GHSA-8V4W-F4R9-7H6X Vulnerable juju hook tool abstract UNIX domain socket

Impact When combined with an attack of JUJUCONTEXTID, any user on the local system with access to the default network namespace may connect to the @/var/lib/juju/agents/unit-xxxx-yyyy/agent.socket and perform actions that are normally reserved to a juju charm. Patches Patch:...

Traccar 5.12 Remote Code Execution

class MetasploitModule 'Traccar v5 Remote Code Execution CVE-2024-31214 and CVE-2024-24809', 'Description' = %q Remote Code Execution in Traccar v5.1 - v5.12. Remote code execution can be obtained by combining two vulnerabilities: A path traversal vulnerability CVE-2024-24809 and an unrestricted...

ZoneMinder < 1.36.34 Multiple Vulnerabilities

ZoneMinder is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:zoneminder:zoneminder"; if...

CVE-2024-41810

creationtimestamp| type| source ---|---|--- 2024-07-29 13:48:23+00:00| published-proof-of-concept| https://github.com/twisted/twisted/security/advisories/GHSA-cf56-g6w6-pqq2...

CVE-2024-41818

creationtimestamp| type| source ---|---|--- 2024-07-28 00:58:52+00:00| published-proof-of-concept| https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-mpg4-rc92-vx8v...

Netatalk < 3.2.1 Multiple Vulnerabilities

Netatalk is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:netatalk:netatalk"; ifdescription...

ZDI-CAN-23894: Parse Server literalizeRegexPart SQL Injection Authentication Bypass Vulnerability

Impact This vulnerability allows SQL injection when Parse Server is configured to use the PostgreSQL database. Patches The algorithm to detect SQL injection has been improved. Workarounds None. References - https://github.com/parse-community/parse-server/security/advisories/GHSA-c2hr-cqg6-8j6r -...

CVE-2024-37301

creationtimestamp| type| source ---|---|--- 2024-06-11 17:49:20+00:00| published-proof-of-concept| https://github.com/adfinis/document-merge-service/security/advisories/GHSA-v5gf-r78h-55q6...

CVE-2024-35189

creationtimestamp| type| source ---|---|--- 2024-05-30 12:22:15+00:00| published-proof-of-concept| https://github.com/ethyca/fides/security/advisories/GHSA-rcvg-jj3g-rj7c...

CVE-2024-34715

creationtimestamp| type| source ---|---|--- 2024-05-29 10:02:28+00:00| published-proof-of-concept| https://github.com/ethyca/fides/security/advisories/GHSA-8cm5-jfj2-26q7...

Exploit for OS Command Injection in Dolibarr Dolibarr_Erp\/Crm

CVE-2023-30253 Description Dolibarr before 17.0.1 al...

CVE-2024-34075

creationtimestamp| type| source ---|---|--- 2024-05-03 20:30:38+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-hfrv-h3q8-9jpr...

GHSA-R4Q9-XX5G-J24P s3-url-parser vulnerable to Denial of Service via regexes component

s3-url-parser 1.0.3 is vulnerable to denial of service via the regexes component...

CVE-2024-2756

Due to an incomplete fix to CVE-2022-31629 https://github.com/advisories/GHSA-c43m-486j-j32p , network and same-site attackers can set a standard insecure cookie in the victim's browser which is treated as a Host- or Secure- cookie by PHP applications...

CVE-2024-2756

Due to an incomplete fix to CVE-2022-31629 https://github.com/advisories/GHSA-c43m-486j-j32p , network and same-site attackers can set a standard insecure cookie in the victim's browser which is treated as a Host- or Secure- cookie by PHP applications...

CVE-2024-32649

creationtimestamp| type| source ---|---|--- 2024-04-25 13:00:55+00:00| published-proof-of-concept| https://github.com/vyperlang/vyper/security/advisories/GHSA-5jrj-52x8-m64h...

CVE-2024-32648

creationtimestamp| type| source ---|---|--- 2024-04-25 12:46:04+00:00| published-proof-of-concept| https://github.com/vyperlang/vyper/security/advisories/GHSA-m2v9-w374-5hj9...

CVE-2024-32645

creationtimestamp| type| source ---|---|--- 2024-04-25 12:36:44+00:00| published-proof-of-concept| https://github.com/vyperlang/vyper/security/advisories/GHSA-xchq-w5r3-4wg3...

CVE-2024-32472

creationtimestamp| type| source ---|---|--- 2024-04-17 21:15:16+00:00| published-proof-of-concept| https://github.com/excalidraw/excalidraw/security/advisories/GHSA-m64q-4jqh-f72f...

CVE-2024-4340

creationtimestamp| type| source ---|---|--- 2024-04-15 20:21:25+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-2m57-hf25-phgg...