CVE-2023-32306 : TIME TRACKER UP TO 1.22.13.5791 REPORTS.PHP SQL INJECTION

Description

Rockwell Automation was made aware that Kinetix 5500 drives, manufactured between May 2022 and January 2023, and are running v7.13 may have the telnet and FTP ports open by default. This could potentially allow attackers unauthorized access to the device through the open ports.

References

https://github.com/anuko/timetracker/security/advisories/GHSA-758x-vg7g-j9j3

For More Information

MITRE

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2024-1451 : GITLAB COMMUNITY EDITION/ENTERPRISE EDITION UP TO 16.9.0 USER PROFILE PAGE CROSS SITE SCRIPTING

CVE-2024-1451 : GITLAB COMMUNITY EDITION/ENTERPRISE EDITION UP TO 16.9.0 USER PROFILE PAGE CROSS SITE SCRIPTING

Description An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.9 before 16.9.1. A crafted payload

CVE-2023-52439 : LINUX KERNEL UP TO 6.7.0 UIO IDR_FIND USE AFTER FREE

CVE-2023-52439 : LINUX KERNEL UP TO 6.7.0 UIO IDR_FIND USE AFTER FREE

Description In the Linux kernel, the following vulnerability has been resolved: uio: Fix use-after-free in uio_open core-1 core-2 ——————————————————- uio_unregister_device

CVE-2024-25710 : APACHE COMMONS COMPRESS UP TO 1.25.0 INFINITE LOOP

CVE-2024-25710 : APACHE COMMONS COMPRESS UP TO 1.25.0 INFINITE LOOP

Description Loop with Unreachable Exit Condition (‘Infinite Loop’) vulnerability in Apache Commons Compress. This issue affects Apache Commons Compress: from