19.06.2024 11:30 Git could be made to run programs as your login if it clones a crafted repository.
19.06.2024 01:15 Huy Nguy¡»'n Ph¡º¡m Nh¡ºt, and Valentin T. and Lutz Wolf of CrowdStrike, discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, did not correctly process and sanitize requests. This would allow an attacker to perform Cross-Side Scripting attacks.
19.06.2024 01:15 * bsc#1226027 Cross-References: * CVE-2024-5688 * CVE-2024-5690
19.06.2024 01:15 * bsc#1226007 Cross-References: * CVE-2023-52890
19.06.2024 01:15 * bsc#1223252 Cross-References: * CVE-2024-30171
19.06.2024 01:15 * bsc#1223852 Cross-References: * CVE-2023-52722
19.06.2024 01:15 * bsc#1223979 Cross-References: * CVE-2024-34069
18.06.2024 15:45 PHP, a widely-used open source general purpose scripting language, is affected by a security problem when parsing certain types of URLs. Due to a code logic error filtering functions such as filter_var when
18.06.2024 15:45 * bsc#1224122 * bsc#1226136 Cross-References: * CVE-2024-24786
18.06.2024 15:45 * bsc#1225551 Cross-References: * CVE-2024-4741
18.06.2024 15:45 MariaDB 10.5.25 Galera 26.4.18 Release notes: https://mariadb.com/kb/en/mariadb-10-5-25-release-notes/
18.06.2024 15:45 MariaDB 10.5.25 Galera 26.4.18 Release notes: https://mariadb.com/kb/en/mariadb-10-5-25-release-notes/
18.06.2024 05:30 Several security issues were fixed in Ghostscript.
18.06.2024 05:30 When starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can be caused to perform an arbitrary chmod of the provided argument, providing world-writable access to the target.
18.06.2024 05:30 iPerf3 before 3.17, when used with OpenSSL before 3.2.0 as a server with RSA authentication, allows a timing side channel in RSA decryption operations. This side channel could be sufficient for an attacker to recover credential plaintext. It requires the attacker to send a large number of messages for decryption, as described in "Everlasting ROBOT:
