Security
Headlines
HeadlinesLatestCVEs

Tag

#vulnerability

Devika 1 Path Traversal

Devika version 1 suffers from a path traversal vulnerability.

Packet Storm
#vulnerability#windows#google#git#auth
Debian Security Advisory 5736-1

Debian Linux Security Advisory 5736-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service, information disclosure or bypass of Java sandbox restrictions.

e107 2.3.3 Cross Site Scripting

e107 version 2.3.3 suffers from a cross site scripting vulnerability.

Codeprojects E-Commerce 1.0 Insecure Settings

Codeprojects E-Commerce version 1.0 suffers from an ignored default credential vulnerability.

Ubuntu Security Notice USN-6895-4

Ubuntu Security Notice 6895-4 - It was discovered that the ATA over Ethernet driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the HugeTLB file system component of the Linux Kernel contained a NULL pointer dereference vulnerability. A privileged attacker could possibly use this to to cause a denial of service.

Blog Site 1.0 SQL Injection

Blog Site version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Best Courier Management System 1.0 SQL Injection

Best Courier Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Appointment Scheduler 4.0 Insecure Direct Object Reference

Appointment Scheduler version 4.0 suffers from an insecure direct object reference vulnerability.

GHSA-qv35-3gw6-8q4j: In regclient, pinned manifest digests may be ignored

### Impact A malicious registry could return a different digest for a pinned manifest without detection. ### Patches This has been fixed in the v0.7.1 release. ### Workarounds After running a `regclient.ManifestGet`, the returned digest can be compared to the requested digest.

Researchers Uncover Flaws in Windows Smart App Control and SmartScreen

Cybersecurity researchers have uncovered design weaknesses in Microsoft's Windows Smart App Control and SmartScreen that could enable threat actors to gain initial access to target environments without raising any warnings. Smart App Control (SAC) is a cloud-powered security feature introduced by Microsoft in Windows 11 to block malicious, untrusted, and potentially unwanted apps from being run