WordPress 6.5.5
WordPress 6.5.5 is now available! This release features three security fixes. Because this is a security release, it is recommended that you update your sites...
emacs-29.4-1.fc39
FEDORA-2024-a18d159e35 Packages in this update: emacs-29.4-1.fc39 Update description: Update to Emacs 29.4, fixing CVE-2024-39331. Read More
emacs-29.4-3.fc40
FEDORA-2024-a3fecfab32 Packages in this update: emacs-29.4-3.fc40 Update description: Update to Emacs 29.4, fixing CVE-2024-39331. Read More
USN-6844-1: CUPS vulnerability
Rory McNamara discovered that when starting the cupsd server with a Listen configuration item, the cupsd process fails to validate if bind call passed. An...
USN-6845-1: Hibernate vulnerability
It was discovered that Hibernate incorrectly handled certain inputs with unsanitized literals. If a user or an automated system were tricked into opening a specially...
SEC Consult SA-20240620-0 :: Arbitrary File Upload in edu-sharing (metaVentis GmbH)
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Jun 23 SEC Consult Vulnerability Lab Security Advisory < 20240620-0 > ======================================================================= title: Arbitrary File Upload...
Zip Slip meets Artifactory: A Bug Bounty Story
Posted by Egidio Romano on Jun 23 Hello list, Just wanted to share with you my latest blog post: https://karmainsecurity.com/zip-slip-meets-artifactory-a-bug-bounty-story Enjoy it! Read More
Backdoor.Win32.Plugx / Insecure Permissions
Posted by malvuln on Jun 23 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/eeb631127f1b9fb3d13d209d8e675634.txt Contact: malvuln13 () gmail com Media:...
[SBA-ADV-20240321-01] CVE-2024-5676: Paradox IP150 Internet Module Cross-Site Request Forgery
Posted by SBA Research Security Advisory via Fulldisclosure on Jun 23 # Paradox IP150 Internet Module Cross-Site Request Forgery # Link: https://github.com/sbaresearch/advisories/tree/public/2024/SBA-ADV-20240321-01_Paradox_Cross_Site_Request_Forgery ## Vulnerability Overview...
DSA-5715-2 composer – regression update
The update for composer released as DSA 5715 introduced a regression in the handling of git feature branches. Updated composer packages are now available to...