Day: July 4, 2024

Description In https://github.com/google/nftables IP addresses were encoded in the wrong byte order, resulting in an nftables configuration which does not

Description Improper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apache Tomcat. When processing an HTTP/2 stream, Tomcat did

Description Discourse is an open-source discussion platform. Prior to version 3.2.3 on the `stable` branch and version 3.3.0.beta3 on the

Description A malicious BLE device can send a specific order of packet sequence to cause a DoS attack on the

Description In ZNC before 1.9.1, remote code execution can occur in modtcl via a KICK. References https://wiki.znc.in/Category:ChangeLog https://github.com/znc/znc/releases/tag/znc-1.9.1 https://wiki.znc.in/ChangeLog/1.9.1 https://www.openwall.com/lists/oss-security/2024/07/03/9

Description An os command injection vulnerability exists in the CWMP SelfDefinedTimeZone functionality of Grandstream GXP2135 1.0.9.129, 1.0.11.74 and 1.0.11.79. A

Description An authentication bypass in the SSH service of gost v2.11.5 allows attackers to intercept communications via setting the HostKeyCallback

Description A high privileged remote attacker can execute arbitrary system commands via GET requests due to improper neutralization of special

Description Uncontrolled Resource Consumption vulnerability in MESbook 20221021.03 version. An unauthenticated remote attacker can use the “message” parameter to inject

Description Mattermost versions 9.8.x

Description The allows any authenticated user to join a private group due to a missing authorization check on a function.

Description Security check loophole in HAProxy release (in combination with routing release) in Cloud Foundry prior to v40.17.0 potentially allows

Description A vulnerability classified as critical has been found in SourceCodester Online Tours & Travels Management 1.0. This affects an