NA - CVE-2024-23794 - An incorrect privilege assignment vulnerability...
An incorrect privilege assignment vulnerability in the inline editing functionality of OTRS can lead to privilege escalation. This flaw allows an agent with read-only permissions to gain full...
NA - CVE-2024-6540 - Improper filtering of fields when using the...
Improper filtering of fields when using the export function in the ticket overview of the external interface in OTRS could allow an authorized user to download a list of tickets containing...
Medium - CVE-2024-6740 - Openfind's Mail2000 does not properly...
Openfind's Mail2000 does not properly validate email atachments, allowing unauthenticated remote attackers to inject JavaScript code within the attachment and perform Stored Cross-site...
NA - CVE-2024-41007 - In the Linux kernel, the following...
In the Linux kernel, the following vulnerability has been resolved: tcp: avoid too many retransmit packets If a TCP socket is using TCP_USER_TIMEOUT, and the other peer retracted its window to...
NA - CVE-2024-6398 - An information disclosure vulnerability in SWG...
An information disclosure vulnerability in SWG in versions 12.x prior to 12.2.10 and 11.x prior to 11.2.24 allows information stored in a customizable block page to be disclosed to third-party...
Medium - CVE-2024-6741 - Openfind's Mail2000 has a vulnerability...
Openfind's Mail2000 has a vulnerability that allows the HttpOnly flag to be bypassed. Unauthenticated remote attackers can exploit this vulnerability using specific JavaScript code to obtain...