EUVD-2023-49950

Malicious code in bioql PyPI...

CVE-2022-31185

mprweb is a hosting platform for the makedeb Package Repository. Email addresses were found to not have been hidden, even if a user had clicked the Hide Email Address checkbox on their account page, or during signup. This could lead to an account's email being leaked, which may be problematic if...

CVE-2024-25107 Cross-Site Scripting in WikiDiscover

WikiDiscover is an extension designed for use with a CreateWiki managed farm to display wikis. On Special:WikiDiscover, the Language::date function is used when making the human-readable timestamp for inclusion on the wikicreation column. This function uses interface messages to translate the nam...

CVE-2023-47628 Session Expiration Misconfiguration in datahub

DataHub is an open-source metadata platform. DataHub Frontend's sessions are configured using Play Framework's default settings for stateless session which do not set an expiration time for a cookie. Due to this, if a session cookie were ever leaked, it would be valid forever. DataHub uses a...

Important: Red Hat Security Advisory: gpdf security update

An updated gpdf package that fixes two security issues is now available. This update has been rated as having important security impact by the Red Hat Security Response Team. GPdf is a viewer for Portable Document Format PDF files for GNOME. A buffer overflow flaw was found in the Gfx::doImage...

Critical: Red Hat Security Advisory: : Updated OpenSSH packages fix potential vulnerabilities

Updated OpenSSH packages are now available that fix bugs that may be remotely exploitable. Updated 17 Sep 2003 Updated packages are now available to fix additional buffer manipulation problems which were fixed in OpenSSH 3.7.1. The Common Vulnerabilities and Exposures project cve.mitre.org has...