A vulnerability was found in Windmill 1.380.0. It has been classified as problematic. Affected is an unknown function of the file backend/windmill-api/src/users.rs of the component HTTP Request Handle ...
Continue Reading
September 06, 2024
Ghost through 5.76.0 allows stored XSS, and resultant privilege escalation in which a contributor can take over any account, via an SVG profile picture that contains JavaScript code to interact with t ...
Continue Reading
September 06, 2024
Custom Metasploit Module for CVE 2023-2728 and CVE 2024-3177 Description This custom module exploits CVE 2023-2728 and CVE 2024-3177 in Kubernetes versions that are vulnerables to each of them (e.g. v ...
Continue Reading
September 06, 2024
Security Advisory Description A memory leak in archive_read_format_zip_cleanup in archive_read_support_format_zip.c in libarchive 3.3.4-dev allows remote attackers to cause a denial of service via a c ...
Continue Reading
September 06, 2024
Security Advisory Description A race condition vulnerability was discovered in how signals are handled by OpenSSH's server (sshd). If a remote attacker does not authenticate within a set time per ...
Continue Reading
September 06, 2024
Security Advisory Description libjpeg-turbo before 1.3.1 allows remote attackers to cause a denial of service (crash) via a crafted JPEG file, related to the Exif marker. (CVE-2014-9092) Impact This v ...
Continue Reading
September 06, 2024
The version of docker installed on the remote host is prior to 25.0.6-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2024-042 advisory. When following an HTTP ...
Continue Reading
September 06, 2024
The version of AOS installed on the remote host is prior to 6.5.6.6. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.5.6.6 advisory. A timing based side channe ...
Continue Reading
September 06, 2024
Back to Main
