S12700, S12700, S12700, S12700, S12700, S12700, S12700, S12700, S1700, S1700, S1700, S1700, S1700, S1700, S2300, S2300, S2300, S2300, S2300, S2300, S2300, S2700, S2700, S2700, S2700, S2700, S2700, S2700, S2700, S5300, S5300, S5300, S5300, S5300, S5300, S5300, S5700, S5700, S5700, S5700, S5700, S5700, S5700, S5700, S5700, S600-E, S600-E, S600-E, S600-E, S600-E, S6300, S6300, S6300, S6300, S6300, S6300, S6300, S6300, S6700, S6700, S6700, S6700, S6700, S6700, S6700, S6700, S7700, S7700, S7700, S7700, S7700, S7700, S7700, S7700, S7700, S7900, S7900, S7900, S9300, S9300, S9300, S9300, S9300, S9300, S9300, S9300X, S9300X, S9300X, S9300X, S9700, S9700, S9700, S9700, S9700, S9700, S9700, S9700, S9700 Security Vulnerabilities

CVE-2024-26688

In the Linux kernel, the following vulnerability has been resolved: fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super When configuring a hugetlb filesystem via the fsconfig() syscall, there is a possible NULL dereference in hugetlbfs_fill_super() caused by assigning NULL to...

CVE-2024-26688

In the Linux kernel, the following vulnerability has been resolved: fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super When configuring a hugetlb filesystem via the fsconfig() syscall, there is a possible NULL dereference in hugetlbfs_fill_super() caused by assigning NULL to...

CVE-2024-26687

In the Linux kernel, the following vulnerability has been resolved: xen/events: close evtchn after mapping cleanup shutdown_pirq and startup_pirq are not taking the irq_mapping_update_lock because they can't due to lock inversion. Both are called with the irq_desc->lock being taking. The lock...

CVE-2024-26687

In the Linux kernel, the following vulnerability has been resolved: xen/events: close evtchn after mapping cleanup shutdown_pirq and startup_pirq are not taking the irq_mapping_update_lock because they can't due to lock inversion. Both are called with the irq_desc->lock being taking. The lock...

CVE-2024-26687 xen/events: close evtchn after mapping cleanup

In the Linux kernel, the following vulnerability has been resolved: xen/events: close evtchn after mapping cleanup shutdown_pirq and startup_pirq are not taking the irq_mapping_update_lock because they can't due to lock inversion. Both are called with the irq_desc->lock being taking. The lock...

CVE-2024-26688 fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super

In the Linux kernel, the following vulnerability has been resolved: fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super When configuring a hugetlb filesystem via the fsconfig() syscall, there is a possible NULL dereference in hugetlbfs_fill_super() caused by assigning NULL to...

Exploit for Embedded Malicious Code in Tukaani Xz

CVE-2024-3094 SSH Backdoor Container Env This is an...

e-square.fr Cross Site Scripting vulnerability OBB-3897500

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

e-scooter.one Cross Site Scripting vulnerability OBB-3897499

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

e-wisdom.gr Cross Site Scripting vulnerability OBB-3897086

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

CVE-2024-26688

In the Linux kernel, the following vulnerability has been resolved: fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super When configuring a hugetlb filesystem via the fsconfig() syscall, there is a possible NULL dereference in hugetlbfs_fill_super() caused by assigning NULL to...

Fedora: Security Advisory for seamonkey (FEDORA-2024-ad50671f6c)

The remote host is missing an update for...

CVE-2024-26687

In the Linux kernel, the following vulnerability has been resolved: xen/events: close evtchn after mapping cleanup shutdown_pirq and startup_pirq are not taking the irq_mapping_update_lock because they can't due to lock inversion. Both are called with the irq_desc->lock being taking. The lock...

Fedora: Security Advisory for seamonkey (FEDORA-2024-31b196eaf1)

The remote host is missing an update for...

Fedora: Security Advisory for php-tcpdf (FEDORA-2024-bc7d40eb2e)

The remote host is missing an update for...

Fedora: Security Advisory for seamonkey (FEDORA-2024-8890015ff3)

The remote host is missing an update for...

Apache Solr Backup/Restore APIs RCE

Apache Solr from 6.0.0 through 8.11.2, from 9.0.0 before 9.4.1 is affected by an Unrestricted Upload of File with Dangerous Type vulnerability which can result in remote code execution in the context of the user running Apache Solr. When Apache Solr creates a Collection, it will use a specific...

Declassified NSA Newsletters

Through a 2010 FOIA request (yes, it took that long), we have copies of the NSA's KRYPTOS Society Newsletter, "Tales of the Krypt," from 1994 to 2003. There are many interesting things in the 800 pages of newsletter. There are many redactions. And a 1994 review of Applied Cryptography by...

e-lir.ch Cross Site Scripting vulnerability OBB-3896573

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

e-kuran.info Cross Site Scripting vulnerability OBB-3896514

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

e-gargano.com Cross Site Scripting vulnerability OBB-3896276

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

e-ohashi.com Cross Site Scripting vulnerability OBB-3896059

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

CVE-2024-26658

In the Linux kernel, the following vulnerability has been resolved: bcachefs: grab s_umount only if snapshotting When I was testing mongodb over bcachefs with compression, there is a lockdep warning when snapshotting mongodb data volume. $ cat test.sh prog=bcachefs $prog subvolume create /mnt/data....

