Ryzen™ 3000 Series Desktop Processors With Radeon™ Graphics Security Vulnerabilities

CVE-2024-5272

Mattermost versions 9.5.x <= 9.5.3, 9.6.x <= 9.6.1, 8.1.x <= 8.1.12 fail to restrict the audience of the "custom_playbooks_playbook_run_updated" webhook event, which allows a guest on a channel with a playbook run linked to see all the details of the playbook run when the run is marked by....

CVE-2024-5272 Run Details leak to guest via webhook event "custom_playbooks_playbook_run_updated"

Mattermost versions 9.5.x <= 9.5.3, 9.6.x <= 9.6.1, 8.1.x <= 8.1.12 fail to restrict the audience of the "custom_playbooks_playbook_run_updated" webhook event, which allows a guest on a channel with a playbook run linked to see all the details of the playbook run when the run is marked by....

Domainim - A Fast And Comprehensive Tool For Organizational Network Scanning

Domainim is a fast domain reconnaissance tool for organizational network scanning. The tool aims to provide a brief overview of an organization's structure using techniques like OSINT, bruteforcing, DNS resolving etc. Features Current features (v1.0.1)- - Subdomain enumeration (2 engines +...

Exploit for CVE-2024-4956

README.md CVE-2024-4956 Bulk Scanner Disclaimer ...

Updated roundcubemail packages fix security vulnerabilities

This is a security update to the stable version 1.6 of Roundcube Webmail. Fix cross-site scripting (XSS) vulnerability in handling SVG animate attributes. Reported by Valentin T. and Lutz Wolf of CrowdStrike. Fix cross-site scripting (XSS) vulnerability in handling list columns from user...

[SECURITY] Fedora 40 Update: rust-zram-generator-1.1.2-11.fc40

This is a systemd unit generator that enables swap on zram. (With zram, there is no physical swap device. Part of the available RAM is used to store compressed pages, essentially trading CPU cycles for memor y.) To activate, install zram-generator-defaults...

[SECURITY] Fedora 40 Update: rust-uu_yes-0.0.23-3.fc40

yes ~ (uutils) repeatedly display a line with STRING (or...

[SECURITY] Fedora 40 Update: rust-uu_shred-0.0.23-3.fc40

shred ~ (uutils) hide former FILE contents with repeated...

[SECURITY] Fedora 40 Update: rust-uu_nl-0.0.23-3.fc40

nl ~ (uutils) display input with added line...

[SECURITY] Fedora 40 Update: rust-uu_join-0.0.23-3.fc40

join ~ (uutils) merge lines from inputs with matching join...

[SECURITY] Fedora 40 Update: rust-uu_basename-0.0.23-3.fc40

basename ~ (uutils) display PATHNAME with leading directory components...

[SECURITY] Fedora 40 Update: rustup-1.26.0-3.fc40

Manage multiple rust installations with...

[SECURITY] Fedora 40 Update: rust-tealdeer-1.6.1-8.fc40

Fetch and show tldr help pages for many CLI commands. Full featured offline client with caching...

[SECURITY] Fedora 40 Update: rust-silver-2.0.1-8.fc40

A cross-shell customizable powerline-like prompt with...

[SECURITY] Fedora 40 Update: rust-sha1collisiondetection-0.3.4-2.fc40

SHA-1 hash function with collision detection and...

[SECURITY] Fedora 40 Update: rust-sequoia-octopus-librnp-1.8.1-4.fc40

Reimplementation of RNP's interface using Sequoia for use with...

[SECURITY] Fedora 40 Update: rust-sd-1.0.0-2.fc40

Intuitive find & replace CLI. * Painless regular expressions sd uses regex syntax that you already know from JavaScript and Python. Forget about dealing with quirks of sed or awk - get productive immediate ly. * String-literal mode Non-regex find & replace. No more backslashes or...

[SECURITY] Fedora 40 Update: rust-resctl-bench-2.2.5-3.fc40

resctl-bench is a collection of whole-system benchmarks to evaluate resource control and hardware behaviors using realistic simulated workloads. Comprehensive resource control involves the whole system. Furthermore, test ing resource control end-to-end requires scenarios involving realistic...

[SECURITY] Fedora 40 Update: rust-python-launcher-1.0.0-12.fc40

The Python Launcher for Unix. Launch your Python interpreter the lazy/smart way! This launcher is an implementation of the py command for Unix-based platfor ms. The goal is to have py become the cross-platform command that Python users typically use to launch an interpreter while doing...

[SECURITY] Fedora 40 Update: rust-names-0.14.0-2.fc40

A random name generator with names suitable for use in container instances, project names, application instances,...

[SECURITY] Fedora 40 Update: rust-lsd-1.1.2-3.fc40

An ls command with a lot of pretty colors and some other...

[SECURITY] Fedora 40 Update: rust-lino-0.10.0-9.fc40

A command line text editor with notepad like key...

[SECURITY] Fedora 40 Update: rust-desed-1.2.1-4.fc40

Sed script debugger. Debug and demystify your sed scripts with TUI...

[SECURITY] Fedora 40 Update: rust-cpc-1.9.3-3.fc40

Evaluates math expressions, with support for units and conversion between...

[SECURITY] Fedora 40 Update: rust-bat-0.24.0-5.fc40

A cat(1) clone with...

