PHPGurukul COVID 19 Testing Management System 跨站脚本漏洞

PHPGurukul COVID 19 Testing Management System is a COVID 19 testing management system from PHPGurukul Inc. A cross-site scripting vulnerability exists in PHPGurukul COVID 19 Testing Management System v1.0, which stems from a Reflective Cross-Site Scripting XSS vulnerability that allows remote...

CVE-2024-53603

A SQL Injection vulnerability was found in /covid-tms/password-recovery.php in PHPGurukul COVID 19 Testing Management System v1.0, which allows remote attackers to execute arbitrary code via the contactno POST request parameter...

CVE-2024-53604

The CVE-2024-53604 entry affects PHPGurukul COVID 19 Testing Management System v1.0. The vulnerability is a SQL Injection in /covid-tms/check_availability.php exploitable via the mobnumber POST parameter, enabling remote attackers to execute arbitrary code. This aligns with the documented high-im...

CVE-2024-53603

CVE-2024-53603 is a SQL Injection vulnerability in PHPGurukul COVID 19 Testing Management System v1.0, affecting the /covid-tms/password-recovery.php handler. The issue allows remote attackers to execute arbitrary code via the contactno POST parameter, enabling unauthorized access and data compro...

[SECURITY] Fedora 40 Update: python3.6-3.6.15-39.fc40

Python 3.6 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.6, see other distributions that support it, such as CentOS or RHEL with Software...

[SECURITY] Fedora 41 Update: python3.6-3.6.15-39.fc41

Python 3.6 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.6, see other distributions that support it, such as CentOS or RHEL with Software...

CBL Mariner 2.0 Security Update: libpcap / nmap (CVE-2023-7256)

The version of libpcap / nmap installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-7256 advisory. - In affected libpcap versions during the setup of a remote packet capture the internal function...

CBL Mariner 2.0 Security Update: libsoup (CVE-2024-52531)

The version of libsoup installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-52531 advisory. - GNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to UTF-8 in...

Exploit for Missing Authentication for Critical Function in Really-Simple-Plugins Really_Simple_Security

POC for CVE-2024-10924 An error handling flaw in the REST API...

podman security update

5.2.2-9.0.1 - Add devices on container startup, not on creation - overlay: Put should ignore ENINVAL for Unmount Orabug: 36234694 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117404 4:5.2.2-9 - update to the latest content of...

CVE-2024-21697

This High severity RCE Remote Code Execution vulnerability was introduced in versions 4.2.8 of Sourcetree for Mac and 3.4.19 for Sourcetree for Windows. This RCE Remote Code Execution vulnerability, with a CVSS Score of 8.8, allows an unauthenticated attacker to execute arbitrary code which has...

CVE-2024-21697

This High severity RCE Remote Code Execution vulnerability was introduced in versions 4.2.8 of Sourcetree for Mac and 3.4.19 for Sourcetree for Windows. This RCE Remote Code Execution vulnerability, with a CVSS Score of 8.8, allows an unauthenticated attacker to execute arbitrary code which has...

CVE-2024-21697

CVE-2024-21697 : The vulnerability affects Atlassian SourceTree for Mac (version 4.2.8) and Windows (version 3.4.19). It is a remote code execution (RCE) vulnerability that allows an unauthenticated attacker to execute arbitrary code with high impact to confidentiality, integrity, and availabilit...

CVE-2024-21697

This High severity RCE Remote Code Execution vulnerability was introduced in versions 4.2.8 of Sourcetree for Mac and 3.4.19 for Sourcetree for Windows. This RCE Remote Code Execution vulnerability, with a CVSS Score of 8.8, allows an unauthenticated attacker to execute arbitrary code which has...

Beyond Compliance: The Advantage of Year-Round Network Pen Testing

IT leaders know the drill—regulators and cyber insurers demand regular network penetration testing to keep the bad guys out. But here's the thing: hackers don't wait around for compliance schedules. Most companies approach network penetration testing on a set schedule, with the most common...

Microsoft Security Update Validation Report November 2024

Microsoft’s November 2024 security updates have passed Citrix testing the updates are listed below. The testing is not all-inclusive; all tests are executed against English only environments and issues may still be found upon implementation. Follow best practices for testing and installing softwa...

The vulnerability of the microprogrammed software of the PowerFlex 6000T inverter, related to insufficient testing of exceptional states, allows a intruder to trigger a maintenance failure.

The vulnerability of the microprogrammed software of the PowerFlex 6000T inverter is related to insufficient testing of exceptional states. Exploiting this vulnerability could allow an attacker to cause malfunctions in the device...

Exploit for Path Traversal in Aiohttp

LFI-aiohttp-CVE-2024-23334-PoC A Bash script to automate Loca...

CVE-2024-52524

Giskard is an evaluation and testing framework for AI systems. A Remote Code Execution ReDoS vulnerability was discovered in Giskard component by the GitHub Security Lab team. When processing datasets with specific text patterns with Giskard detectors, this vulnerability could trigger exponential...

CVE-2024-52524

CVE-2024-52524 affects Giskard, an AI evaluation/testing framework. The issue is a Remote Code/Denial-of-Service risk due to catastrophic backtracking in a regex-based text processing path (Giskard detectors), leading to exponential evaluation times. Affected versions are prior to 2.15.5; remedia...