USN-6787-1: Jinja2 vulnerability
It was discovered that Jinja2 incorrectly handled certain HTML attributes that were accepted by the xmlattr filter. An attacker could use this issue to inject...
USN-6791-1: Unbound vulnerability
It was discovered that Unbound could take part in a denial of service amplification attack known as DNSBomb. This update introduces certain resource limits to...
USN-6790-1: amavisd-new vulnerability
It was discovered that amavisd-new incorrectly handled certain MIME email messages with multiple boundary parameters. A remote attacker could possibly use this issue to bypass...
USN-6789-1: LibreOffice vulnerability
Amel Bouziane-Leblond discovered that LibreOffice incorrectly handled graphic on-click bindings. If a user were tricked into clicking a graphic in a specially crafted document, a...
USN-6788-1: WebKitGTK vulnerabilities
Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker...
thunderbird-115.11.0-1.fc40
FEDORA-2024-7ade906120 Packages in this update: thunderbird-115.11.0-1.fc40 Update description: Update to 115.11.0 https://www.mozilla.org/en-US/security/advisories/mfsa2024-23/ https://www.thunderbird.net/en-US/thunderbird/115.11.0/releasenotes/ https://www.thunderbird.net/en-US/thunderbird/115.10.0/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2024-20/ Read More
USN-6786-1: Netatalk vulnerabilities
It was discovered that Netatalk did not properly protect an SMB and AFP default configuration. A remote attacker could possibly use this issue to execute...
ZDI-24-516: Progress Software WhatsUp Gold HttpContentActiveController Server-Side Request Forgery Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Progress Software WhatsUp Gold. Authentication is required to exploit this vulnerability. The...
SEC Consult SA-20240527-0 :: Multiple vulnerabilities in HAWKI didactic interface
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on May 27 SEC Consult Vulnerability Lab Security Advisory < 20240527-0 > ======================================================================= title: Multiple vulnerabilities product:...
SEC Consult SA-20240524-0 :: Exposed Serial Shell on multiple PLCs in Siemens CP-XXXX Series
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on May 27 SEC Consult Vulnerability Lab Security Advisory < 20240524-0 > ======================================================================= title: Exposed Serial Shell...