ESET, Spol. S R.o. Security Vulnerabilities

K000139680: MySQL2 vulnerability CVE-2024-21508

Security Advisory Description Versions of the package mysql2 before 3.9.4 are vulnerable to Remote Code Execution (RCE) via the readCodeFor function due to improper validation of the supportBigNumbers and bigNumberStrings values. (CVE-2024-21508) Impact There is no impact; F5 products are not...

Moderate: pam security update

Pluggable Authentication Modules (PAM) provide a system to set up authentication policies without the need to recompile programs to handle authentication. Security Fix(es): pam: allowing unprivileged user to block another user namespace (CVE-2024-22365) For more details about the security...

K000139700: Linux kernel usbmon vulnerability CVE-2022-43750

Security Advisory Description drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-space client to corrupt the monitor's internal memory. (CVE-2022-43750) Impact This vulnerability may allow an attacker with local access to gain improper...

K000139698: Python vulnerabilities CVE-2016-5636, and CVE-2023-36632

Security Advisory Description CVE-2016-5636 Integer overflow in the get_data function in zipimport.c in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 allows remote attackers to have unspecified impact via a negative data size value, which triggers a heap-based...

Moderate: perl-CPAN security update

The CPAN module is a tool to query, download and build perl modules from CPAN sites. Security Fix(es): perl: CPAN.pm does not verify TLS certificates when downloading distributions over HTTPS (CVE-2023-31484) For more details about the security issue(s), including the impact, a CVSS score,...

Moderate: LibRaw security update

LibRaw is a library for reading RAW files obtained from digital photo cameras (CRW/CR2, NEF, RAF, DNG, and others). Security Fix(es): LibRaw: stack buffer overflow in LibRaw_buffer_datastream::gets() in src/libraw_datastream.cpp (CVE-2021-32142) For more details about the security issue(s),...

Important: pcp security update

Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance measurements. Its light-weight distributed architecture makes it particularly well-suited to centralized analysis of complex systems. Security Fix(es): pcp:.....

Moderate: gmp security update

The gmp packages contain GNU MP, a library for arbitrary precision arithmetics, signed integers operations, rational numbers, and floating point numbers. Security Fix(es): gmp: Integer overflow and resultant buffer overflow via crafted input (CVE-2021-43618) For more details about the security...

Moderate: python3.11-cryptography security update

The python-cryptography packages contain a Python Cryptographic Authority's (PyCA's) cryptography library, which provides cryptographic primitives and recipes to Python developers. Security Fix(es): python-cryptography: NULL-dereference when loading PKCS7 certificates (CVE-2023-49083) For more...

K000139684: AMD processors vulnerability CVE-2023-20569

Security Advisory Description A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure. (CVE-2023-20569) Impact...

K000139678: MySQL Server vulnerability CVE-2024-21055

Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

CVE-2018-18696

...

(RHSA-2024:2994) Moderate: LibRaw security update

LibRaw is a library for reading RAW files obtained from digital photo cameras (CRW/CR2, NEF, RAF, DNG, and others). Security Fix(es): LibRaw: stack buffer overflow in LibRaw_buffer_datastream::gets() in src/libraw_datastream.cpp (CVE-2021-32142) For more details about the security issue(s),...

(RHSA-2024:3105) Moderate: python3.11-cryptography security update

The python-cryptography packages contain a Python Cryptographic Authority's (PyCA's) cryptography library, which provides cryptographic primitives and recipes to Python developers. Security Fix(es): python-cryptography: NULL-dereference when loading PKCS7 certificates (CVE-2023-49083) For more...

(RHSA-2024:3044) Moderate: idm:DL1 security update

Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fix(es): freeipa: specially crafted HTTP requests potentially lead to denial of service (CVE-2024-1481) For...

MOVEit Transfer - SQL Injection

In Progress MOVEit Transfer before 2020.1.11 (12.1.11), 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), and 2023.0.4 (15.0.4), a SQL injection vulnerability has been identified in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain...

