19 matches found
Security update for mozjs60
This update for mozjs60 fixes the following issues: CVE-2024-56431: Fixed a negative shift in huffdec.c bsc1234837. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed...
March episode “In the Trend of VM” (#13): vulnerabilities of Microsoft, PAN-OS, СommuniGate and who should patch hosts with deployed application
March episode "In the Trend of VM" 13: vulnerabilities of Microsoft, PAN-OS, СommuniGate and who should patch hosts with deployed application. I'm posting the translated video with a big delay, but it's better than never. Video on YouTube and LinkedIn Post on Habr rus Digest on the PT website...
Ivanti Releases Security Updates for Connect Secure, Policy Secure & ZTA Gateways Vulnerability (CVE-2025-22457)
Ivanti released security updates to address vulnerabilities CVE-2025-22457 in Ivanti Connect Secure, Policy Secure & ZTA Gateways. A cyber threat actor could exploit CVE-2025-22457 to take control of an affected system. CISA has added CVE-2025-22457 to its Known Exploited Vulnerabilities Catalog...
openSUSE Security Advisory (SUSE-SU-2024:3772-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PT-2024-39155 · WordPress · Wpfactory Helper
Name of the Vulnerable Software and Affected Versions: WPFactory Helper plugin for WordPress versions up to, and including, 1.7.0 Description: The WPFactory Helper plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add query arg without appropriate escaping on...
maddocksbrown.org Cross Site Scripting vulnerability OBB-3916336
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
aam.aero Cross Site Scripting vulnerability OBB-3620111
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
fruitbedrijfhorstink.nl Cross Site Scripting vulnerability OBB-3366745
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
quimper.bibliossimo.info Cross Site Scripting vulnerability OBB-3346766
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
JSA10482 - 2011-07 Out of Cycle Security Bulletin: Multiple Products; TLS/SSL Renegotiation Vulnerability (CVE-2009-3555)
Edit: 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. CVE-2009-3555 summary: The TLS protocol, and the SSL protocol 3.0 and possibly earlier, does not properly associate renegotiation handshakes with an existing connection, which allows...
Microsoft Exchange Server October 2022 Zero-day Vulnerabilities (ProxyNotShell)
The Microsoft Exchange Server installed on the remote host is potentially affected by multiple zero-day vulnerabilities, dubbed ProxyNotShell: - An unspecified authenticated server-side request forgery SSRF vulnerability. CVE-2022-41040 - An unspecified authenticated remote code execution RCE...
methilcentre.org.uk Cross Site Scripting vulnerability OBB-2956106
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
vacuumplant.co.kr Cross Site Scripting vulnerability OBB-1358318
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
inspired-accessories.de Cross Site Scripting vulnerability OBB-1323823
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
it-comp.kz Cross Site Scripting vulnerability OBB-1270514
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
nteu296.com Cross Site Scripting vulnerability OBB-1237482
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
fn-landom.com.au Cross Site Scripting vulnerability OBB-1208377
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
Exploit for Use After Free in Microsoft
CV...
CVE-2025-3283
...