GHSA-hqmp-g7ph-x543: TunnelVision - decloaking VPNs using DHCP

GHSA-j5vv-6wjg-cfr8: changedetection.io Vulnerable to Improper Input Validation Leading to LFR/Path Traversal

GHSA-w95c-7994-ghpr: TCPDF has incorrect comparison

GHSA-qx95-cwh6-9mvq: TCPDF missing character escape on error messages

GHSA-9mgx-552f-59p6: TCPDF missing certificate validation

juzaweb <= 3.4 is vulnerable to Incorrect Access Control, resulting in an application outage after a 500 HTTP status code. The payload in the timezone field was not correctly validated.

**juzawebCMS Incorrect Access Control vulnerability**

Moderate severity GitHub Reviewed Published Jan 9, 2024 to the GitHub Advisory Database • Updated Jan 9, 2024

Headline

GHSA-93p6-9cxv-5rpq: juzawebCMS Incorrect Access Control vulnerability

ghsa: Latest News