Delta Electronics Wplsoft, Ispsoft, And Pmsoft Security Vulnerabilities

Security Bulletin: IBM Tivoli Netcool Impact is vulnerable to insecure cryptographic algorithm and information disclosure due to DB2 JDBC Driver (CVE-2023-47152)

Summary DB2 JDBC driver is shipped with IBM Tivoli Netcool Impact as part of the db2 data source adapter. Information about security vulnerabilities affecting DB2 JDBC driver has been published in a security bulletin. Vulnerability Details ** CVEID: CVE-2023-47152 DESCRIPTION: **IBM Db2 for...

Security Bulletin: IBM Tivoli Netcool Impact could provide weaker tha expected security due to IBM WebSphere Application Server Liberty (CVE-2023-50312)

Summary IBM WebSphere Application Server Liberty is shipped with IBM Tivoli Netcool Impact as part of its server infrastructure. Information about a security vulnerability affecting IBM WebSphere Application Server Liberty has been published in a security bulletin. Vulnerability Details ** CVEID:.....

Security Bulletin: IBM Tivoli Netcool Impact is vulnerable to information disclosure due to Apache Camel (CVE-2024-22371)

Summary Apache Camel is shipped with IBM Tivoli Netcool Impact as part of the data provider interface in the GUI server. Information about a security vulnerability affecting Apache ActiveMQ has been published in a security bulletin. Vulnerability Details ** CVEID: CVE-2024-22371 DESCRIPTION:...

CVE-2024-3123 CHANGING Mobile One Time Password - Arbitrary File Upload

CHANGING Mobile One Time Password's uploading function in a hidden page does not filter file type properly. Remote attackers with administrator privilege can exploit this vulnerability to upload and run malicious file to execute system...

CVE-2024-38480

"Piccoma" App for Android and iOS versions prior to 6.20.0 uses a hard-coded API key for an external service, which may allow a local attacker to obtain the API key. Note that the users of the app are not directly affected by this...

[SECURITY] [DLA 3855-1] pdns-recursor security update

Debian LTS Advisory DLA-3855-1 [email protected] https://www.debian.org/lts/security/ ; Daniel Leidert July 01, 2024 https://wiki.debian.org/LTS Package : pdns-recursor Version : 4.1.11-1+deb10u2 CVE...

CVE-2024-6419

A vulnerability classified as critical was found in SourceCodester Medicine Tracker System 1.0. This vulnerability affects unknown code of the file /classes/Master.php?f=save_medicine. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has....

CVE-2024-6419

A vulnerability classified as critical was found in SourceCodester Medicine Tracker System 1.0. This vulnerability affects unknown code of the file /classes/Master.php?f=save_medicine. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has....

Simple Laboratory Management System 1.0 SQL Injection

...

WordPress WPCode Lite 2.1.14 Cross Site Scripting

...

Xhibiter NFT Marketplace 1.10.2 - SQL Injection

...

Debian: Security Advisory (DSA-5714-1)

The remote host is missing an update for the...

Debian: Security Advisory (DLA-3845-1)

The remote host is missing an update for the...

Huawei EulerOS: Security Advisory for less (EulerOS-SA-2024-1874)

The remote host is missing an update for the Huawei...

Debian: Security Advisory (DLA-3828-1)

The remote host is missing an update for the...

Debian: Security Advisory (DLA-3833-1)

The remote host is missing an update for the...

Debian: Security Advisory (DSA-5717-1)

The remote host is missing an update for the...

Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2024-1877)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-1850)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for dnsmasq (EulerOS-SA-2024-1865)

The remote host is missing an update for the Huawei...

Debian: Security Advisory (DSA-5710-1)

The remote host is missing an update for the...

CVE-2024-39705

NLTK through 3.8.1 allows remote code execution if untrusted packages have pickled Python code, and the integrated data package download functionality is used. This affects, for example, averaged_perceptron_tagger and punkt. Bugs ...

CVE-2024-3115

An issue was discovered in GitLab EE affecting all versions starting from 16.0 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows an attacker to access issues and epics without having an SSO session using Duo Chat. Notes Author| Note ---|---.....

CVE-2024-27629

An issue in dc2niix before v.1.0.20240202 allows a local attacker to execute arbitrary code via the generated file name is not properly escaped and injected into a system call when certain types of compression are used. Bugs ...

CVE-2024-38385

In the Linux kernel, the following vulnerability has been resolved: genirq/irqdesc: Prevent use-after-free in irq_find_at_or_after() irq_find_at_or_after() dereferences the interrupt descriptor which is returned by mt_find() while neither holding sparse_irq_lock nor RCU read lock, which means the.....

CVE-2024-38306

In the Linux kernel, the following vulnerability has been resolved: btrfs: protect folio::private when attaching extent buffer folios [BUG] Since v6.8 there are rare kernel crashes reported by various people, the common factor is bad page status error messages like this: BUG: Bad page state in...

CVE-2024-39296

In the Linux kernel, the following vulnerability has been resolved: bonding: fix oops during rmmod "rmmod bonding" causes an oops ever since commit cc317ea3d927 ("bonding: remove redundant NULL check in debugfs function"). Here are the relevant functions being called: bonding_exit() ...

CVE-2024-5430

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.10 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows a project maintainer can delete the merge request approval policy via...

Fedora 39 : libreswan (2024-07c9cfd337)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-07c9cfd337 advisory. Update to 4.15 for CVE-2024-3652 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

Welotec Industrial Routers OS Command Injection (CVE-2023-1082)

An remote attacker with low privileges can perform a command injection which can lead to root access. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

Debian dla-3855 : pdns-recursor - security update

The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3855 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3855-1 [email protected] ...

RHEL 8 : httpd:2.4/httpd (RHSA-2024:4197)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4197 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix(es): * httpd:2.4: httpd: HTTP...

GLSA-202407-02 : SDL_ttf: Arbitrary Memory Write

The remote host is affected by the vulnerability described in GLSA-202407-02 (SDL_ttf: Arbitrary Memory Write) A vulnerability has been discovered in SDL_ttf. Please review the CVE identifier referenced below for details. Tenable has extracted the preceding description block directly from the...

Debian: Security Advisory (DLA-3830-1)

The remote host is missing an update for the...

Debian: Security Advisory (DLA-3831-1)

The remote host is missing an update for the...

Debian: Security Advisory (DLA-3837-1)

The remote host is missing an update for the...

Debian: Security Advisory (DSA-5712-1)

The remote host is missing an update for the...

Huawei EulerOS: Security Advisory for docker-runc (EulerOS-SA-2024-1867)

The remote host is missing an update for the Huawei...

Debian: Security Advisory (DLA-3849-1)

The remote host is missing an update for the...

Debian: Security Advisory (DLA-3855-1)

The remote host is missing an update for the...

Debian: Security Advisory (DSA-5715-1)

The remote host is missing an update for the...

Debian: Security Advisory (DLA-3826-1)

The remote host is missing an update for the...

Debian: Security Advisory (DLA-3834-1)

The remote host is missing an update for the...

Debian: Security Advisory (DLA-3838-1)

The remote host is missing an update for the...

Ubuntu: Security Advisory (USN-6844-2)

The remote host is missing an update for...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2024-1861)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2024-1856)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for iSulad (EulerOS-SA-2024-1858)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for iSulad (EulerOS-SA-2024-1872)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-1859)

The remote host is missing an update for the Huawei...