PYSEC-2024-255

Gradio before 4.20 allows credential leakage on Windows...

BELL-CVE-2024-26987

Bulletin has no description...

BELL-CVE-2024-26961

Bulletin has no description...

BELL-CVE-2024-26973

Bulletin has no description...

BELL-CVE-2024-26953

Bulletin has no description...

CVE-2024-28825

Improper restriction of excessive authentication attempts on some authentication methods in Checkmk before 2.3.0b5 beta, 2.2.0p26, 2.1.0p43, and in Checkmk 2.0.0 EOL facilitates password brute-forcing...

Duplicate Icon visible for all published Applications

Duplicate icons appear for the same applications in Citrix Workspace...

BELL-CVE-2024-26866

Bulletin has no description...

BELL-CVE-2024-26845

Bulletin has no description...

CVE-2024-26900 md: fix kmemleak of rdev->serial

In the Linux kernel, the following vulnerability has been resolved: md: fix kmemleak of rdev-serial If kobjectadd is fail in bindrdevtoarray, 'rdev-serial' will be alloc not be freed, and kmemleak occurs. unreferenced object 0xffff88815a350000 size 49152: comm "mdadm", pid 789, jiffies 4294716910...

Error in retrieving SNMP Trap. Cannot read properties of undefined (reading 'trapdestination')

When trying to add SNMP trap from System-SNMP-Traps in GUI, the following error will display...

CVE-2024-3302

There was no limit to the number of HTTP/2 CONTINUATION frames that would be processed. A server could abuse this to create an Out of Memory condition in the browser. This vulnerability affects Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10...

CVE-2024-23081

ThreeTen Backport v1.6.8 was discovered to contain a NullPointerException via the component org.threeten.bp.LocalDate::compareToChronoLocalDate. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The...

BELL-CVE-2024-27983

Bulletin has no description...

BELL-CVE-2024-26734

Bulletin has no description...

BELL-CVE-2024-26774

Bulletin has no description...

SNMP trap events are not logged after "set snmp alarm **** -logging ENABLED"

SNMP trap events are not logged after "set snmp alarm -logging ENABLED" configured...

Vite's `server.fs.deny` did not deny requests for patterns with directories.

Summary Vite dev server option server.fs.deny did not deny requests for patterns with directories. An example of such a pattern is /foo//. Impact Only apps setting a custom server.fs.deny that includes a pattern with directories, and explicitly exposing the Vite dev server to the network using...

BELL-CVE-2024-26659

Bulletin has no description...

CVE-2024-28836

An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When negotiating the TLS version on the server side, it can fall back to the TLS 1.2 implementation of the protocol if it is disabled. If the TLS 1.2 implementation was disabled at build time, a TLS 1.2 client could put a TLS 1.3-only server...