Linux Distros Unpatched Vulnerability : CVE-2024-54133

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Action Pack is a framework for handling and responding to web requests. There is a possible Cross Site Scripting XSS vulnerability in the contentsecuritypolicy...

PT-2024-27732 · Datagear · Datagear

Name of the Vulnerable Software and Affected Versions: DataGear versions 5.0.0 and earlier Description: A SpEL Spring Expression Language expression injection issue was found in the Data Viewing interface. This allows for potential malicious activity via the injection of expressions...

Microsoft ASP.NET fails to perform proper canonicalization

Overview Microsoft ASP.NET contains a canonicalization vulnerability that may allow a remote unauthenticated attacker to gain access to secure contents. Description Microsoft ASP.NET is a programming framework for creating web applications. The canonicalization routine used by ASP.NET fails to...

GLSA-200409-05 : Gallery: Arbitrary command execution

The remote host is affected by the vulnerability described in GLSA-200409-05 Gallery: Arbitrary command execution The upload handling code in Gallery places uploaded files in a temporary directory. After 30 seconds, these files are deleted if they are not valid images. However, since the file...