CVE-2024-31991

Mealie is a self hosted recipe manager and meal planner. Prior to 1.4.0, the safescrapehtml function utilizes a user-controlled URL to issue a request to a remote server. Based on the content of the response, it will either parse the content or disregard it. This function, nor those that call it,...

ExpressionEngine: Filename and directory enumeration

Hello, The "Import File Converter" can be abused by an admin to map the server directories and files, because the "File location" field doesn't sanitize the user input and allows access to root directories and files. Steps to reproduce: 1- Go to...

Factlink: File name/folder enumeration.

Hello, an attacker may be able to map your server and find configuration file names by the following method: Valid attempt Not found: https://staging.factlink.com/%5C../%5C../%5C../%5C../%5C../%5C../etc/passwd Invalid attempt 404...

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

Updated kernel packages that fix multiple security issues, several bugs, and add three enhancements are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores,...