Debian Linux Security Advisory 5740-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, the bypass of sandbox restrictions or an information leak.

This is a proof of concept exploit to bypass two factor authentication in Mailcow versions prior to 2024-07.

A small firebeam (kaine's risc-v vm) plugin to exploit the CVE-2024-26229 vulnerability that utilizes a vulnerable IOCTL in csc.sys. The vulnerability is used to get kernel R/W memory access to corrupt the KTHREAD->PreviousMode and then to leveraging DKOM to achieve LPE by copying over the token from the system process over to the current process token.

WordPress PayPlus Payment Gateway plugin versions prior to 6.6.9 suffer from a remote SQL injection vulnerability.

Gentoo Linux Security Advisory 202408-12 - A vulnerability has been discovered in Bitcoin, which can lead to a denial of service. Versions greater than or equal to 25.0 are affected.

Debian Linux Security Advisory 5739-1 - user able to escalate to the netdev group can load arbitrary shared object files in the context of the wpa_supplicant process running as root.

Ubuntu Security Notice 6945-1 - Rory McNamara discovered that wpa_supplicant could be made to load arbitrary shared objects by unprivileged users that have access to the control interface. An attacker could use this to escalate privileges to root.

Gentoo Linux Security Advisory 202408-11 - Multiple vulnerabilities have been discovered in aiohttp, the worst of which could lead to service compromise. Versions greater than or equal to 3.9.4 are affected.

Gentoo Linux Security Advisory 202408-10 - Multiple vulnerabilities have been discovered in nghttp2, the worst of which could lead to a denial of service. Versions greater than or equal to 1.61.0 are affected.

Gentoo Linux Security Advisory 202408-9 - Multiple vulnerabilities have been discovered in Cairo, the worst of which a denial of service. Versions greater than or equal to 1.18.0 are affected.

Red Hat Security Advisory 2024-5067-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include double free and null pointer vulnerabilities.

Red Hat Security Advisory 2024-5065-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.

Gentoo Linux Security Advisory 202408-8 - A vulnerability has been discovered in json-c, which can lead to a stack buffer overflow. Versions greater than or equal to 0.16 are affected.

Gentoo Linux Security Advisory 202408-7 - Multiple vulnerabilities have been discovered in Go, the worst of which could lead to information leakage or a denial of service. Versions greater than or equal to 1.22.3 are affected.

Red Hat Security Advisory 2024-5056-03 - Red Hat Integration Camel K 1.10.7 release and security update is now available.

Red Hat Security Advisory 2024-5054-03 - Red Hat OpenShift Virtualization release 4.16.1 is now available with updates to packages and images that fix several bugs and add enhancements.

Red Hat Security Advisory 2024-5041-03 - An update for python-urllib3 is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.

Red Hat Security Advisory 2024-5040-03 - An update for python-setuptools is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2024-5025-03 - Red Hat JBoss Web Server 5.8.1 zip release is now available for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, and Windows Server.

Gentoo Linux Security Advisory 202408-5 - Multiple vulnerabilities have been discovered in Redis, the worst of which may lead to a denial of service or possible remote code execution. Versions greater than or equal to 7.2.4 are affected.

E-Commerce Site using PHP PDO version 1.0 suffers from a directory traversal vulnerability.

Covid-19 Directory on Vaccination System version 1.0 suffers from an ignored default credential vulnerability.

Red Hat Security Advisory 2024-5024-03 - An update is now available for Red Hat JBoss Web Server 5.8 on Red Hat Enterprise Linux versions 7, 8, and 9.

Red Hat Security Advisory 2024-5002-03 - An update for python3.11-setuptools is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a code execution vulnerability.