🚨 CVE-2024-37149
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An authenticated technician user can upload a malicious PHP script and hijack the plugin loader to execute this malicious script. Upgrade to 10.0.16.

🎖@cveNotify

🚨 CVE-2023-41915
OpenPMIx PMIx before 4.2.6 and 5.0.x before 5.0.1 allows attackers to obtain ownership of arbitrary files via a race condition during execution of library code with UID 0.

🎖@cveNotify

🚨 CVE-2024-26621
In the Linux kernel, the following vulnerability has been resolved:

mm: huge_memory: don't force huge page alignment on 32 bit

commit efa7df3e3bb5 ("mm: align larger anonymous mappings on THP
boundaries") caused two issues [1] [2] reported on 32 bit system or compat
userspace.

It doesn't make too much sense to force huge page alignment on 32 bit
system due to the constrained virtual address space.

[1] https://lore.kernel.org/linux-mm/d0a136a0-4a31-46bc-adf4-2db109a61672@kernel.org/
[2] https://lore.kernel.org/linux-mm/CAJuCfpHXLdQy1a2B6xN2d7quTYwg2OoZseYPZTRpU0eHHKD-sQ@mail.gmail.com/

🎖@cveNotify

🚨 CVE-2024-6387
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead to sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

🎖@cveNotify

🚨 CVE-2024-38021
Microsoft Outlook Remote Code Execution Vulnerability

🎖@cveNotify

🚨 CVE-2023-41915
OpenPMIx PMIx before 4.2.6 and 5.0.x before 5.0.1 allows attackers to obtain ownership of arbitrary files via a race condition during execution of library code with UID 0.

🎖@cveNotify

🚨 CVE-2024-26621
In the Linux kernel, the following vulnerability has been resolved:

mm: huge_memory: don't force huge page alignment on 32 bit

commit efa7df3e3bb5 ("mm: align larger anonymous mappings on THP
boundaries") caused two issues [1] [2] reported on 32 bit system or compat
userspace.

It doesn't make too much sense to force huge page alignment on 32 bit
system due to the constrained virtual address space.

[1] https://lore.kernel.org/linux-mm/d0a136a0-4a31-46bc-adf4-2db109a61672@kernel.org/
[2] https://lore.kernel.org/linux-mm/CAJuCfpHXLdQy1a2B6xN2d7quTYwg2OoZseYPZTRpU0eHHKD-sQ@mail.gmail.com/

🎖@cveNotify

🚨 CVE-2024-6387
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead to sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

🎖@cveNotify

🚨 CVE-2024-39511
An Improper Input Validation vulnerability in the 802.1X Authentication (dot1x) Daemon of Juniper Networks Junos OS allows a local, low-privileged attacker with access to the CLI to cause a Denial of Service (DoS).

On running a specific operational dot1x command, the dot1x daemon crashes. An attacker can cause a sustained DoS condition by running this command repeatedly.

When the crash occurs, the authentication status of any 802.1x clients is cleared, and any authorized dot1x port becomes unauthorized. The client cannot re-authenticate until the dot1x daemon restarts.

This issue affects Junos OS:
* All versions before 20.4R3-S10;
* 21.2 versions before 21.2R3-S7;
* 21.4 versions before 21.4R3-S6;
* 22.1 versions before 22.1R3-S5;
* 22.2 versions before 22.2R3-S3;
* 22.3 versions before 22.3R3-S2;
* 22.4 versions before 22.4R3-S1;
* 23.2 versions before 23.2R2.

🎖@cveNotify

🚨 CVE-2024-39512
An Improper Physical Access Control vulnerability in the console port control of Juniper Networks Junos OS Evolved allows an attacker with physical access to the device to get access to a user account.

When the console cable is disconnected, the logged in user is not logged out. This allows a malicious attacker with physical access to the console to resume a previous session and possibly gain administrative privileges.

This issue affects Junos OS Evolved:
* from 23.2R2-EVO before 23.2R2-S1-EVO, 
* from 23.4R1-EVO before 23.4R2-EVO.

🎖@cveNotify

🚨 CVE-2024-39513
An Improper Input Validation vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved allows a local, low-privileged attacker to cause a Denial of Service (DoS).

When a specific "clear" command is run, the Advanced Forwarding Toolkit manager (evo-aftmand-bt or evo-aftmand-zx) crashes and restarts.

