Tdragon6

**Name of the Vulnerable Software and Affected Versions** IBM Aspera Faspex versions 4.0 through 4.4.2 IBM Aspera Faspex versions 5.0 through 5.0.5 **Description** The issue allows a malicious actor to bypass IP whitelist restrictions using a specially crafted HTTP request. **Recommendations** For IBM Aspera Faspex versions 4.0 through 4.4.2, update to a version outside of this range to mitigate the risk. For IBM Aspera Faspex versions 5.0 through 5.0.5, update to a version outside of this range to mitigate the risk. As a temporary workaround, consider restricting access to the HTTP request functionality until a patch is available.

**Name of the Vulnerable Software and Affected Versions** smanga versions 3.1.9 and earlier **Description** The issue allows remote attackers to execute arbitrary code and gain sensitive information. This is achieved via the `mediaId`, `mangaId`, and `userId` parameters in the "php/history/add.php" endpoint. **Recommendations** For smanga versions 3.1.9 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** emoncms versions 11 and later **Description** The issue allows attackers to obtain the web directory path and other information leaked by the server via a crafted web request. This is an information disclosure vulnerability. **Recommendations** For emoncms versions 11 and later, at the moment, there is no information about a newer version that contains a fix for this vulnerability.