CVE-2024-24788 vulnerabilities

Vulnerabilities for packages: dgraph, prometheus-pushgateway-fips, ferretdb, dex, docker-credential-gcr, policy-controller-fips, certificate-transparency-fips, spegel, aws-flb-firehose-fips, kpt, cosign, hey, tfsec, cert-exporter-fips, helm-fips, melange, eck-operator, tempo, chartmuseum, rclone,...

CVE-2024-24842

Deserialization of Untrusted Data vulnerability in Echo Plugins Knowledge Base for Documentation, FAQs with AI Assistance.This issue affects Knowledge Base for Documentation, FAQs with AI Assistance: from n/a through 11.30.2...

CVE-2024-24842

CVE-2024-24842 affects WordPress plugin “Knowledge Base for Documentation, FAQs with AI Assistance” (Echo Knowledge Base) up to version 11.30.2. Public docs describe an unauthenticated PHP object injection caused by deserialization in is_article_recently_viewed, enabling PHP object injection thro...

[SECURITY] Fedora 40 Update: apache-commons-net-3.10.0-5.fc40

This is an Internet protocol suite Java library originally developed by ORO, Inc. This version supports Finger, Whois, TFTP, Telnet, POP3, FTP, NNTP, SMTP, and some miscellaneous protocols like Time and Echo as well as BSD R command support. The purpose of the library is to provide fundamental...

Exploit for Deserialization of Untrusted Data in Apache Activemq

ActiveMQ-Exploit Englishhttps://github.com/Arlenhiack/...

CVE-2021-46999

In the Linux kernel, the following vulnerability has been resolved: sctp: do asoc update earlier in sctpsfdodupcooka There's a panic that occurs in a few of envs, the call trace is as below: general protection fault, ... 0x29acd70f1000a: 0000 1 SMP PTI RIP:...

DEBIAN-CVE-2021-46999

In the Linux kernel, the following vulnerability has been resolved: sctp: do asoc update earlier in sctpsfdodupcooka There's a panic that occurs in a few of envs, the call trace is as below: general protection fault, ... 0x29acd70f1000a: 0000 1 SMP PTI RIP:...

UBUNTU-CVE-2021-46999

In the Linux kernel, the following vulnerability has been resolved: sctp: do asoc update earlier in sctpsfdodupcooka There's a panic that occurs in a few of envs, the call trace is as below: general protection fault, ... 0x29acd70f1000a: 0000 1 SMP PTI RIP:...

PT-2024-3657 · Ge Healthcare · Ge Healthcare Echopac

Name of the Vulnerable Software and Affected Versions: GE HealthCare EchoPAC affected versions not specified Description: The issue is related to incorrect permission assignment for a critical resource in the GE HealthCare EchoPAC medical software. Exploitation of this issue may allow an attacker...

PT-2024-3658 · Ge Healthcare · Ge Healthcare Echopac

Name of the Vulnerable Software and Affected Versions: GE HealthCare EchoPAC products affected versions not specified Description: The issue concerns vulnerable data in transit in GE HealthCare EchoPAC products, which is related to the lack of encryption measures. This could allow a remote attack...

The vulnerability of the Static Handler component of the web framework used to create scalable and high-performance web applications, Echo, allows a attacker to perform an SSRF attack.

The vulnerability of the Static Handler component of the web framework used to create scalable and high-performance web applications, Echo, involves redirecting URLs to an unreliable website. Exploiting this vulnerability can enable a remote attacker to perform an SSRF attack...

CVE-2023-49270

Hotel Management v1.0 is vulnerable to multiple authenticated Reflected Cross-Site Scripting vulnerabilities. The 'checkindate' parameter of the reservation.php resource is copied into the HTML document as plain text between tags. Any input is echoed unmodified in the application's response...

GHSA-4H72-34J6-J8X7 Maloja error page XSS vulnerability

Impact The error page for a missing path echoes the path back to the user. If this contains HTML, an attacker could execute a script on the user's machine inside the Maloja context and perform authorized actions like scrobbling or deleting scrobbles. This does not affect the security of your...

samba: "rpcecho" development server allows denial of service via sleep() call on AD DC

A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the "rpcecho" service operates with only one worker in...

samba: "rpcecho" development server allows denial of service via sleep() call on AD DC

A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the "rpcecho" service operates with only one worker in...

AZL-37027 CVE-2023-42669 affecting package samba 4.18.3-2

A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the "rpcecho" service operates with only one worker in...

ALPINE-CVE-2023-42669

A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the "rpcecho" service operates with only one worker in...

AZL-31940 CVE-2023-42669 affecting package samba 4.12.5-7

A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the "rpcecho" service operates with only one worker in...

Cross site scripting

Online Blood Donation Management System v1.0 is vulnerable to a Stored Cross-Site Scripting vulnerability. The 'firstName' parameter of the users/register.php resource is copied into the users/member.php document as plain text between tags. Any input is echoed unmodified in the users/member.php...

The vulnerability of the dcesrv_echo_TestSleep() RPC-server of the rpcecho package in the Samba networking communication library allows a attacker to cause a service failure.

The vulnerability of the dcesrvechoTestSleep RPC-server of the rpcecho network interaction software package in Samba is related to improper release of resources. Exploiting this vulnerability could allow a remote attacker to cause service failures...