Fedora: Security Advisory for rust-uu_link (FEDORA-2024-40ee18b2e7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CAN-2005-0072

CVE-2005-0072 affects zhcon (zhcon before 0.2) where the program does not drop privileges before reading a user configuration file, allowing local users to read arbitrary files. The issue is fixed in Debian with DSA-655-1 (zhcon 0.2-4woody3) and arises from reading privileged files while running ...

Git-Vuln-Finder - Finding Potential Software Vulnerabilities From Git Commit Messages

Finding potential software vulnerabilities from git commit messages. The output format is a JSON with the associated commit which could contain a fix regarding a software vulnerability. The search is based on a set of regular expressions against the commit messages only. If CVE IDs are present,...

Atlassian Jira CSRF Login Vulnerability

Summary An exploitable CSRF vulnerability exists in Atlassian Jira, from versions 7.6.4 to 8.1.0. The login form doesn’t require a CSRF token. As a result, an attacker can log a user into the system under an unexpected account. Tested Versions Atlassian Jira 7.6.4 Atlassian Jira 8.1.0 Product URL...

G DATA Total Security 25.4.0.3 - Activex Buffer Overflow

G DATA Total Security 25.4.0.3 - Activex Buffer Overflow 'for debugging/custom prolog targetFile = "C:\Program Files\G DATA\TotalSecurity\ASK\GDASpam.dll" prototype = "Function IsBlackListed ByVal strIP As String As Long" m...

Natus Xltek EEG NeuroWorks SavePatientMontage Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the SavePatientMontage functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause a stack buffer overflow resulting in code execution. An attacker can a malicious packet to trigger this vulnerability. Teste...