Packet Storm

Red Hat Security Advisory 2024-6878-03 - New Red Hat Single Sign-On 7.6.11 packages are now available for Red Hat Enterprise Linux 7. Issues addressed include a privilege escalation vulnerability.

Teacher Subject Allocation Management System version 1.0 suffers from a cross site scripting vulnerability.

Red Hat Security Advisory 2024-6849-03 - An update for edk2 is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Issues addressed include a buffer overflow vulnerability.

Red Hat Security Advisory 2024-6848-03 - An update for pcp is now available for Red Hat Enterprise Linux 9. Issues addressed include a heap corruption vulnerability.

Ubuntu Security Notice 7025-1 - It was discovered that LibreOffice would incorrectly handle digital signature verification after repairing a corrupted document. A remote attacker could possibly use this issue to forge valid signatures.

htmly version 2.9.9 suffers from multiple persistent cross site scripting vulnerabilities.

WordPress LMS plugin versions 4.2.7 and below suffer from a remote SQL injection vulnerability.

Proof of concept exploit that demonstrates an unauthenticated path traversal vulnerability in Nexus Repository Manager version 3.

Proof of concept exploit that demonstrates an information disclosure vulnerability in Check Point Security Gateways.

In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass vulnerability.