-
The current OSV structure combines vulnerability data from different resources (e.g., NVD, Alpine, Debian) into a [single CVE entry ](https://osv.dev/vulnerability/CVE-2024-28757) based on shared CVE …
-
Improper Privilege Management vulnerability with High severity found
[https://github.com/dmdhrumilmistry/CVEs/tree/main/CVE-2024-22513](url)
-
**Wazuh version : 4.9 update
Install type : Manual install
Platform : Debian 11**
Hello everyone,
I have questions about my wazuh installation and its vulnerability collection.
I have two s…
-
# RCE vulnerability in Subrion CMS 4.2.1
Affected version
- Subrion CMS 4.2.1
Source code: https://subrion.org/download/
Exploiting vulnerabilities:
1、login address:
~~~
http://127.…
-
I don't know if there's a better way to do this but running ssh-audit against a RHEL server's sshd seems to result in false CVE reporting. For example, my FreeBSD systems, which use OpenSSH 9.6p1, wil…
-
We are doing some work at the summit on security best practices and vulnerability disclosure came up. So we'll add it as SPEC 11. Here's the scope for the spec:
- Securicy policy (What should inclu…
-
### Template Information:
In the login portal of the Online Blood Bank Management application, it is possible to inject SQL into "user" and exploit time-based SQL injection.
References can …
-
=================
Schools Alert Management Script - get_sec.php SQL Injection
=================
Date: 07.06.2018
Vendor Homepage: https://www.phpscriptsmall.com/
Software Link: https://www.phpscr…
unh3x updated
1 month ago
-
What is best practice for shared installs?
Guidance needs to cover at least:
- where to put zopen in the filesystem
- user profile updates
- managing upgrades
- mixing a subset of the tools w…
-
## Use case
When you want to see the CPEs associated with a vulnerability or vice versa.
## Current Workaround
There is no workaround.
## Proposed Solution
When importing the CVEs datas…