[SECURITY] Fedora 40 Update: rust-asahi-btsync-0.2.0-3.fc40

A tool to sync Bluetooth pairing keys with macos on ARM...

[SECURITY] Fedora 40 Update: rust-asahi-wifisync-0.2.0-3.fc40

A tool to sync Wifi passwords with macos on ARM...

[SECURITY] Fedora 40 Update: ntpd-rs-1.1.2-2.fc40

Full-featured implementation of NTP with NTS...

[SECURITY] Fedora 40 Update: loupe-46.2-2.fc40

An image viewer application written with GTK 4, Libadwaita and Rust. Features: - Fast GPU accelerated image rendering with tiled rendering for SVGs - Extendable and sandboxed (expect SVG) image decoding - Support for more than 15 image formats by default - Extensive support for touchpad and...

[SECURITY] Fedora 40 Update: maturin-1.5.1-2.fc40

Build and publish crates with pyo3, rust-cpython and cffi bindings as well as rust binaries as python...

Malicious code in protonme (npm)

-= Per source details. Do not edit below this line.=- Source: ossf-package-analysis (295b3103d7290c7c347d76b699dea56f4ddfdcf450ac1bfdddcf41ed4b37af0a) The OpenSSF Package Analysis project identified 'protonme' @ 1200.1.1 (npm) as malicious. It is considered malicious because: The package...

Exploit for Vulnerability in Reportlab

CVE-2023-33733-POC Disclamer I did not, nor do I take...

Exploit for Vulnerability in Reportlab

CVE-2023-33733-POC Disclamer I did not, nor do I take...

[SECURITY] [DLA 3820-1] bluez security update

Debian LTS Advisory DLA-3820-1 [email protected] https://www.debian.org/lts/security/ Arturo Borrero Gonzalez May 25, 2024 https://wiki.debian.org/LTS Package : bluez Version : 5.50-1.2~deb10u5 CVE ID :...

JA4+ - Suite Of Network Fingerprinting Standards

JA4+ is a suite of network Fingerprinting methods that are easy to use and easy to share. These methods are both human and machine readable to facilitate more effective threat-hunting and analysis. The use-cases for these fingerprints include scanning for threat actors, malware detection, session.....

[SECURITY] [DLA 3818-1] apache2 security update

Debian LTS Advisory DLA-3818-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès May 24, 2024 https://wiki.debian.org/LTS Package : apache2 Version : 2.4.59-1~deb10u1 CVE ID :...

CVE-2024-4045

The Popup Builder by OptinMonster – WordPress Popups for Optins, Email Newsletters and Lead Generation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘campaign_id’ parameter in versions up to, and including, 2.16.1 due to insufficient input sanitization and output...

CVE-2024-4045 Popup Builder by OptinMonster – WordPress Popups for Optins, Email Newsletters and Lead Generation <= 2.16.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Popup Builder by OptinMonster – WordPress Popups for Optins, Email Newsletters and Lead Generation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘campaign_id’ parameter in versions up to, and including, 2.16.1 due to insufficient input sanitization and output...

CVE-2024-5218

The Reviews and Rating – Google Reviews plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's file upload feature in all versions up to, and including, 5.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

CVE-2024-5218 Reviews and Rating – Google Reviews <= 5.2 - Authenticated (Author+) Stored Cross-Site Scripting

The Reviews and Rating – Google Reviews plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's file upload feature in all versions up to, and including, 5.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

CVE-2024-5229

The Primary Addon for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Pricing Table widget in all versions up to, and including, 1.5.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-5229 Primary Addon for Elementor <= 1.5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Pricing Table Widget

The Primary Addon for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Pricing Table widget in all versions up to, and including, 1.5.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-5220

The ND Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's upload feature in all versions up to, and including, 7.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and....

CVE-2024-5220 ND Shortcodes <= 7.5 - Authenticated (Author+) Stored Cross-Site Scripting

The ND Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's upload feature in all versions up to, and including, 7.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and....

Malicious code in rich-relevance (npm)

-= Per source details. Do not edit below this line.=- Source: ossf-package-analysis (da3a1ac70540bed4411c7898c3829eb449795a1537d8fd94dd66c4c643c4d4df) The OpenSSF Package Analysis project identified 'rich-relevance' @ 99.1.1 (npm) as malicious. It is considered malicious because: The package...

Foxit PDF Editor < 13.1.2 Vulnerability

According to its version, the Foxit PDF Editor application (previously named Foxit PhantomPDF) installed on the remote Windows host is prior to 13.1.2. It is, therefore affected by vulnerability: Addressed potential issues where the application could be exposed to Time-of-Check Time-of-Use...

Ivanti Endpoint Manager - May 2024 Security Update

The version of Ivanti Endpoint Manager running on the remote host lacking the May 2024 Hotfix. It is, therefore, affected by multiple vulnerabilities. An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the...

Debian dla-3818 : apache2 - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3818 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3818-1 [email protected] ...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : postgresql15 (SUSE-SU-2024:1777-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1777-1 advisory. PostgreSQL upgrade to version 15.7 (bsc#1224051): - CVE-2024-4317: Fixed visibility restriction of...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : ucode-intel (SUSE-SU-2024:1771-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1771-1 advisory. Intel CPU Microcode was updated to the 20240514 release (bsc#1224277) - CVE-2023-45733: Fixed...