Category: Advisories

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Jun 23 SEC Consult Vulnerability Lab Security Advisory < 20240620-0 > ======================================================================= title: Arbitrary File Upload...

Posted by Egidio Romano on Jun 23 Hello list, Just wanted to share with you my latest blog post: https://karmainsecurity.com/zip-slip-meets-artifactory-a-bug-bounty-story Enjoy it! Read More

Posted by malvuln on Jun 23 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/eeb631127f1b9fb3d13d209d8e675634.txt Contact: malvuln13 () gmail com Media:...

Posted by SBA Research Security Advisory via Fulldisclosure on Jun 23 # Paradox IP150 Internet Module Cross-Site Request Forgery # Link: https://github.com/sbaresearch/advisories/tree/public/2024/SBA-ADV-20240321-01_Paradox_Cross_Site_Request_Forgery ## Vulnerability Overview...

The update for composer released as DSA 5715 introduced a regression in the handling of git feature branches. Updated composer packages are now available to...

FEDORA-EPEL-2024-28e58f443c Packages in this update: python-PyMySQL-0.9.3-2.el7 Update description: Security fix for CVE-2024-36039 Read More

FEDORA-2024-07c9cfd337 Packages in this update: libreswan-4.15-1.fc39 Update description: Update to 4.15 for CVE-2024-3652 Read More

FEDORA-2024-919bc7e512 Packages in this update: mingw-gstreamer1-1.22.9-1.fc39 mingw-gstreamer1-plugins-bad-free-1.22.9-1.fc39 mingw-gstreamer1-plugins-base-1.22.9-2.fc39 mingw-gstreamer1-plugins-good-1.22.9-1.fc39 Update description: Update to gstreamer-1.22.9. Backport fix for CVE-2024-0444. Read More

FEDORA-2024-1e6c22e83f Packages in this update: mingw-gstreamer1-plugins-bad-free-1.22.7-2.fc39 Update description: Backport fix for CVE-2024-0444. Read More

This vulnerability allows local attackers to escalate privileges on affected installations of ESET Smart Security Premium. User interaction on the part of an administrator is...