-
main 2 I think is the most important to point out
- [CVE-2023-47994]
- [CVE-2023-47992]
both of these can run arbitrary code one of them being from the BMP plugin
so I am assuming a person coul…
-
**Describe the bug**
This wrapper uses dompdf/dompdf:^2.0.3. This version of phenx/php-svg-lib: >=0.3.3 =0.5.2
-
### Request for information
CVE-2024-6387 (stylized as regreSSHion) is a Remote **Unauthenticated** Code Execution vulnerability in `sshd` in glibc-based Linux systems, discovered by [Qualys](https…
-
I would like to understand what is the Security and Vulnerability management on this repository. Is there a policy in place documented? Currently I don't see one [here](https://github.com/usebruno/bru…
-
_This issue was automatically created by [Allstar](https://github.com/ossf/allstar/)._
**Security Policy Violation**
Security policy not enabled.
A SECURITY.md file can give users information about w…
-
Hello,
CERT PL found a security vulnerability in this repository. How can we report this privately? We don't see any security policy describing how such vulnerabilities should be reported.
kazet updated
4 months ago
-
-
Host Header Injection: By capture the POST request for a password reset sent
to https://cpmr.tacc.utexas.edu/reset, a malicious user can edit the Host
entry in the header. This will modify the p…
-
_This issue was automatically created by [Allstar](https://github.com/ossf/allstar/)._
**Security Policy Violation**
Security policy not enabled.
A SECURITY.md file can give users information about w…
-
Hi guys,
I was checking out the websocket API on my server and found a vulnerability. This vulnerability allows an unauthorized user that can access port 19023 on a FreeTAKServer with the default c…