CVE-2024-26658

In the Linux kernel, the following vulnerability has been resolved: bcachefs: grab s_umount only if snapshotting When I was testing mongodb over bcachefs with compression, there is a lockdep warning when snapshotting mongodb data volume. $ cat test.sh prog=bcachefs $prog subvolume create /mnt/data....

CVE-2024-26658

In the Linux kernel, the following vulnerability has been resolved: bcachefs: grab s_umount only if snapshotting When I was testing mongodb over bcachefs with compression, there is a lockdep warning when snapshotting mongodb data volume. $ cat test.sh prog=bcachefs $prog subvolume create...

CVE-2024-26658 bcachefs: grab s_umount only if snapshotting

In the Linux kernel, the following vulnerability has been resolved: bcachefs: grab s_umount only if snapshotting When I was testing mongodb over bcachefs with compression, there is a lockdep warning when snapshotting mongodb data volume. $ cat test.sh prog=bcachefs $prog subvolume create /mnt/data....

Online Hotel Booking In PHP 1.0 - Blind SQL Injection (Unauthenticated) Exploit

...

CVE-2024-26658

In the Linux kernel, the following vulnerability has been resolved: bcachefs: grab s_umount only if snapshotting When I was testing mongodb over bcachefs with compression, there is a lockdep warning when snapshotting mongodb data volume. $ cat test.sh prog=bcachefs $prog subvolume create /mnt/data....

E-INSUARANCE v1.0 - Stored Cross Site Scripting (XSS)

...

Online Hotel Booking In PHP 1.0 - Blind SQL Injection (Unauthenticated)

...

E-Insurance 1.0 Cross Site Scripting

...

Online Hotel Booking In PHP 1.0 SQL Injection

...

Exploit for Embedded Malicious Code in Tukaani Xz

root@ubuntu:~/xz/# apt update root@ubuntu:~/xz/# apt install -y...

Exploit for CVE-2023-38831

VolleyballSquid-----CVE-2023-38831-and-Bypass-UAC This is my...

Gibbon School Platform Authenticated PHP Deserialization Vulnerability

A Remote Code Execution vulnerability in Gibbon online school platform version 26.0.00 and lower allows remote authenticated users to conduct PHP deserialization attacks via columnOrder in a POST request to the endpoint...

Exploit for Embedded Malicious Code in Tukaani Xz

xzbot Exploration of the xz...

[SECURITY] Fedora 38 Update: seamonkey-2.53.18.2-1.fc38

SeaMonkey is an all-in-one Internet application suite (previously made popular by Netscape and Mozilla). It includes an Internet browser, advanced e-mail, newsgroup and feed client, a calendar, IRC client, HTML editor and a tool to inspect the DOM for web pages. It is derived from the application.....

[SECURITY] Fedora 39 Update: seamonkey-2.53.18.2-1.fc39

SeaMonkey is an all-in-one Internet application suite (previously made popular by Netscape and Mozilla). It includes an Internet browser, advanced e-mail, newsgroup and feed client, a calendar, IRC client, HTML editor and a tool to inspect the DOM for web pages. It is derived from the application.....

e-campus.itech.fr Cross Site Scripting vulnerability OBB-3891269

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

[SECURITY] Fedora 40 Update: seamonkey-2.53.18.2-1.fc40

SeaMonkey is an all-in-one Internet application suite (previously made popular by Netscape and Mozilla). It includes an Internet browser, advanced e-mail, newsgroup and feed client, a calendar, IRC client, HTML editor and a tool to inspect the DOM for web pages. It is derived from the application.....

BIT-prestashop-2024-26129

PrestaShop is an open-source e-commerce platform. Starting in version 8.1.0 and prior to version 8.1.4, PrestaShop is vulnerable to path disclosure in a JavaScript variable. A patch is available in version...

BIT-mastodon-2024-25618

Mastodon is a free, open-source social network server based on ActivityPub. Mastodon allows new identities from configured authentication providers (CAS, SAML, OIDC) to attach to existing local users with the same e-mail address. This results in a possible account takeover if the authentication...

Updated emacs packages fix security vulnerabilities

In Emacs before 29.3, arbitrary Lisp code is evaluated as part of turning on Org mode. This affects Org Mode before 9.6.23. (CVE-2024-30202) In Emacs before 29.3, Gnus treats inline MIME contents as trusted. (CVE-2024-30203) In Emacs before 29.3, LaTeX preview is enabled by default for e-mail...

e-raceinfo.com Cross Site Scripting vulnerability OBB-3890889

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Exploit for Embedded Malicious Code in Tukaani Xz

CVE-2024-3094 vul check tools This vulnerability allows an...

Exploit for Embedded Malicious Code in Tukaani Xz

CVE-2024-3094 xz Check Script This repository contains a...

CVE-2023-6047

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Algoritim E-commerce Software allows Reflected XSS.This issue affects E-commerce Software: before...

CVE-2023-6047

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Algoritim E-commerce Software allows Reflected XSS.This issue affects E-commerce Software: before...

CVE-2023-6047 Reflected XSS in Algoritim E-commerce Software

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Algoritim E-commerce Software allows Reflected XSS.This issue affects E-commerce Software: before...

[SECURITY] Fedora 40 Update: php-tcpdf-6.7.4-1.fc40

PHP class for generating PDF documents. * no external libraries are required for the basic functions; * all standard page formats, custom page formats, custom margins and units of measure; * UTF-8 Unicode and Right-To-Left languages; * TrueTypeUnicode, OpenTypeUnicode, TrueType, OpenType, Type1...