CVE-2024-13085

creationtimestamp| type| source ---|---|--- 2024-12-31 22:37:38+00:00| seen| https://infosec.exchange/users/cve/statuses/113749829734501624 2024-12-31 23:15:27+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3len6hf2m662i 2025-01-01 00:36:22+00:00| seen|...

CVE-2024-55917

creationtimestamp| type| source ---|---|--- 2024-12-31 16:55:33+00:00| seen| https://infosec.exchange/users/vuldb/statuses/113748484629722836 2024-12-31 17:15:34+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lemkdsexas2l 2024-12-31 18:44:00+00:00| seen|...

CVE-2024-56213

creationtimestamp| type| source ---|---|--- 2024-12-31 10:05:44+00:00| seen| https://infosec.exchange/users/cve/statuses/113746873154772102 2024-12-31 12:02:03+00:00| seen| https://t.me/cvedetector/13983...

CVE-2024-56800

Firecrawl is a web scraper that allows users to extract the content of a webpage for a large language model. Versions prior to 1.1.1 contain a server-side request forgery SSRF vulnerability. The scraping engine could be exploited by crafting a malicious site that redirects to a local IP address...

CVE-2024-56712

creationtimestamp| type| source ---|---|--- 2024-12-29 08:52:13+00:00| seen| https://infosec.exchange/users/cve/statuses/113735259425553816 2024-12-29 09:15:35+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3legolqkupw2i 2024-12-29 10:41:11+00:00| seen|...

BELL-CVE-2024-56649

Bulletin has no description...

CVE-2024-47978

creationtimestamp| type| source ---|---|--- 2024-12-25 15:01:12+00:00| seen| https://infosec.exchange/users/cve/statuses/113714061135749680 2024-12-25 15:15:30+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3le5atmty4z2m 2024-12-25 17:09:29+00:00| seen|...

Malicious code in mattermost-developer-documentation (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8f5ce1bed6d6701617a1c4d5125a25fb8a534572644617c724fa576c1244ab4a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

[SECURITY] Fedora 40 Update: python3-docs-3.12.8-1.fc40

The python3-docs package contains documentation on the Python 3 programming language and interpreter...

[SECURITY] Fedora 41 Update: python3-docs-3.13.1-1.fc41

The python3-docs package contains documentation on the Python 3 programming language and interpreter...

Malicious code in spinal-env-viewer-plugin-documentation-service (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d3d2a0a560ea9b62097643b0b538b82a0eba36ef923886755262eeecca376650 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

[SECURITY] Fedora 41 Update: python3.14-3.14.0~a2-2.fc41

Python 3.14 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.14 package provides the "python3.14" executable:...

[SECURITY] Fedora 40 Update: python3.13-3.13.1-2.fc40

Python 3.13 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.13 package provides the "python3.13" executable:...

CVE-2024-55239

A reflected Cross-Site Scripting vulnerability in the standard documentation upload functionality in Portabilis i-Educar 2.9 allows attacker to craft malicious urls with arbitrary javascript in the 'titulodocumento' parameter...

CVE-2024-55239

A reflected Cross-Site Scripting vulnerability in the standard documentation upload functionality in Portabilis i-Educar 2.9 allows attacker to craft malicious urls with arbitrary javascript in the 'titulodocumento' parameter...

PT-2024-36499 · Portabilis · Portabilis I-Educar

Name of the Vulnerable Software and Affected Versions: Portabilis i-Educar version 2.9 Description: A reflected Cross-Site Scripting issue exists in the standard documentation upload functionality, allowing an attacker to craft malicious URLs with arbitrary javascript in the titulo documento...

FreeBSD : forgejo -- multiple vulnerabilities (5ca064a6-bca1-11ef-8926-9b4f2d14eb53)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 5ca064a6-bca1-11ef-8926-9b4f2d14eb53 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's...

CVE-2024-55239

Portabilis i-Educar 2.9 is affected by a reflected XSS in the standard documentation upload functionality, exploitable via the titulo_documento parameter to craft malicious URLs with arbitrary JavaScript. CVE-2024-55239 is rated CVSS v3.1 base 5.4 (Medium). Exploitation details are not described ...

CVE-2024-51479

creationtimestamp| type| source ---|---|--- 2024-12-17 18:25:35+00:00| seen| https://infosec.exchange/users/cve/statuses/113669566323116247 2024-12-17 20:57:59+00:00| seen| https://t.me/cvedetector/13124 2024-12-19 14:46:47+00:00| seen| https://bsky.app/profile/bolhasec.com/post/3ldo4gqssju2e...

CVE-2024-54366

creationtimestamp| type| source ---|---|--- 2024-12-16 14:36:05+00:00| seen| https://infosec.exchange/users/cve/statuses/113663001580830329...