Roundcube Webmail contains a cross-site scripting (XSS) vulnerability that allows a remote attacker to manipulate data via a malicious XML attachment.
// weekly digest
// weekly digest
// weekly digest
2024-06-24 00:00 UTC 2024-06-30 23:59 UTC
// total
0
// critical
0
// high
0
// medium
0
// low
0
// new kev
3
// top critical
No CRITICAL CVEs published this week.
// top high
No HIGH CVEs published this week.
// new kev additions
Roundcube Webmail contains a cross-site scripting (XSS) vulnerability that allows a remote attacker to manipulate data via a malicious XML attachment.
Linux Kernel contains a use-after-free vulnerability in the nft_object, allowing local attackers to escalate privileges.
OSGeo GeoServer JAI-EXT contains a code injection vulnerability that, when programs use jt-jiffle and allow Jiffle script to be provided via network request, could allow remote code execution.