Defective request context handling in Self Service in LinOTP 3.x before 3.2.5 allows remote unauthenticated attackers to escalate privileges, thereby allowing them to act as and with the permissions o ...
Continue Reading
December 19, 2023
A vulnerability has been found in pedroetb tts-api up to 2.1.4 and classified as critical. This vulnerability affects the function onSpeechDone of the file app.js. The manipulation leads to os command ...
Continue Reading
December 19, 2023
To build the container do: 1: Down the folder, unzip and build the container. 2: docker build -t cve-2023-49103 ./ 3: docker run --name cve-2023-49103 -p 80:80 -p 443:443...Read More ...
Continue Reading
December 19, 2023
NVIDIA has released a software update for NVIDIA Triton Inference Server to address the issue disclosed in this bulletin. This issue affects only nondefault deployments that enable dynamic model loadi ...
Continue Reading
December 19, 2023
A privilege escalation vulnerability exists in Node.js 20 that allowed loading arbitrary OpenSSL engines when the experimental permission model is enabled, which can bypass and/or disable the permissi ...
Continue Reading
December 19, 2023
The Swift Performance Lite WordPress plugin before 2.3.6.15 does not prevent users from exporting the plugin's settings, which may include sensitive information such as Cloudflare API...Read More ...
Continue Reading
December 18, 2023
The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-cfe04c6093 advisory. UnrealIRCd 6.1.3 The main focus of this release is adding ...
Continue Reading
December 18, 2023
According to its self-reported version, the instance of VMware vRealize Network Insight running on the remote web server is affected by multiple vulnerabilities: vRealize Network Insight (vRNI) cont ...
Continue Reading
December 18, 2023
Back to Main
