GLSA-202401-07 : R: Directory Traversal

The remote host is affected by the vulnerability described in GLSA-202401-07 R: Directory Traversal - The R programming language's default package manager CRAN is affected by a path traversal vulnerability that can lead to server compromise. This vulnerability affects packages installed via the R...

Plotly.js Security Vulnerability

Plotly.js is Plotly open source an independent Javascript data visualization library . Plotly.js version before 2.25.2 has a security vulnerability , the vulnerability stems from a prototype contamination problem in the API call...

What is RabbitMQ?

Grasping the Basics: What is RabbitMQ? Take a step into the realm of software development, where efficient and smooth interaction between various applications is the linchpin. Here, we bring into the mix RabbitMQ. Going down to brass tacks, RabbitMQ serves as a no-cost message broker tool,...

[SECURITY] Fedora 38 Update: python3.12-3.12.1-2.fc38

Python 3.12 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.12 package provides the "python3.12" executable:...

[SECURITY] Fedora 39 Update: python3.12-3.12.1-2.fc39

Python 3.12 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries...

The vulnerability of the programming software for PLCs (programmable logic controllers), namely the Saia PG5 Controls Suite, arises from incorrect restrictions on XML links to external objects. This allows attackers to gain unauthorized access to protected information.

The vulnerability of the programming software for PLCs programmable logic controllers, Saia PG5 Controls Suite, is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

Fedora: Security Advisory (FEDORA-2023-d577604e6a)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 39 Update: python3.11-3.11.7-2.fc39

Python 3.11 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.11 package provides the "python3.11" executable:...

PT-2023-32722 · WordPress · Essential Blocks

Name of the Vulnerable Software and Affected Versions: The Essential Blocks WordPress plugin versions prior to 4.4.3 Description: The issue allows unauthenticated attackers to overwrite local variables when rendering templates over the REST API, potentially leading to Local File Inclusion attacks...

Decoy Microsoft Word Documents Used to Deliver Nim-Based Malware

A new phishing campaign is leveraging decoy Microsoft Word documents as bait to deliver a backdoor written in the Nim programming language. "Malware written in uncommon programming languages puts the security community at a disadvantage as researchers and reverse engineers' unfamiliarity can hamp...

PT-2023-9808

Name of the Vulnerable Software and Affected Versions Proxmox Virtual Environment versions 8.2.2 and earlier Description The issue is related to insufficient safeguards against malicious API response values in Proxmox Virtual Environment, allowing authenticated attackers with 'Sys.Audit' or...

Nextcloud Access Control Error Vulnerability

Nextcloud is a suite of open source, self-hosted file synchronization and sharing communication application platform from Nextcloud Germany. An Access Control Error vulnerability exists in Nextcloud Server, which stems from the ability to delete and modify workflows by bypassing calls sent direct...

CVE-2023-27319

ONTAP Mediator versions prior to 1.7 are susceptible to a vulnerability that can allow an unauthenticated attacker to enumerate URLs via REST API...

The vulnerability of the programming and debugging tool for PLC applications, MULTIPROG, integrated with the operating system ProConOS/ProConOS eCLR, arises from the improper assignment of permissions to a critical resource. This allows a perpetrator to execute arbitrary code and gain full control over the application.

The vulnerability of the MULTIPROG programming and debugging tool for PLC applications, integrated with the ProConOS/ProConOS eCLR operating system, is related to the improper assignment of permissions for a critical resource. Exploiting this vulnerability allows an attacker to execute arbitrary...

CVE-2023-46131 Grails® data binding causes JVM crash and/or DoS

Grails is a framework used to build web applications with the Groovy programming language. A specially crafted web request can lead to a JVM crash or denial of service. Any Grails framework application using Grails data binding is vulnerable. This issue has been patched in version 3.3.17, 4.1.3,...

New Go-Based JaskaGO Malware Targeting Windows and macOS Systems

A new Go-based information stealer malware called JaskaGO has emerged as the latest cross-platform threat to infiltrate both Windows and Apple macOS systems. AT&T Alien Labs, which made the discovery, said the malware is "equipped with an extensive array of commands from its command-and-control C...

Mozilla Firefox Security Vulnerability

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox prior to version 121, which stems from a lack of exception handling in TypedArray, leading to abuse of other APIs...

RUSTSEC-2023-0080 Buffer overflow due to integer overflow in `transpose`

Given the function transpose::transpose: rust fn transposeinput: &T, output: &mut T, inputwidth: usize, inputheight: usize The safety check inputwidth inputheight == output.len can fail due to inputwidth inputheight overflowing in such a way that it equals output.len. As a result of failing the...

Fedora: Security Advisory for perl (FEDORA-2023-9ef8a60a05)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 38 Update: perl-5.36.3-498.fc38

Perl is a high-level programming language with roots in C, sed, awk and shell scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most common...