CVE-2024-8650

An issue was discovered in GitLab CE/EE affecting all versions from 15.0 prior to 17.4.6, 17.5 prior to 17.5.4, and 17.6 prior to 17.6.2 that allowed non-member users to view unresolved threads marked as internal notes in public projects merge requests...

CVE-2024-11759

The Bukza plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'bukza' shortcode in all versions up to, and including, 2.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, wi...

CVE-2024-28146 Hardcoded credentials

The application uses several hard-coded credentials to encrypt config files during backup, to decrypt the new firmware during an update and some passwords allow a direct connection to the database server of the affected device...

EulerOS 2.0 SP11 : expat (EulerOS-SA-2024-2980)

According to the versions of the expat package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XMLParseBuffer.CVE-2024-45490 An issue was...

CVE-2024-12292

An issue was discovered in GitLab CE/EE affecting all versions starting from 11.0 prior to 17.4.6, starting from 17.5 prior to 17.5.4, and starting from 17.6 prior to 17.6.2, where sensitive information passed in GraphQL mutations may have been retained in GraphQL logs...

SUSE-SU-2024:4148-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: - Mozilla Thunderbird 128.5 fixed: IMAP could crash when reading cached messages fixed: Enabling 'Show Folder Size' on Maildir profile could render Thunderbird unusable fixed: Messages corrupted by folder compaction were only fixed by...

Printer problems? Beware the bogus help

Anyone who has ever used a printer likely has had a frustrating experience at some point. There always seems to be some kind of issue with the software not responding, paper getting jammed or one of many other possible failures. When people need help, they often turn to Google and now AI to look...

CVE-2024-11669

An issue was discovered in GitLab CE/EE affecting all versions from 16.9.8 before 17.4.5, 17.5 before 17.5.3, and 17.6 before 17.6.1. Certain API endpoints could potentially allow unauthorized access to sensitive data due to overly broad application of token scopes...

Exploit for CVE-2024-29671

NEXTU FLETA Wifi6 Router RCE Exploit POC This document...

CVE-2024-1682

A flaw was found in the psf/requests documentation. This vulnerability allows data integrity issues, data leakage, availability problems, and potential further attacks via a reference to an unclaimed Amazon S3 bucket in an audio file link within a .rst documentation file. Mitigation Mitigation fo...

CVE-2024-1682

An unclaimed Amazon S3 bucket, 'codeconf', is referenced in an audio file link within the .rst documentation file. This bucket has been claimed by an external party. The use of this unclaimed S3 bucket could lead to data integrity issues, data leakage, availability problems, loss of...

CVE-2024-1682

CVE-2024-1682 concerns an unclaimed Amazon S3 bucket named 'codeconf' referenced in an audio-file link in .rst docs. Connected sources confirm this bucket has been claimed and discuss potential data integrity, leakage, availability, trust, and pivot risks if used to host or relay malicious conten...

CVE-2024-1682 Unclaimed S3 Bucket Reference in psf/requests Documentation

An unclaimed Amazon S3 bucket, 'codeconf', is referenced in an audio file link within the .rst documentation file. This bucket has been claimed by an external party. The use of this unclaimed S3 bucket could lead to data integrity issues, data leakage, availability problems, loss of...

CVE-2024-1682 Unclaimed S3 Bucket Reference in psf/requests Documentation

An unclaimed Amazon S3 bucket, 'codeconf', is referenced in an audio file link within the .rst documentation file. This bucket has been claimed by an external party. The use of this unclaimed S3 bucket could lead to data integrity issues, data leakage, availability problems, loss of...

CVE-2024-9693

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.0 prior to 17.3.7, starting from 17.4 prior to 17.4.4, and starting from 17.5 prior to 17.5.2, which could have allowed unauthorized access to the Kubernetes agent in a cluster under specific configurations...

Fedora 41 : chromium (2024-3a6f9ab958)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-3a6f9ab958 advisory. Update to 130.0.6723.58 High CVE-2024-9954: Use after free in AI Medium CVE-2024-9955: Use after free in Web Authentication Medium CVE-2024-9956:...

openSUSE 15 Security Update : virtualbox (openSUSE-SU-2024:0364-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2024:0364-1 advisory. Update to release 7.1.4: NAT: Fixed DHCP problems with certain guests when domain is empty VMSVGA: Improved flickering, black screen and other...

Cloud || Remote Browser Isolation most of the time not working

Users getting black screen. Or connection was closed screen...

VMware vSphere 7.0 Known Issues

...

Citrix Virtual Apps and Desktops: Session Launch Issues

Introduction This article provides a list of Knowledge Base resources on how to investigate, troubleshoot, and prevent the most common issues with session launch in Citrix Virtual Apps and Desktops. Overview of the Issue The process of session launch in Citrix Virtual Apps and Desktops is depende...