OBS-Vigilance

Title	Description	Date
Ruby Time: overload via Regular Expression	An attacker can trigger an overload of Ruby Time, via Regular Expression, in order to trigger a denial of service...	Visit link for details
Forcepoint Web Security: three vulnerabilities	An attacker can use several vulnerabilities of Forcepoint Web Security...	Visit link for details
Linux kernel: reuse after free via nfsd4_ssc_setup_dul()	An attacker can force the reuse of a freed memory area of the Linux kernel, via	Visit link for details
FFmpeg: reuse after free via Stale Hwaccel State	An attacker can force the reuse of a freed memory area of FFmpeg, via Stale Hwaccel State, in order to trigger a denial of service, and possibly to run code...	Visit link for details
testng: directory traversal via testngXmlExistsInJar()	An attacker can traverse directories of testng, via	Visit link for details
Undertow: Man-in-the-Middle via TLS Client	An attacker can act as a Man-in-the-Middle on Undertow, via TLS Client, in order to read or write data in the session...	Visit link for details
markdown-it-py: denial of service via CLI Invalid UTF-8 Characters	An attacker can cause a fatal error of markdown-it-py, via CLI Invalid UTF-8 Characters, in order to trigger a denial of service...	Visit link for details
Moodle: information disclosure via Course Participation Report	An attacker can bypass access restrictions to data of Moodle, via Course Participation Report, in order to read sensitive information...	Visit link for details
Moodle: six vulnerabilities	An attacker can use several vulnerabilities of Moodle...	Visit link for details
zstd: buffer overflow via util.c	An attacker can trigger a buffer overflow of zstd, via util.c, in order to trigger a denial of service, and possibly to run code...	Visit link for details
Drupal Xray Audit: Cross Site Scripting	An attacker can trigger a Cross Site Scripting of Drupal Xray Audit, in order to run JavaScript code in the context of the web site...	Visit link for details