[SECURITY] Fedora 40 Update: python3.13-3.13.1-2.fc40

Python 3.13 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.13 package provides the "python3.13" executable:...

CVE-2024-55239

A reflected Cross-Site Scripting vulnerability in the standard documentation upload functionality in Portabilis i-Educar 2.9 allows attacker to craft malicious urls with arbitrary javascript in the 'titulodocumento' parameter...

PT-2024-36499 · Portabilis · Portabilis I-Educar

Name of the Vulnerable Software and Affected Versions: Portabilis i-Educar version 2.9 Description: A reflected Cross-Site Scripting issue exists in the standard documentation upload functionality, allowing an attacker to craft malicious URLs with arbitrary javascript in the titulo documento...

CVE-2024-55239

A reflected Cross-Site Scripting vulnerability in the standard documentation upload functionality in Portabilis i-Educar 2.9 allows attacker to craft malicious urls with arbitrary javascript in the 'titulodocumento' parameter...

CVE-2024-55239

Portabilis i-Educar 2.9 is affected by a reflected XSS in the standard documentation upload functionality, exploitable via the titulo_documento parameter to craft malicious URLs with arbitrary JavaScript. CVE-2024-55239 is rated CVSS v3.1 base 5.4 (Medium). Exploitation details are not described ...

FreeBSD : forgejo -- multiple vulnerabilities (5ca064a6-bca1-11ef-8926-9b4f2d14eb53)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 5ca064a6-bca1-11ef-8926-9b4f2d14eb53 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's...

CVE-2024-51479

creationtimestamp| type| source ---|---|--- 2024-12-17 18:25:35+00:00| seen| https://infosec.exchange/users/cve/statuses/113669566323116247 2024-12-17 20:57:59+00:00| seen| https://t.me/cvedetector/13124 2024-12-19 14:46:47+00:00| seen| https://bsky.app/profile/bolhasec.com/post/3ldo4gqssju2e...

CVE-2024-54366

creationtimestamp| type| source ---|---|--- 2024-12-16 14:36:05+00:00| seen| https://infosec.exchange/users/cve/statuses/113663001580830329...

BIT-NODE-MIN-2023-30590

The generateKeys API function returned from crypto.createDiffieHellman only generates missing or outdated keys, that is, it only generates a private key if none has been set yet, but the function is also needed to compute the corresponding public key after calling setPrivateKey. However, the...

BIT-NODE-MIN-2024-21890

The Node.js Permission Model does not clarify in the documentation that wildcards should be only used as the last character of a file path. For example: --allow-fs-read=/home/node/.ssh/.pub will ignore pub and give access to everything after .ssh/. This misleading documentation affects all users...

CVE-2024-111053

creationtimestamp| type| source ---|---|--- 2024-12-15 14:02:00+00:00| seen| https://mastodon.social/users/bagder/statuses/113657205050547339...

[SECURITY] Fedora 40 Update: python3.10-3.10.16-1.fc40

Python 3.10 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.10 package provides the "python3.10" executable:...

CVE-2024-54306

creationtimestamp| type| source ---|---|--- 2024-12-14 01:44:59+00:00| seen| https://infosec.exchange/users/cve/statuses/113648644841373676...

CVE-2024-54265

creationtimestamp| type| source ---|---|--- 2024-12-13 23:44:52+00:00| seen| https://infosec.exchange/users/cve/statuses/113648172458512307...

CVE-2023-41857

creationtimestamp| type| source ---|---|--- 2024-12-13 21:29:42+00:00| seen| https://infosec.exchange/users/cve/statuses/113647641007381288...

[SECURITY] Fedora 40 Update: python3.11-3.11.11-1.fc40

Python 3.11 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.11 package provides the "python3.11" executable:...

CVE-2024-54498

creationtimestamp| type| source ---|---|--- 2024-12-12 00:14:10+00:00| seen| https://infosec.exchange/users/cve/statuses/113636963116312437 2025-01-11 13:30:58+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/11669 2025-01-11 16:05:32+00:00| published-proof-of-concept|...

FreeBSD : chromium -- multiple security fixes (3d5b7860-48ad-48c2-aa36-601b8ab9cc43)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 3d5b7860-48ad-48c2-aa36-601b8ab9cc43 advisory. Chrome Releases reports: This update includes 4 security fixes: Tenable has extracted the preceding...

CVE-2024-8116

creationtimestamp| type| source ---|---|--- 2024-12-11 16:30:39+00:00| seen| https://infosec.exchange/users/screaminggoat/statuses/113635140492482846 2024-12-16 04:35:37+00:00| seen| https://infosec.exchange/users/cve/statuses/113660640409849262 2024-12-16 07:18:27+00:00| seen|...

[SECURITY] Fedora 40 Update: python3.14-3.14.0~a2-2.fc40

Python 3.14 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.14 package provides the "python3.14" executable:...