Zip Slip meets Artifactory: A Bug Bounty Story
Posted by Egidio Romano on Jun 23 Hello list, Just wanted to share with you my latest blog post: https://karmainsecurity.com/zip-slip-meets-artifactory-a-bug-bounty-story Enjoy it! Read More
Backdoor.Win32.Plugx / Insecure Permissions
Posted by malvuln on Jun 23 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/eeb631127f1b9fb3d13d209d8e675634.txt Contact: malvuln13 () gmail com Media:...
[SBA-ADV-20240321-01] CVE-2024-5676: Paradox IP150 Internet Module Cross-Site Request Forgery
Posted by SBA Research Security Advisory via Fulldisclosure on Jun 23 # Paradox IP150 Internet Module Cross-Site Request Forgery # Link: https://github.com/sbaresearch/advisories/tree/public/2024/SBA-ADV-20240321-01_Paradox_Cross_Site_Request_Forgery ## Vulnerability Overview...
DSA-5715-2 composer – regression update
The update for composer released as DSA 5715 introduced a regression in the handling of git feature branches. Updated composer packages are now available to...
python-PyMySQL-0.9.3-2.el7
FEDORA-EPEL-2024-28e58f443c Packages in this update: python-PyMySQL-0.9.3-2.el7 Update description: Security fix for CVE-2024-36039 Read More
libreswan-4.15-1.fc39
FEDORA-2024-07c9cfd337 Packages in this update: libreswan-4.15-1.fc39 Update description: Update to 4.15 for CVE-2024-3652 Read More
mingw-gstreamer1-1.22.9-1.fc39 mingw-gstreamer1-plugins-bad-free-1.22.9-1.fc39 mingw-gstreamer1-plugins-base-1.22.9-2.fc39 mingw-gstreamer1-plugins-good-1.22.9-1.fc39
FEDORA-2024-919bc7e512 Packages in this update: mingw-gstreamer1-1.22.9-1.fc39 mingw-gstreamer1-plugins-bad-free-1.22.9-1.fc39 mingw-gstreamer1-plugins-base-1.22.9-2.fc39 mingw-gstreamer1-plugins-good-1.22.9-1.fc39 Update description: Update to gstreamer-1.22.9. Backport fix for CVE-2024-0444. Read More
mingw-gstreamer1-plugins-bad-free-1.22.7-2.fc39
FEDORA-2024-1e6c22e83f Packages in this update: mingw-gstreamer1-plugins-bad-free-1.22.7-2.fc39 Update description: Backport fix for CVE-2024-0444. Read More
ZDI-24-898: ESET Smart Security Premium Link Following Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of ESET Smart Security Premium. User interaction on the part of an administrator is...
libreswan-4.15-1.fc40
FEDORA-2024-05a6ab143e Packages in this update: libreswan-4.15-1.fc40 Update description: Update to 4.15 for CVE-2024-3652 Read More