Rockwell Automation FactoryTalk Updater Installed (Windows)

Binary data rockwellfactorytalkupdaterwininstalled.nbin...

Rclone Installed (Mac OS X)

Binary data rclonemacosinstalled.nbin...

The vulnerability of the needrestart utility, related to concurrent access to resources (race condition), allows a violator to execute arbitrary code in the context of the root user.

The vulnerability of the needrestart tool is related to concurrent access to resources race condition. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the root user by replacing the file usr/bin/python with a malicious executable file...

JetBrains WebStorm Installed (Linux)

Binary data jetbrainswebstormnixinstalled.nbin...

Binary Vulnerability in Damon New Cloud Cache Database of Wuhan Damon Database Co.

Damon New Cloud Cache Database DMCDM is a Key-Value database that is deeply compatible with the native Redis protocol. A binary vulnerability exists in the Damon New Cloud Cache Database DMCDM of Wuhan Damon Database Co. which can be exploited by attackers to cause a denial of service...

DEBIAN-CVE-2024-53429

Open62541 v1.4.6 is has an assertion failure in fuzzbinarydecode, which leads to a crash...

UBUNTU-CVE-2024-53429

Open62541 v1.4.6 is has an assertion failure in fuzzbinarydecode, which leads to a crash...

JetBrains WebStorm Installed (Mac OS X)

Binary data jetbrainswebstormmacosinstalled.nbin...

Open62541 安全漏洞

Open62541 is an open source implementation of OPC UA OPC Unified Architecture by Open62541 Open Source. A security vulnerability exists in Open62541 version 1.4.6, which stems from an assertion failure in fuzzbinarydecode that causes a crash...

Apple iOS < 18.1.1 Multiple Vulnerabilities (121752)

Binary data appleios1811check.nbin...

CVE-2024-53429

Open62541 v1.4.6 is has an assertion failure in fuzzbinarydecode, which leads to a crash...

Arbitrary File Upload

Overview django-filer is an A file management application for django that makes handling of files and images a breeze. Affected versions of this package are vulnerable to Arbitrary File Upload via the file upload mechanism allowing, by default, the upload of binary or unknown file types...

Grafana Labs SQL expressions allowing for RCE (CVE-2024-9264)

The version of Grafana Labs installed on the remote host is affected by a vulnerability as referenced in the CVE-2024-9264 advisory. - The SQL Expressions experimental feature of Grafana allows for the evaluation of 'duckdb' queries containing user input. These queries are insufficiently sanitize...

Apache Tomcat 10.1.27 < 10.1.31 / 10.1.0-M1 < 10.1.31 Multiple Vulnerabilities

Binary data 701494.pasl...

The vulnerability of the MongoDB database management system lies in improper handling of zero bytes during BSON data processing. This allows attackers to gain unauthorized access to protected information or cause service failures.

The vulnerability of the MongoDB database management system server is related to improper elimination of zero bytes. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information or cause service failures by sending specially crafted queries...

Apache Tomcat < 10.1.33 Vulnerability

Binary data 701491.pasl...

Apache Tomcat < 11.0.1 Vulnerability

Binary data 701490.pasl...

OESA-2024-2400 xstream security update

XStream is a simple library to serialize objects to XML and back again. A high level facade is supplied that simplifies common use cases. Custom objects can be serialized without need for specifying mappings. Speed and low memory footprint are a crucial part of the design, making it suitable for...

OESA-2024-2385 openssl security update

OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security TLS and Secure Sockets Layer SSL protocols. Security Fixes: Issue summary: Use of the low-level GF2^m elliptic curve APIs with untrusted explicit values for the field polynomial can lead to...

OESA-2024-2384 openssl security update

OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security TLS and Secure Sockets Layer SSL protocols. Security Fixes: Issue summary: Use of the low-level GF2^m elliptic curve APIs with untrusted explicit values for the field polynomial can lead to...