Tag
#vulnerability
Devika version 1 suffers from a path traversal vulnerability.
Debian Linux Security Advisory 5736-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service, information disclosure or bypass of Java sandbox restrictions.
e107 version 2.3.3 suffers from a cross site scripting vulnerability.
Codeprojects E-Commerce version 1.0 suffers from an ignored default credential vulnerability.
Ubuntu Security Notice 6895-4 - It was discovered that the ATA over Ethernet driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the HugeTLB file system component of the Linux Kernel contained a NULL pointer dereference vulnerability. A privileged attacker could possibly use this to to cause a denial of service.
Blog Site version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Best Courier Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Appointment Scheduler version 4.0 suffers from an insecure direct object reference vulnerability.
### Impact A malicious registry could return a different digest for a pinned manifest without detection. ### Patches This has been fixed in the v0.7.1 release. ### Workarounds After running a `regclient.ManifestGet`, the returned digest can be compared to the requested digest.
Cybersecurity researchers have uncovered design weaknesses in Microsoft's Windows Smart App Control and SmartScreen that could enable threat actors to gain initial access to target environments without raising any warnings. Smart App Control (SAC) is a cloud-powered security feature introduced by Microsoft in Windows 11 to block malicious, untrusted, and potentially unwanted apps from being run