9200 Series Mobility Controllers And SD-WAN Gateways, 9000 Series Mobility Controllers And SD-WAN Gateways Security Vulnerabilities

paec.org Cross Site Scripting vulnerability OBB-3938495

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

[SECURITY] Fedora 39 Update: thunderbird-115.12.1-1.fc39

Mozilla Thunderbird is a standalone mail and newsgroup...

CVE-2024-23140

A maliciously crafted 3DM and MODEL file, when parsed in opennurbs.dll and atf_api.dll through Autodesk applications, can force an Out-of-Bound Read. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current...

CVE-2024-23140

A maliciously crafted 3DM and MODEL file, when parsed in opennurbs.dll and atf_api.dll through Autodesk applications, can force an Out-of-Bound Read. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current...

tumbltrak.co.uk Cross Site Scripting vulnerability OBB-3938493

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

247clipart.com Cross Site Scripting vulnerability OBB-3938492

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

drklein.de Cross Site Scripting vulnerability OBB-3938491

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

studis-online.de Cross Site Scripting vulnerability OBB-3938490

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

EulerOS 2.0 SP11 : emacs (EulerOS-SA-2024-1830)

According to the versions of the emacs package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In Emacs before 29.3, Org mode considers contents of remote files to be trusted. This affects Org Mode before 9.6.23.(CVE-2024-30205) In Emacs...

EulerOS 2.0 SP11 : xorg-x11-server (EulerOS-SA-2024-1849)

According to the versions of the xorg-x11-server package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A heap-based buffer over-read vulnerability was found in the X.org server's ProcAppleDRICreatePixmap() function. This issue occurs when...

EulerOS 2.0 SP11 : curl (EulerOS-SA-2024-1829)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum...

EulerOS 2.0 SP11 : kernel (EulerOS-SA-2024-1837)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: IB/ipoib: Fix mcast list locking Releasing the priv-lock while iterating...

EulerOS 2.0 SP11 : golang (EulerOS-SA-2024-1835)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This...

EulerOS 2.0 SP11 : expat (EulerOS-SA-2024-1831)

According to the versions of the expat package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via...

EulerOS 2.0 SP11 : mod_http2 (EulerOS-SA-2024-1819)

According to the versions of the mod_http2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-1829)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2024-1821)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2024-1824)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for sssd (EulerOS-SA-2024-1847)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for emacs (EulerOS-SA-2024-1809)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for nghttp2 (EulerOS-SA-2024-1841)

The remote host is missing an update for the Huawei...

Mageia: Security Advisory (MGASA-2024-0232)

The remote host is missing an update for...

CVE-2024-21739

Geehy APM32F103CCT6, APM32F103RCT6, APM32F103RCT7, and APM32F103VCT6 devices have Incorrect Access...

Huawei EulerOS: Security Advisory for glusterfs (EulerOS-SA-2024-1812)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-1816)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-1808)

The remote host is missing an update for the Huawei...

Spring Tips: Further, Faster with Spring Boot 3.3

Hi, Spring fans! In this installment we look at ways to make your applications go further, faster, with AppCDS, GraalVM, AOT on the JRE, and Project CRaC (coordinate restore at checkpoint) springboot #java #graalvm #programming...

EulerOS 2.0 SP11 : xorg-x11-server (EulerOS-SA-2024-1828)

According to the versions of the xorg-x11-server package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A heap-based buffer over-read vulnerability was found in the X.org server's ProcAppleDRICreatePixmap() function. This issue occurs when...

EulerOS 2.0 SP11 : gnutls (EulerOS-SA-2024-1813)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS,...

EulerOS 2.0 SP11 : glibc (EulerOS-SA-2024-1811)

According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting...

EulerOS 2.0 SP11 : sssd (EulerOS-SA-2024-1826)

According to the versions of the sssd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper...

SUSE: Security Advisory (SUSE-SU-2024:2173-1)

The remote host is missing an update for...

Mageia: Security Advisory (MGASA-2024-0236)

The remote host is missing an update for...

Mageia: Security Advisory (MGASA-2024-0233)

The remote host is missing an update for...

Ubuntu: Security Advisory (USN-6845-1)

The remote host is missing an update for...

Huawei EulerOS: Security Advisory for llvm (EulerOS-SA-2024-1818)

The remote host is missing an update for the Huawei...

CVE-2024-36819

MAP-OS 4.45.0 and earlier is vulnerable to Cross-Site Scripting (XSS). This vulnerability allows malicious users to insert a malicious payload into the "Client Name" input. When a service order from this client is created, the malicious payload is displayed on the administrator and employee...

Important: python3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2024-1822)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for nghttp2 (EulerOS-SA-2024-1820)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for glusterfs (EulerOS-SA-2024-1833)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for libyaml (EulerOS-SA-2024-1817)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for llvm (EulerOS-SA-2024-1839)

The remote host is missing an update for the Huawei...

SUSE: Security Advisory (SUSE-SU-2024:2170-1)

The remote host is missing an update for...

Important: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security...

WordPress < 6.5.5 - Contributor+ Stored XSS in Template-Part Block

Description WordPress does not properly escape the "tagName" attribute in the "Template Part block" allowing high-privileged users to perform Stored Cross-Site Scripting (XSS) attacks. PoC As a contributor, add a "Template Part" block to a post, click on "Start Blank" and then Create. Go into...

EulerOS 2.0 SP11 : kernel (EulerOS-SA-2024-1816)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: IB/ipoib: Fix mcast list locking Releasing the priv-lock while iterating...

SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2024:2184-1)

The remote SUSE Linux SLED12 / SLED_SAP12 / SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2184-1 advisory. The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following...

EulerOS 2.0 SP11 : python3 (EulerOS-SA-2024-1843)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was found in the CPython tempfile.TemporaryDirectory class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and...

EulerOS 2.0 SP11 : util-linux (EulerOS-SA-2024-1848)

According to the versions of the util-linux packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals...