XML External Entities Injection Advisory ID:...

Posted by KoreLogic Disclosures via Fulldisclosure on Aug 07 KL-001-2024-009: Journyx Reflected Cross Site Scripting Title: Journyx Reflected Cross Site Scripting Advisory ID: KL-001-2024-009 Publication...

Posted by KoreLogic Disclosures via Fulldisclosure on Aug 07 KL-001-2024-008: Journyx Authenticated Remote Code Execution Title: Journyx Authenticated Remote Code Execution Advisory ID: KL-001-2024-008 Publication...

Posted by KoreLogic Disclosures via Fulldisclosure on Aug 07 KL-001-2024-007: Journyx Unauthenticated Password Reset Bruteforce Title: Journyx Unauthenticated Password Reset Bruteforce Advisory ID: KL-001-2024-007 Publication...

Posted by KoreLogic Disclosures via Fulldisclosure on Aug 07 KL-001-2024-006: Open WebUI Arbitrary File Upload + Path Traversal Title: Open WebUI Arbitrary File Upload +...