Category Archives: Advisories

Read Time:23 Second

Posted by Andrey Stoykov on Jun 15

# Exploit Title: Business Logic Flaw and Username Enumeration in
spa-cartcmsv1.9.0.6
# Date: 6/2024
# Exploit Author: Andrey Stoykov
# Version: 1.9.0.6
# Tested on: Ubuntu 22.04
# Blog:
https://msecureltd.blogspot.com/2024/04/friday-fun-pentest-series-5-spa.html
<http://msecureltd.blogspot.com/>

Description

– It was found that the application suffers from business logic flaw

– Additionally the application is vulnerable to username…

Advisories

DSA-5713-1 libndp – security update

June 16, 2024

Read Time:14 Second

A buffer overflow was discovered in libndp, a library implementing the
IPv6 Neighbor Discovery Protocol (NDP), which could result in denial of
service or potentially the execution of arbitrary code if malformed
IPv6 router advertisements are processed.

https://security-tracker.debian.org/tracker/DSA-5713-1

Advisories

python-PyMySQL-1.1.1-1.fc40

June 15, 2024

Read Time:8 Second

FEDORA-2024-b26f07d27b

Packages in this update:

python-PyMySQL-1.1.1-1.fc40

Update description:

Update to 1.1.1 to fix CVE CVE-2024-36039

Advisories

python-PyMySQL-1.1.1-1.fc39

June 15, 2024

Read Time:8 Second

FEDORA-2024-e7141ab284

Packages in this update:

python-PyMySQL-1.1.1-1.fc39

Update description:

Update to 1.1.1 to fix CVE CVE-2024-36039

Advisories

DSA-5711-1 thunderbird – security update

June 15, 2024

Read Time:7 Second

Multiple security issues were discovered in Thunderbird, which could
result inthe execution of arbitrary code.

https://security-tracker.debian.org/tracker/DSA-5711-1

Advisories

DSA-5712-1 ffmpeg – security update

June 15, 2024

Read Time:12 Second

Several vulnerabilities have been discovered in the FFmpeg multimedia
framework, which could result in denial of service or potentially the
execution of arbitrary code if malformed files/streams are processed.

https://security-tracker.debian.org/tracker/DSA-5712-1

Advisories