Exploit for Improper Authentication in Ivanti Endpoint Manager Mobile

CVE-2023-35078 Exploit POC CVE-2023-35078 Remote...

CVE-2024-35167

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EnvoThemes Envo's Elementor Templates & Widgets for WooCommerce allows Stored XSS.This issue affects Envo's Elementor Templates & Widgets for WooCommerce: from n/a through...

(RHSA-2024:2936) Important: go-toolset:rhel8 security update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix(es): golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288) For more details about the security issue(s), including the impact, a...

(RHSA-2024:3313) Important: postgresql-jdbc security update

PostgreSQL is an advanced object-relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs to access a PostgreSQL database. Security Fix(es): pgjdbc: PostgreSQL JDBC Driver allows attacker to inject SQL if using PreferQueryMode=SIMPLE...

(RHSA-2024:3392) Important: pcp security update

Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance measurements. Its light-weight distributed architecture makes it particularly well-suited to centralized analysis of complex systems. Security Fix(es): pcp:.....

(RHSA-2024:3497) Important: edk2 security update

EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fix(es): edk2: Buffer overflow when processing DNS Servers option in a DHCPv6 Advertise message (CVE-2023-45234) edk2: Buffer...

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect WebSphere Application Server shipped with IBM Security Access Manager for Enterprise Single Sign-On due to April 2024 CPU

Summary IBM WebSphere Application Server is shipped with IBM Security Access Manager for Enterprise Single Sign-On. Information about security vulnerabilities affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security...

CVE-2023-26103

Versions of the package deno before 1.31.0 are vulnerable to Regular Expression Denial of Service (ReDoS) due to the upgradeWebSocket function, which contains regexes in the form of /s,s/, used for splitting the Connection/Upgrade header. A specially crafted Connection/Upgrade header can be used...

Moderate: httpd:2.4 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix(es): httpd: mod_macro: out-of-bounds read vulnerability (CVE-2023-31122) mod_http2: reset requests exhaust memory (incomplete fix of CVE-2023-44487) (CVE-2023-45802) For more details...

Moderate: qt5-qtbase security update

Qt is a software toolkit for developing applications. The qt5-base packages contain base tools for string, xml, and network handling in Qt. Security Fix(es): qt: incorrect integer overflow check (CVE-2023-51714) qtbase: potential buffer overflow when reading KTX images (CVE-2024-25580) For more...

Moderate: libsndfile security update

libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV. Security Fix(es): libsndfile: integer overflow in src/mat4.c and src/au.c leads to DoS (CVE-2022-33065) For more details about the security issue(s), including the impact, a CVSS score,...

Moderate: gstreamer1-plugins-base security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-base packages contain a collection of well-maintained base plug-ins. Security Fix(es): gstreamer-plugins-base: heap overwrite in subtitle parsing (CVE-2023-37328) For more...

Moderate: libsndfile security update

libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV. Security Fix(es): libsndfile: integer overflow in src/mat4.c and src/au.c leads to DoS (CVE-2022-33065) For more details about the security issue(s), including the impact, a CVSS score,...

Moderate: libX11 security update

The libX11 packages contain the core X11 protocol client library. Security Fix(es): libX11: out-of-bounds memory access in _XkbReadKeySyms() (CVE-2023-43785) libX11: stack exhaustion from infinite recursion in PutSubImage() (CVE-2023-43786) libX11: integer overflow in XCreateImage() leading to a...

Moderate: python-pillow security update

The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fix(es): python-pillow: uncontrolled resource consumption when textlength in an ImageDraw...

Moderate: motif security update

The motif packages include the Motif shared libraries needed to run applications which are dynamically linked against Motif, as well as MWM, the Motif Window Manager. Security Fix(es): libXpm: out of bounds read in XpmCreateXpmImageFromBuffer() (CVE-2023-43788) libXpm: out of bounds read on XPM...

Moderate: squashfs-tools security update

SquashFS is a highly compressed read-only file system for Linux. These packages contain the utilities for manipulating squashfs file systems. Security Fix(es): squashfs-tools: unvalidated filepaths allow writing outside of destination (CVE-2021-40153) squashfs-tools: possible Directory Traversal...

