ovn: egress ACLs may be bypassed via specially crafted UDP packet

A flaw was found in the Open Virtual Network OVN. Specially crafted UDP packets may bypass egress access control lists ACLs in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized...

CVE-2024-7503

The WooCommerce - Social Login plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.7.5. This is due to the use of loose comparison of the activation code in the 'wooslgconfirmemailuser' function. This makes it possible for unauthenticated attackers to l...

DEBIAN-CVE-2023-52924

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: don't skip expired elements during walk There is an asymmetry between commit/abort and preparation phase if the following conditions are met: 1. set is a verdict map "1.2.3.4 : jump foo" 2. timeouts are enabl...

CVE-2024-1879

A Cross-Site Request Forgery CSRF vulnerability in significant-gravitas/autogpt version v0.5.0 allows attackers to execute arbitrary commands on the AutoGPT server. The vulnerability stems from the lack of protections on the API endpoint receiving instructions, enabling an attacker to direct a us...

CVE-2024-37082

When deploying Cloud Foundry together with the haproxy-boshrelease and using a non default configuration, it might be possible to craft HTTP requests that bypass mTLS authentication to Cloud Foundry applications. You are affected if you have route-services enabled in routing-release and have...

PT-2025-5612 · Dumpdrop · Dumpdrop

Name of the Vulnerable Software and Affected Versions: DumpDrop affected versions not specified Description: The issue is related to an OS Command Injection vulnerability in the DumpDrop application, specifically in the "/upload/init" endpoint. This vulnerability could allow an attacker to execut...

CVE-2024-12511

With address book access, SMB/FTP settings could be modified, redirecting scans and possibly capturing credentials. This requires enabled scan functions and printer access...

DRUPAL-CONTRIB-2025-008

This module enables you to add the Matomo web statistics tracking system to your website. The Matomo Analytics Tag Manager sub-module allows you to add one or more Matomo tag containers on your website. The module does not protect against Cross Site Request Forgeries on routes to enable or disabl...

BSOD, "BAD SYSTEM CONFIG INFO", When Creating a New Layer

When trying to create a new Windows 11 platform layer a BSOD loop occurs during the first boot of the packaging machine. Offload Composting was enabled. The below screens are seen...

Medium: grpc

Issue Overview: There exists a denial of service through Data corruption in gRPC-C++ - gRPC-C++ servers with transmit zero copy enabled through the channel arg GRPCARGTCPTXZEROCOPYENABLED can experience data corruption issues. The data sent by the application may be corrupted before transmission...

DEBIAN-CVE-2025-0650

A flaw was found in the Open Virtual Network OVN. Specially crafted UDP packets may bypass egress access control lists ACLs in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized...

AI (Artificial Intelligence) - Moderately critical - Access bypass, Information Disclosure - SA-CONTRIB-2025-004

The AI logging sub-module enables you to log AI requests and responses for debugging and auditing purposes. The module doesn't sufficiently check for access to view the preview listing of the logs. Full log details are correctly protected, and API keys are never logged. This vulnerability is...

AZL-57596 CVE-2024-57939 affecting package kernel for versions less than 5.15.180.1-1

In the Linux kernel, the following vulnerability has been resolved: riscv: Fix sleeping in invalid context in die die can be called in exception handler, and therefore cannot sleep. However, die takes spinlockt which can sleep with PREEMPTRT enabled. That causes the following warning: BUG: sleepi...

CVE-2024-57939

In the Linux kernel, the following vulnerability has been resolved: riscv: Fix sleeping in invalid context in die die can be called in exception handler, and therefore cannot sleep. However, die takes spinlockt which can sleep with PREEMPTRT enabled. That causes the following warning: BUG: sleepi...

SUSE CVE-2024-56323

OpenFGA is an authorization/permission engine. IN OpenFGA v1.3.8 to v1.8.2 Helm chart openfga-0.1.38 to openfga-0.2.19, docker v1.3.8 to v.1.8.2 are vulnerable to authorization bypass under the following conditions: 1. calling Check API or ListObjects with a model that uses conditions, and 2...

CVE-2024-49375

Open source machine learning framework. A vulnerability has been identified in Rasa that enables an attacker who has the ability to load a maliciously crafted model remotely into a Rasa instance to achieve Remote Code Execution. The prerequisites for this are: 1. The HTTP API must be enabled on t...

CVE-2024-49375 Remote Code Execution via Remote Model Loading in Rasa

Open source machine learning framework. A vulnerability has been identified in Rasa that enables an attacker who has the ability to load a maliciously crafted model remotely into a Rasa instance to achieve Remote Code Execution. The prerequisites for this are: 1. The HTTP API must be enabled on t...

Deserialization of Untrusted Data

Overview rasa-pro is a State-of-the-art open-core Conversational AI framework for Enterprises that natively leverages generative AI for effortless assistant development. Affected versions of this package are vulnerable to Deserialization of Untrusted Data by loading a maliciously crafted model in...

CVE-2024-56323

OpenFGA is an authorization/permission engine. IN OpenFGA v1.3.8 to v1.8.2 Helm chart openfga-0.1.38 to openfga-0.2.19, docker v1.3.8 to v.1.8.2 are vulnerable to authorization bypass under the following conditions: 1. calling Check API or ListObjects with a model that uses conditions, and 2...

CVE-2024-56323 OpenFGA Authorization Bypass

OpenFGA is an authorization/permission engine. IN OpenFGA v1.3.8 to v1.8.2 Helm chart openfga-0.1.38 to openfga-0.2.19, docker v1.3.8 to v.1.8.2 are vulnerable to authorization bypass under the following conditions: 1. calling Check API or ListObjects with a model that uses conditions, and 2...