SECURITY BULLETINS & ADVISORIES

ADVISORY SUMMARY The Mautic application is affected by stored XSS vulnerabilities. Upon exploitation, these issues allow an authenticated attacker... continue reading

ADVISORY SUMMARY The R programming language’s default package manager CRAN is affected by a path traversal vulnerability that can lead to server... continue reading

ADVISORY SUMMARY Four vulnerabilities were discovered in the OpenClinic application, the most severe of which allowed an unauthenticated attacker... continue reading

ADVISORY SUMMARY Two cross-site scripting (XSS) vulnerabilities were discovered in the Immuta application. One instance was stored XSS that could... continue reading

ADVISORY SUMMARY The Winston Privacy device was affected by critical and high-risk issues, including a severe command injection vulnerability. The... continue reading

ADVISORY SUMMARY A server-side request forgery (SSRF) vulnerability was found in the Zamzar API when converting an Open Office ODT file to a PDF.... continue reading

ADVISORY SUMMARY The following document describes an identified vulnerability in the TinyMCE application in version 5.2.1. TinyMCE is in use on... continue reading

ADVISORY SUMMARY The following document describes identified vulnerabilities in the LibreHealth application version 2.0.0. Five high-risk issues... continue reading

ADVISORY SUMMARY One low-risk vulnerability was discovered within the SecureAuth IdP v9.3 application. This vulnerability could allow malicious... continue reading

ADVISORY SUMMARY The following document describes three identified vulnerabilities (one high-risk, one medium-risk, one low-risk) in the DigDash... continue reading