The crash impacts all traffic going through the FPCs, causing a DoS. Running the command repeatedly leads to a sustained DoS condition.
This issue affects Junos OS Evolved: 



* All versions before 20.4R3-S9-EVO, 
* from 21.2-EVO before 21.2R3-S7-EVO, 
* from 21.3-EVO before 21.3R3-S5-EVO, 
* from 21.4-EVO before 21.4R3-S6-EVO, 
* from 22.1-EVO before 22.1R3-S4-EVO, 
* from 22.2-EVO before 22.2R3-S3-EVO, 
* from 22.3-EVO before 22.3R3-S3-EVO, 
* from 22.4-EVO before 22.4R3-EVO,
* from 23.2-EVO before 23.2R2-EVO.

🎖@cveNotify

🚨 CVE-2024-39554
A Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability the

Routing Protocol Daemon (rpd)

of Juniper Networks Junos OS and Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to inject incremental routing updates when BGP multipath is enabled, causing rpd to crash and restart, resulting in a Denial of Service (DoS). Since this is a timing issue (race condition), the successful exploitation of this vulnerability is outside the attacker's control.  However, continued receipt and processing of this packet may create a sustained Denial of Service (DoS) condition.

On all Junos OS and Junos OS Evolved platforms with BGP multipath enabled, a specific multipath calculation removes the original next hop from the multipath lead routes nexthop-set. When this change happens, multipath relies on certain internal timing to record the update.  Under certain circumstance and with specific timing, this could result in an rpd crash.

This issue only affects systems with BGP multipath enabled.


This issue affects:

Junos OS:


* All versions of 21.1
* from 21.2 before 21.2R3-S7,
* from 21.4 before 21.4R3-S6,
* from 22.1 before 22.1R3-S5,
* from 22.2 before 22.2R3-S3,
* from 22.3 before 22.3R3-S2,
* from 22.4 before 22.4R3,
* from 23.2 before 23.2R2.




Junos OS Evolved:


* All versions of 21.1-EVO,
* All versions of 21.2-EVO,
* from 21.4-EVO before 21.4R3-S6-EVO,
* from 22.1-EVO before 22.1R3-S5-EVO,
* from 22.2-EVO before 22.2R3-S3-EVO,
* from 22.3-EVO before 22.3R3-S2-EVO,
* from 22.4-EVO before 22.4R3-EVO,
* from 23.2-EVO before 23.2R2-EVO.



Versions of Junos OS before 21.1R1 are unaffected by this vulnerability.
Versions of Junos OS Evolved before 21.1R1-EVO are unaffected by this vulnerability.

🎖@cveNotify

🚨 CVE-2024-6447
The FULL – Cliente plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the license plan parameter in all versions up to, and including, 3.1.12 due to insufficient input sanitization and output escaping as well as missing authorization and capability checks on the related functions. This makes it possible for unauthenticated attackers to inject arbitrary web scripts that will execute whenever an administrative user accesses wp-admin dashboard

🎖@cveNotify

🚨 CVE-2024-6653
A vulnerability was found in code-projects Simple Task List 1.0. It has been declared as critical. This vulnerability affects unknown code of the file loginForm.php of the component Login. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-271060.

🎖@cveNotify

🚨 CVE-2024-6387
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead to sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

🎖@cveNotify

🚨 CVE-2024-40618
Whale browser before 3.26.244.21 allows an attacker to execute malicious JavaScript due to improper sanitization when processing a built-in extension.

🎖@cveNotify

🚨 CVE-2024-38347
CodeProjects Health Care hospital Management System v1.0 was discovered to contain a SQL injection vulnerability in the Room Information module via the id parameter.

🎖@cveNotify

🚨 CVE-2024-38348
CodeProjects Health Care hospital Management System v1.0 was discovered to contain a SQL injection vulnerability in the Staff Info module via the searvalu parameter.

🎖@cveNotify

🚨 CVE-2024-1168
The SEOPress – On-site SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's social image URL in all versions up to, and including, 7.9 due to insufficient input sanitization and output escaping on user supplied image URLs. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

🎖@cveNotify

🚨 CVE-2024-3558
The Custom Field Suite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the the 'cfs[post_title]' parameter versions up to, and including, 2.6.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

🎖@cveNotify

🚨 CVE-2024-38972
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/power-ports/add/.

🎖@cveNotify