GHSA-27wf-5967-98gx:  Kubernetes kubelet arbitrary command execution

GHSA-mr95-vfcf-fx9p: Apache Answer: Predictable Authorization Token Using UUIDv1

GHSA-pqhp-25j4-6hq9: smol-toml has a Denial of Service via malicious TOML document using deeply nested inline tables

GHSA-v5h2-q2w4-gpcx: Sentry improper error handling leaks Application Integration Client Secret

GHSA-8w49-h785-mj3c: Tornado has an HTTP cookie parsing DoS vulnerability

Concrete CMS versions 9.0.0 to 9.3.2 and below 8.5.18 are vulnerable to Stored XSS in RSS Displayer when user input is stored and later embedded into responses. A rogue administrator could inject malicious code into fields due to insufficient input validation.

**Comcrete CMS Stored Cross-site Scripting vulnerability**

Low severity GitHub Reviewed Published Aug 12, 2024 to the GitHub Advisory Database • Updated Aug 19, 2024

Headline

GHSA-q5wx-m95r-4cgc: Comcrete CMS Stored Cross-site Scripting vulnerability

ghsa: Latest News