SUSE SLED12 / SLES12 Security Update : avahi (SUSE-SU-2024:1500-1)

The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1500-1 advisory. - A vulnerability was found in Avahi. A reachable assertion exists in the avahiescapelabel function...

RHEL 9 : git-lfs (RHSA-2024:2724)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:2724 advisory. Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while...

greengazette.co.za Cross Site Scripting vulnerability OBB-3926259

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

cavinstay.com Cross Site Scripting vulnerability OBB-3926101

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

jforjen.com Cross Site Scripting vulnerability OBB-3926069

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

don.co.uk Cross Site Scripting vulnerability OBB-3926049

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

victimserviceskingston.ca Cross Site Scripting vulnerability OBB-3925983

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

raffalthof.com Cross Site Scripting vulnerability OBB-3925736

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

wjfc.org Cross Site Scripting vulnerability OBB-3925393

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

wnit.org Cross Site Scripting vulnerability OBB-3925394

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

RHEL 8 : nodejs:16 (RHSA-2024:2651)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2651 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes...

eismann.de Cross Site Scripting vulnerability OBB-3925361

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

tinymixtapes.com Cross Site Scripting vulnerability OBB-3925196

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

tesengineering.com Cross Site Scripting vulnerability OBB-3925163

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CentOS 7 : rhc-worker-script (RHSA-2024:2625)

The remote CentOS Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:2625 advisory. - An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK sta...

miller-mfg.com Cross Site Scripting vulnerability OBB-3925038

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

RHEL 8 : pcs (RHSA-2024:2584)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2584 advisory. The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: rubygem-rack: Denial ...

chromium -- multiple security fixes

Chrome Releases reports: This update includes 2 security fixes: 335003891 High CVE-2024-4331: Use after free in Picture In Picture. Reported by Zhenghang Xiao @Kipreyyy on 2024-04-16 333508731 High CVE-2024-4368: Use after free in Dawn. Reported by wgslfuzz on 2024-04-09...

RHEL 9 : podman (RHSA-2024:2193)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2193 advisory. The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use contain...

RHEL 9 : zziplib (RHSA-2024:2377)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2377 advisory. The zziplib is a lightweight library to easily extract data from zip files. Security Fixes: zziplib: invalid memory access at zzipdiskentrytofilehead...