#vulnerability

Gentoo Linux Security Advisory 202408-1 - Multiple vulnerabilities have been discovered in containerd, the worst of which could lead to privilege escalation. Versions greater than or equal to 1.6.19 are affected.

Concert Ticket Reservation System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Computer Laboratory Management System version 1.0 suffers from an ignored default credential vulnerability.

Ubuntu Security Notice 6200-2 - USN-6200-1 fixed vulnerabilities in ImageMagick. Unfortunately these fixes were incomplete for Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. This update fixes the problem.

Codeprojects E-Commerce version 1.0 suffers from a cross site scripting vulnerability.

Blog Site version 1.0 suffers from a cross site scripting vulnerability.

Red Hat Security Advisory 2024-5001-03 - An update for httpd is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a server-side request forgery vulnerability.

A security vulnerability in Rockwell Automation's ControlLogix 1756 programmable logic controllers, tracked as CVE-2024-6242, could allow tampering with physical processes at plants.

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: DIAScreen Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a stack-based buffer overflow, resulting in execution of arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Delta Electronics DIAScreen visualization software are affected: DIAScreen: Versions prior to 1.4.2 3.2 Vulnerability Overview 3.2.1 STACK-BASED BUFFER OVERFLOW CWE-121 A crafted DPA file could force Delta Electronics DIAScreen to overflow a stack-based buffer, which could allow an attacker to execute arbitrary code. CVE-2024-7502 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.8 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). A CVSS v4 score has also been calculated for CVE-2024-7502. A base score of 8.5 has been calculated; the...

Everyone loves the double-agent plot twist in a spy movie, but it’s a different story when it comes to securing company data. Whether intentional or unintentional, insider threats are a legitimate concern. According to CSA research, 26% of companies who reported a SaaS security incident were struck by an insider.  The challenge for many is detecting those threats before they lead to full