Oct 02 CVE-2024-46977 (openc3): OpenC3 Path Traversal via screen controller (`GHSL-2024-127`) posted in •
Oct 02 CVE-2024-43795 (openc3): OpenC3 Cross-site Scripting in Login functionality (`GHSL-2024-128`) posted in •
Oct 01 CVE-2024-41673 (decidim): Decidim has a cross-site scripting vulnerability in the version control page posted in •
Sep 25 GHSA-75j2-9gmc-m855 (camaleon_cms): Camaleon CMS vulnerable to stored XSS through user file upload (GHSL-2024-184) posted in •
Sep 23 GHSA-8fx8-3rg2-79xw (camaleon_cms): Camaleon CMS vulnerable to stored XSS through user file upload (GHSL-2024-184) posted in •
Sep 20 CVE-2024-45614 (puma): Puma's header normalization allows for client to clobber proxy set headers posted in •
Sep 19 CVE-2024-7254 (google-protobuf): protobuf-java has potential Denial of Service issue posted in •