Moderate: mutt security update

Mutt is a low resource, highly configurable, text-based MIME e-mail client. Mutt supports most e-mail storing formats, such as mbox and Maildir, as well as most protocols, including POP3 and IMAP. Security Fix(es): mutt: null pointer dereference (CVE-2023-4874) mutt: null pointer dereference...

Moderate: mutt security update

Mutt is a low resource, highly configurable, text-based MIME e-mail client. Mutt supports most e-mail storing formats, such as mbox and Maildir, as well as most protocols, including POP3 and IMAP. Security Fix(es): mutt: null pointer dereference (CVE-2023-4874) mutt: null pointer dereference...

(RHSA-2024:3347) Important: python3 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security...

Moderate: python-jinja2 security update

The python-jinja2 package contains Jinja2, a template engine written in pure Python. Jinja2 provides a Django inspired non-XML syntax but supports inline expressions and an optional sandboxed environment. Security Fix(es): jinja2: HTML attribute injection when passing user input as keys to...

Moderate: qt5-qtbase security update

Qt is a software toolkit for developing applications. The qt5-base packages contain base tools for string, xml, and network handling in Qt. Security Fix(es): qt: incorrect integer overflow check (CVE-2023-51714) qtbase: potential buffer overflow when reading KTX images (CVE-2024-25580) For more...

Moderate: freeglut security update

freeglut is a completely open source alternative to the OpenGL Utility Toolkit (GLUT) library with an OSI approved free software license. Security Fix(es): freeglut: memory leak via glutAddSubMenu() function (CVE-2024-24258) freeglut: memory leak via glutAddMenuEntry() function (CVE-2024-24259) ...

Moderate: openssh security update

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fix(es): openssh: scp allows command injection when using backtick characters in the destination...

Low: libssh security update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fix(es): libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname (CVE-2023-6004) libssh: Missing checks for return values for digests...

Moderate: sssd security update

The System Security Services Daemon (SSSD) service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch (NSS) and the Pluggable Authentication Modules (PAM) interfaces toward the system, and a pluggable back-end...

Moderate: squashfs-tools security update

SquashFS is a highly compressed read-only file system for Linux. These packages contain the utilities for manipulating squashfs file systems. Security Fix(es): squashfs-tools: unvalidated filepaths allow writing outside of destination (CVE-2021-40153) squashfs-tools: possible Directory Traversal...

Moderate: vorbis-tools security update

The vorbis-tools packages provide an encoder, a decoder, a playback tool, and a comment editor for Ogg Vorbis. Ogg Vorbis is a fully open, non-proprietary, patent- and royalty-free, general-purpose compressed audio format. Security Fix(es): vorbis-tools: Buffer Overflow vulnerability...

Moderate: python-pillow security update

The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fix(es): python-pillow: uncontrolled resource consumption when textlength in an ImageDraw...

Metabase < 0.46.6.1 - Remote Code Execution

Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server's privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4.1, 0.44.7.1, 1.44.7.1, 0.43.7.2,....

(RHSA-2024:3391) Important: python3 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security...

(RHSA-2024:2891) Moderate: httpd:2.4 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix(es): mod_http2: httpd: CONTINUATION frames DoS (CVE-2024-27316) mod_http2: reset requests exhaust memory (incomplete fix of CVE-2023-44487) (CVE-2023-45802) For more details...

(RHSA-2024:3325) Important: pcp security update

Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance measurements. Its light-weight distributed architecture makes it particularly well-suited to centralized analysis of complex systems. Security Fix(es): pcp:.....

(RHSA-2024:2979) Moderate: poppler security update

Poppler is a Portable Document Format (PDF) rendering library, used by applications such as Evince. Security Fix(es): poppler: NULL pointer dereference in FoFiType1C::convertToType1 (CVE-2020-36024) For more details about the security issue(s), including the impact, a CVSS score,...