GHSA-g84x-g96g-rcjc: Librenms has a reflected XSS on error alert

GHSA-c66p-64fj-jmc2: LibreNMS Misc Section Stored Cross-site Scripting vulnerability

GHSA-27vf-3g4f-6jp7: LibreNMS Ports Stored Cross-site Scripting vulnerability

GHSA-pm8j-3v64-92cq: LibreNMS Display Name Stored Cross-site Scripting vulnerability

GHSA-p9v8-q5m4-pf46: CVE-2024-5138: snapd snapctl auth bypass

All versions of the package com.bstek.uflo:uflo-core are vulnerable to Remote Code Execution (RCE) in the ExpressionContextImpl class via jexl.createExpression(expression).evaluate(context); functionality, due to improper user input validation.

**Remote Code Execution in com.bstek.uflo:uflo-core**

Critical severity GitHub Reviewed Published Jan 26, 2023 to the GitHub Advisory Database • Updated Jan 27, 2023

Headline

GHSA-8m9f-c5p9-wqch: Remote Code Execution in com.bstek.uflo:uflo-core

ghsa: Latest News