This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 3.3. The following CVEs are assigned: CVE-2024-7537.
If LibreOffice failed to validate a signed macro, it displayed a warning
but still allowed execution of the script after printing a warning.
Going forward in high macro security mode such macros are now disabled.
For additional information please refer to
https://www.libreoffice.org/about-us/security/advisories/cve-2024-6472/
Several vulnerabilities have been discovered in the OpenJDK Java runtime,
which may result in denial of service, information disclosure or bypass
of Java sandbox restrictions.
Posted by Andrey Stoykov on Aug 04
# Exploit Title: Blind SQL Injection – dolphinv7.4.2.
# Date: 8/2024
# Exploit Author: Andrey Stoykov
# Version: 7.4.2
# Tested on: Ubuntu 22.04
# Blog:
https://msecureltd.blogspot.com/2024/07/friday-fun-pentest-series-8-dolphinv742.html
SQL Injection:
Steps to Reproduce:
1. Navigate to “Builders” menu
2. The HTTP GET parameter of “?cat=builders” is displayed in the URL bar
3. That is the injection point
sqlmap -r…
python3.6-3.6.15-34.fc40
Security fix for CVE-2024-6345 in the bundled setuptools wheel.
python3.6-3.6.15-34.fc39
Security fix for CVE-2024-6345 in the bundled setuptools wheel.
python2.7-2.7.18-43.fc40
Security fix for CVE-2024-6345 in the bundled setuptools wheel.
python2.7-2.7.18-43.fc39
Security fix for CVE-2024-6345 in the bundled setuptools wheel.
tor-0.4.8.12-1.fc39
update to latest upstream release https://forum.torproject.org/t/stable-release-0-4-8-12/13060
tor-0.4.8.12-1.el9
update to latest upstream release https://forum.torproject.org/t/stable-release-0-4-8-12/13060
