SUSE SLED15 / SLES15 Security Update : python311 (SUSE-SU-2024:2982-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2982-1 advisory. Security issues fixed: - CVE-2024-6923: Fixed email header injection due to unquoted newlines bsc1228780 -...

SUSE: Security Advisory (SUSE-SU-2024:2974-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 / openSUSE 15 Security Update : python310 (SUSE-SU-2024:2974-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2974-1 advisory. Security issue fixed: - CVE-2024-6923: Fixed email header injection due to unquoted newlines bsc1228780 Non-security issues...

SUSE-SU-2024:2982-1 Security update for python311

This update for python311 fixes the following issues: Security issues fixed: - CVE-2024-6923: Fixed email header injection due to unquoted newlines bsc1228780 - CVE-2024-5642: Removed support for anything but OpenSSL 1.1.1 or newer bsc1227233 - CVE-2024-4032: Fixed incorrect IPv4 and IPv6 private...

SUSE-SU-2024:2959-1 Security update for python3

This update for python3 fixes the following issues: - CVE-2024-4032: Fixed incorrect IPv4 and IPv6 private ranges bsc1226448. - Stop using %%defattr, it seems to be breaking proper executable attributes on /usr/bin/ scripts bsc1227378...

Lexmark CX331adwe Firmware Downgrade Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lexmark CX331adwe printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /usr/bin/hydra service, which listens on TCP port 9100 by...

CVE-2024-24130

Mail2World v12 Business Control Center was discovered to contain a reflected cross-site scripting XSS vulnerability via the Usr parameter at resellercenter/login.asp...

CVE-2024-24130

Mail2World v12 Business Control Center was discovered to contain a reflected cross-site scripting XSS vulnerability via the Usr parameter at resellercenter/login.asp...

Cross site scripting

Mail2World v12 Business Control Center was discovered to contain a reflected cross-site scripting XSS vulnerability via the Usr parameter at resellercenter/login.asp...

CVE-2024-24130

Mail2World v12 Business Control Center was discovered to contain a reflected cross-site scripting XSS vulnerability via the Usr parameter at resellercenter/login.asp...

PT-2024-20284

Name of the Vulnerable Software and Affected Versions Mail2World version 12 Description A reflected cross-site scripting XSS issue was discovered in the Mail2World v12 Business Control Center. The issue is related to the Usr parameter at the "resellercenter/login.asp" endpoint. This allows for...

java security update

CentOS Errata and Security Advisory CESA-2023:5761 An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detaile...

CVE-2024-0345 CodeAstro Vehicle Booking System User Registration usr-register.php cross site scripting

A vulnerability, which was classified as problematic, was found in CodeAstro Vehicle Booking System 1.0. This affects an unknown part of the file usr/usr-register.php of the component User Registration. The manipulation of the argument FullName/LastName/Address with the input alertdocument.cookie...

Moderate: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having ...

Moderate: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: java-1.8.0-openjdk security update

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: OpenJDK: segmentation fault in ciMethodBlocks CVE-2022-40433 OpenJDK: IOR deserialization issue in CORBA 8303384 CVE-2023-22067 OpenJDK: certificate path...

CVE-2023-38866

COMFAST CF-XR11 V2.7.2 has a command injection vulnerability detected at function sub415588. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands into parameter interface and displayname...

CVE-2023-2645

A vulnerability, which was classified as critical, was found in USR USR-G806 1.0.41. Affected is an unknown function of the component Web Management Page. The manipulation of the argument username/password with the input root leads to use of hard-coded password. It is possible to launch the attac...

CVE-2023-2645

A vulnerability, which was classified as critical, was found in USR USR-G806 1.0.41. Affected is an unknown function of the component Web Management Page. The manipulation of the argument username/password with the input root leads to use of hard-coded password. It is possible to launch the attac...

CVE-2023-2645 USR USR-G806 Web Management Page hard-coded password

A vulnerability, which was classified as critical, was found in USR USR-G806 1.0.41. Affected is an unknown function of the component Web Management Page. The manipulation of the argument username/password with the input root leads to use of hard-coded password. It is possible to launch the attac...