UBUNTU-CVE-2024-38824

Directory traversal vulnerability in recvfile method allows arbitrary files to be written to the master cache directory...

UBUNTU-CVE-2025-22239

Arbitrary event injection on Salt Master. The master's "minionevent" method can be used by and authorized minion to send arbitrary events onto the master's event bus...

UBUNTU-CVE-2025-22242

Worker process denial of service through file read operation. .A vulnerability exists in the Master's “pubret” method which is exposed to all minions. The un-sanitized input value “jid” is used to construct a path which is then opened for reading. An attacker could exploit this vulnerabilities by...

CVE-2024-38824 CVE-2024-38824 salt advisory

Directory traversal vulnerability in recvfile method allows arbitrary files to be written to the master cache directory...

CVE-2024-38824 CVE-2024-38824 salt advisory

Directory traversal vulnerability in recvfile method allows arbitrary files to be written to the master cache directory...

CVE-2024-38824

CVE-2024-38824 is a directory traversal vulnerability in the recv_file method that allows writing arbitrary files into the Salt master cache directory. Public references in multiple advisories (SUSE openSUSE/SUSE-SU-2025-02501/-02492/-02476, SUSE-2025-02492, -02500, -02502) confirm the flaw affec...

Salt 安全漏洞

Salt is an automation, infrastructure management, data-driven orchestration, and remote execution application from the Salt project. A security vulnerability exists in Salt that stems from the failure to clean up the input value jid in the main pubret method, which could lead to a denial of servi...

[SECURITY] Fedora 42 Update: fcitx5-qt-5.1.9-7.fc42

Qt library and IM module for fcitx5...

Freescout set function deserialization vulnerability

FreeScout is an open source helpdesk system built on the PHP Laravel framework, designed to provide users with functionality similar to Zendesk or Help Scout, but without sacrificing privacy or freedom. Freescout suffers from a deserialization vulnerability that stems from the fact that through t...

CVE-2024-40625 GeoServer Coverage REST API Allows Server Side Request Forgery

GeoServer is an open source server that allows users to share and edit geospatial data. The Coverage rest api /workspaces/workspaceName/coveragestores/storeName/method.format allows attackers to upload files with a specified url with method equals 'url' with no restrict. This vulnerability is fix...

Tenda AC18 /goform/setPptpUserList Buffer Overflow Vulnerability

The Tenda AC18 is a router from the Chinese company Tenda. The Tenda AC18 suffers from a buffer overflow vulnerability that originates from a misuse of the parameter list in the file /goform/setPptpUserList, which can be exploited by an attacker to submit a special request and execute arbitrary...

Symbolic Generation and Modular Embedding of High-Quality Abc-Triples

We present a symbolic identity for generating integer triples $a, b, c$ satisfying $a + b = c$, inspired by structural features of the \emphabc conjecture. The construction uses powers of $2$ and $3$ in combination with modular inversion in $\mathbbZ/3^p\mathbbZ$, leading to a parametric identity...

CVE-2025-5898

A vulnerability classified as critical has been found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. Affected is the function parsevariablesoption of the file utilities/pspp-convert.c. The manipulation leads to out-of-bounds write. The attack needs to be approached locally. The exploit has...

OS Command Exec, Unix Command Shell, Reverse TCP SSL (telnet)

Execute an OS command from PHP. Creates an interactive shell via mkfifo and telnet. This method works on Debian and other systems compiled without /dev/tcp support. This module uses the '-z' option included on some systems to encrypt using SSL. Module Options msf use...

Exploit for CVE-2025-49113

CVE-2025-49113 RCE exploit the method for use...

FreeScout Information Disclosure Vulnerability

FreeScout is an ultra-lightweight free open source helpdesk and shared inbox built using PHP Laravel framework by FreeScout. FreeScout suffers from an information disclosure vulnerability that is caused by a logic flaw in the fill method. An attacker could exploit the vulnerability to obtain...

Security Bulletin: Maximo AI Service Component: Spring Security Aspects may not correctly locate method security annotations on private methods.

Summary Security Bulletin: Maximo AI Service Component Component uses Spring Security Aspects may not correctly locate method security annotations on private methods.This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-41232...

BIT-JOOMLA-2025-25226 [20250401] - Joomla Framework - SQL injection vulnerability in quoteNameStr method of Database package

Improper handling of identifiers lead to a SQL injection vulnerability in the quoteNameStr method of the database package. Please note: the affected method is a protected method. It has no usages in the original packages in neither the 2.x nor 3.x branch and therefore the vulnerability in questio...

The vulnerability of the deletePackages method in the HPE StoreOnce VSA virtual storage system allows a attacker to gain access to read and delete any files they desire.

The vulnerability of the deletePackages method in the HPE StoreOnce VSA virtual storage system is related to an incorrect restriction on the path name to the restricted-access directory. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to read and...

GHSA-7W8P-CHXQ-2789 Deno.env.toObject() ignores the variables listed in --deny-env and returns all environment variables

Summary The Deno.env.toObject method ignores any variables listed in the --deny-env option of the deno run command. When looking at the documentation of the --deny-env option this might lead to a false impression that variables listed in the option are impossible to read. PoC export...