3 matches found
CVE-2024-39699
Directus has a Blind SSRF via redirects in file import. The vulnerability arises because redirects are allowed during URL-based imports and the response URL isn’t validated, enabling requests to internal IPs (e.g., 127.0.0.1) despite earlier fixes that only validated DNS/internal IPs. The issue i...
Vulnerabilities fixed in Oracle Java SE
Oracle has fixed vulnerabilities in Java SE JDK/JRE and GraalVM Enterprise Edition. The vulnerabilities allow a malicious potentially able to launch attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Bypassing authentication Bypassing security...
Vulnerabilities fixed in Arista MOS on 7130 switches
Several vulnerabilities have been fixed in Arista 7130 switches that use the Metamako Operating System MOS. The vulnerabilities allow a malicious party to perform attacks execute attacks that result in the following categories of damage: Bypassing authentication Bypassing security measure Remote...