GHSA-C352-X843-GGPQ XXL-JOB vulnerable to Server-Side Request Forgery

xxl-job = 2.4.2 has a Server-Side Request Forgery SSRF vulnerability, which causes low-privileged users to control executor to RCE...

CVE-2024-24113

xxl-job = 2.4.1 has a Server-Side Request Forgery SSRF vulnerability, which causes low-privileged users to control executor to RCE...

CVE-2024-24113

xxl-job = 2.4.1 has a Server-Side Request Forgery SSRF vulnerability, which causes low-privileged users to control executor to RCE...

SADProtocol goes to Hollywood

.png Faraday’s researchers Javier Aguinaga and Octavio Gianatiempo have investigated on IP cameras and two high severity vulnerabilities. This research project began when Aguinaga's wife, a former Research leader at Faraday Security, informed him that their IP camera had stopped working. Although...

CVE-2024-24113

xxl-job = 2.4.1 has a Server-Side Request Forgery SSRF vulnerability, which causes low-privileged users to control executor to RCE...

CVE-2023-40263

Summary: CVE-2023-40263 affects Atos Unify OpenScape Voice Trace Manager on versions prior to V8 R0.9.11 and enables an authenticated command injection via FTP. The Red Hat and NVD entries corroborate the vulnerability details and indicate a high-severity impact with network access and low privil...

CVE-2024-24216

Zentao v18.0 to v18.10 was discovered to contain a remote code execution RCE vulnerability via the checkConnection method of /app/zentao/module/repo/model.php...

CVE-2024-24216

CVE-2024-24216 affects Zentao versions 18.0–18.10, where a remote code execution is possible via the checkConnection method in /app/zentao/module/repo/model.php. Root cause is associated with the checkConnection functionality exposed by that endpoint; the vulnerability has a high impact on confid...

CVE-2024-24113

CVE-2024-24113 (XXL-JOB) : A Server-Side Request Forgery (SSRF) in xxl-job allows low-privilege users to control the executor and potentially achieve Remote Code Execution. Affected: xxl-job versions prior to 2.4.1 (≤ 2.4.1). Root cause cited in Veracode report: improper validation of user-suppli...

Critical: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.7.11 security and bug fix container update

Red Hat Advanced Cluster Management for Kubernetes 2.7.11 General Availability release images, which provide security updates and fix bugs. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a...

Critical: Red Hat Security Advisory: OpenShift Container Platform 4.14.11 bug fix and security update

An update is now available for Red Hat OpenShift Container Platform 4.14. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Important: Red Hat Security Advisory: gimp security update

An update for gimp is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

Lexmark Printer RCE Vulnerability (CVE-2023-50736)

Multiple Lexmark printer devices are prone to remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPEPREFI...

Lexmark Printer RCE Vulnerability (CVE-2023-50737)

Multiple Lexmark printer devices are prone to remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPEPREFI...

RHEL 9 : Red Hat JBoss Enterprise Application Platform 7.4.15 (RHSA-2024:0712)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0712 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...

Important: Red Hat Security Advisory: gimp security update

An update for gimp is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

CVE-2024-23917

In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible...

Authentication flaw

In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible...

CVE-2024-23917

In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible...

CVE-2024-23917

In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible...