Koyo PLC Programming Software) Security Vulnerabilities

Supply Chain Attack against Courtroom Software

No word on how this backdoor was installed: A software maker serving more than 10,000 courtrooms throughout the world hosted an application update containing a hidden backdoor that maintained persistent communication with a malicious website, researchers reported Thursday, in the latest episode...

JAVS Courtroom Recording Software Hit by Supply Chain Attack

...

SQL Injection

Meshery is vulnerable to SQL Injection. The vulnerability is due to improper handling of the sort query parameter in the GetAllEvents function, allowing for SQL injection through stacked queries and the ATTACH DATABASE...

SQL Injection

Meshery is vulnerable to SQL Injection. The vulnerability is due to improper handling of the order query parameter in the GetMeshSyncResourcesKinds function, allowing for SQL injection through stacked queries and the ATTACH DATABASE...

Use Of Cryptographically Weak Pseudo-Random Number Generator

stormpath/sdk is vulnerable to Use Of Cryptographically Weak Pseudo-Random Number Generator. This vulnerability is due to an insecure generation of UUID version...

SQL Injection

silverstripe/subsites is vulnerable to SQL Injection. The vulnerability is due to insufficient input validation and sanitization in the silverstripe/subsites module, which allows attacker can inject malicious SQL...

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in net-ssh-4.2.0.gem

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of net-ssh-4.2.0.gem Vulnerability Details ** CVEID: CVE-2023-48795 DESCRIPTION: **OpenSSH is vulnerable to a machine-in-the-middle attack, caused by a flaw in the extension negotiation process in the SSH...

SQL Injection

silverstripe/taxonomy module is vulnerable to SQL injection. The vulnerability is due to insufficient input validation and sanitization within the TaxonomyDirectoryController, which allows ab attackers to inject malicious SQL...

Denial Of Service (DoS)

aimeos/aimeos-core is vulnerable to Denial Of Service. The vulnerability is due to a lack of checks performed while saving and retrieving locale...

Exposure Of Sensitive Information To An Unauthorized Actor

silverstripe/userforms is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor. This vulnerability is due to insufficient authorization checks in submission notification emails, potentially enabling an attacker to access sensitive files uploaded through the forms without proper....

Cross Site Scripting (XSS)

socalnick/scn-social-auth is vulnerable to Cross Site Scripting (XSS). The vulnerability is due to not escaping the URL parameter "redirect," allowing an attacker to inject malicious HTML and execute arbitrary...

Improper Authorization

Nautobot is vulnerable to Improper Authorization. The vulnerability is due to Nautobot failing to restrict Dynamic Group member listings based on member object permissions, allowing users to view all objects in a Dynamic Group regardless of their specific...

Open Redirect

simplesamlphp/simplesamlphp is vulnerable to Open Redirect. The vulnerability is due to improper validation of URLs in request parameters, allowing an attacker to redirect a user to a malicious...

Partial Password Leakage

ethyca-fides is vulnerable to Partial Password Leakage. The vulnerability is due to improper sanitization/redaction of the SQLAlchemy password string in error logs, which partially exposes the database password when special characters are used inside the...

Denial Of Service (DoS) / Information Disclosure

io.airlift: aircompressor is vulnerable to Denial Of Service (DoS) / Information Disclosure. The vulnerability is due to improper memory bounds checking during data decompression, caused by the use of the sun.misc.Unsafe class without additional safeguards. This can lead to out-of-bounds memory...

Code Injection

smarty/smarty is vulnerable to code injection. The vulnerability is due to insufficient validation of file names used in the extends-tag. This allows attackers to inject PHP code by choosing a malicious file name for an...

Cross-site Request Forgery (CSRF)

sylius/resource-bundle is vulnerable to a Cross-Site Request Forgery. The vulnerability is due to the absence of proper validation and insufficient CSRF protection for actions such as marking order payments or product reviews in the AdminBundle and ResourceBundle. This allowing attackers to...

Cross-site Request Forgery (CSRF)

sylius/admin-bundle is vulnerable to Cross-Site Request Forgery (CSRF). The vulnerability is due to the absence of a CSRF token requirement in several administrative actions, such as marking orders payments as completed or refunded, and marking product reviews as accepted or rejected. This flaws...

Deserialization Of Untrusted Data

symbiote/silverstripe-multivaluefield is vulnerable to Deserialization Of Untrusted Data. The vulnerability is due to inadequate validation of user input, as well as object injection caused by support for handling PHP objects as values, which allows an attacker to inject malicious...

XML Entity Expansion (XEE)

symfony/dependency-injection is vulnerable to XML Entity Expansion (XEE) . The vulnerability is due to XML Entity Expansion (XEE) attacks, where the use of libxml2 lacks defense against XEE Quadratic Blowup Attacks (QBA), allowing long entities to create a memory sink for Denial of Service attacks....

Cross-site Scripting (XSS)

getformwork/formwork is vulnerable to Cross-site Scripting (XSS). The vulnerability is caused due to insufficient sanitization of markdown fields, allowing users with page editing permissions to insert...

Prototype Pollution

mysql2 is vulnerable to Prototype Pollution. The vulnerability is due to improper user input sanitization when data is passed to fields and tables within a nestTables, which allows an attacker to manipulate the objects...

Check Point Quantum Gateway - Information Disclosure

CVE-2024-24919 is an information disclosure vulnerability that can allow an attacker to access certain information on internet-connected Gateways which have been configured with IPSec VPN, remote access VPN or mobile access software...

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect WebSphere Application Server shipped with IBM Security Access Manager for Enterprise Single Sign-On due to April 2024 CPU

Summary IBM WebSphere Application Server is shipped with IBM Security Access Manager for Enterprise Single Sign-On. Information about security vulnerabilities affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security...

Symfony may allow a user to switch to using another user's identity

Symfony 2.0.6 has just been released. It addresses a security vulnerability in the EntityUserProvider as provided in the Doctrine bridge. If you let your users update their login/username from a form, and if you are using Doctrine as a user provider, then you are vulnerable and you should upgrade.....

Symfony may allow a user to switch to using another user's identity

Symfony 2.0.6 has just been released. It addresses a security vulnerability in the EntityUserProvider as provided in the Doctrine bridge. If you let your users update their login/username from a form, and if you are using Doctrine as a user provider, then you are vulnerable and you should upgrade.....

Symfony XML decoding attack vector through external entities

The XMLEncoder component of Symfony 2.0.x fails to disable external entities when parsing XML. In the Symfony2 framework the XML class may be used to deserialize objects or as part of a client/server API. By using external entities it is possible to include arbitrary files from the file...

Symfony XML decoding attack vector through external entities

The XMLEncoder component of Symfony 2.0.x fails to disable external entities when parsing XML. In the Symfony2 framework the XML class may be used to deserialize objects or as part of a client/server API. By using external entities it is possible to include arbitrary files from the file...

Symfony XXE security vulnerability

Symfony 2.0.11 carried a [similar] XXE security fix, however, on review of ZF2 I also noted a vulnerability to XML Entity Expansion (XEE) attacks whereby all extensions making use of libxml2 have no defense against XEE Quadratic Blowup Attacks. The vulnerability is a function of there being no...

Symfony XXE security vulnerability

Symfony 2.0.11 carried a [similar] XXE security fix, however, on review of ZF2 I also noted a vulnerability to XML Entity Expansion (XEE) attacks whereby all extensions making use of libxml2 have no defense against XEE Quadratic Blowup Attacks. The vulnerability is a function of there being no...

Symfony allows direct access of ESI URLs behind a trusted proxy

All 2.2.X, 2.3.X, 2.4.X, and 2.5.X versions of the Symfony HttpKernel component are affected by this security issue. Your application is vulnerable only if the ESI feature is enabled and there is a proxy in front of the web application. This issue has been fixed in Symfony 2.3.19, 2.4.9, and...

Symfony allows direct access of ESI URLs behind a trusted proxy

All 2.2.X, 2.3.X, 2.4.X, and 2.5.X versions of the Symfony HttpKernel component are affected by this security issue. Your application is vulnerable only if the ESI feature is enabled and there is a proxy in front of the web application. This issue has been fixed in Symfony 2.3.19, 2.4.9, and...

Symfony has unsafe methods in the Request class

All 2.0.X, 2.1.X, 2.2.X, 2.3.X, 2.4.X, 2.5.X, and 2.6.X versions of the Symfony HttpFoundation component are affected by this security issue. This issue has been fixed in Symfony 2.3.27, 2.5.11, and 2.6.6. Note that no fixes are provided for Symfony 2.0, 2.1, 2.2, and 2.4 as they are not...

Symfony has unsafe methods in the Request class

All 2.0.X, 2.1.X, 2.2.X, 2.3.X, 2.4.X, 2.5.X, and 2.6.X versions of the Symfony HttpFoundation component are affected by this security issue. This issue has been fixed in Symfony 2.3.27, 2.5.11, and 2.6.6. Note that no fixes are provided for Symfony 2.0, 2.1, 2.2, and 2.4 as they are not...

Symfony has a security issue when parsing the Authorization header

All 2.0.X, 2.1.X, 2.2.X, 2.3.X, 2.4.X, and 2.5.X versions of the Symfony HttpFoundation component are affected by this security issue. This issue has been fixed in Symfony 2.3.19, 2.4.9, and 2.5.4. Note that no fixes are provided for Symfony 2.0, 2.1, and 2.2 as they are not maintained anymore....

Symfony has a security issue when parsing the Authorization header

All 2.0.X, 2.1.X, 2.2.X, 2.3.X, 2.4.X, and 2.5.X versions of the Symfony HttpFoundation component are affected by this security issue. This issue has been fixed in Symfony 2.3.19, 2.4.9, and 2.5.4. Note that no fixes are provided for Symfony 2.0, 2.1, and 2.2 as they are not maintained anymore....

Symfony vulnerable to denial of service via a malicious HTTP Host header

All 2.0.X, 2.1.X, 2.2.X, 2.3.X, 2.4.X, and 2.5.X versions of the Symfony HttpFoundation component are affected by this security issue. This issue has been fixed in Symfony 2.3.19, 2.4.9, and 2.5.4. Note that no fixes are provided for Symfony 2.0, 2.1, and 2.2 as they are not maintained anymore....

Symfony vulnerable to denial of service via a malicious HTTP Host header

All 2.0.X, 2.1.X, 2.2.X, 2.3.X, 2.4.X, and 2.5.X versions of the Symfony HttpFoundation component are affected by this security issue. This issue has been fixed in Symfony 2.3.19, 2.4.9, and 2.5.4. Note that no fixes are provided for Symfony 2.0, 2.1, and 2.2 as they are not maintained anymore....

Symfony2 security issue when the trust proxy mode is enabled

An application is vulnerable if it uses the client IP address as returned by the Request::getClientIp() method for sensitive decisions like IP based access control. To fix this security issue, the following changes have been made to all versions of Symfony2: A new Request::setTrustedProxies()...

Symfony2 security issue when the trust proxy mode is enabled

An application is vulnerable if it uses the client IP address as returned by the Request::getClientIp() method for sensitive decisions like IP based access control. To fix this security issue, the following changes have been made to all versions of Symfony2: A new Request::setTrustedProxies()...

Code injection in the way Symfony implements translation caching in FrameworkBundle

When investigating issue #11093, Jeremy Derussé found a serious code injection issue in the way Symfony implements translation caching in FrameworkBundle. Your Symfony application is vulnerable if you meet the following conditions: You are using the Symfony translation system from...

Code injection in the way Symfony implements translation caching in FrameworkBundle

When investigating issue #11093, Jeremy Derussé found a serious code injection issue in the way Symfony implements translation caching in FrameworkBundle. Your Symfony application is vulnerable if you meet the following conditions: You are using the Symfony translation system from...

Security exception in com.github.javaparser.CommentsInserter.insertComments

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69307 Crash type: Security exception Crash state: com.github.javaparser.CommentsInserter.insertComments java.base/java.util.Objects.equals...

Segv on unknown address in od_ec_dec_init

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68774 Crash type: Segv on unknown address Crash state: od_ec_dec_init aom_reader_init...

The Events Calendar Free & Pro <= 6.4.0 - Contributor+ Missing Authorization to Authenticated Arbitrary Events Access

Description Multiple plugins and/or themes for WordPress are vulnerable to unauthorized access of data due to a insufficient capability checks and restrictions on a function in various versions. This makes it possible for authenticated attackers, with Contributor-level access and above, to access.....

Moderate: nghttp2 security update

libnghttp2 is a library implementing the Hypertext Transfer Protocol version 2 (HTTP/2) protocol in C. Security Fix(es): nghttp2: CONTINUATION frames DoS (CVE-2024-28182) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related...

Akaunting 3.1.8 Server-Side Template Injection

...

SUSE: Security Advisory (SUSE-SU-2024:1833-1)

The remote host is missing an update for...

Ubuntu: Security Advisory (USN-6797-1)

The remote host is missing an update for...

USN-6768-1: GLib vulnerability | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description Alicia Boya García discovered that GLib incorrectly handled signal subscriptions. A local attacker could use this issue to spoof D-Bus signals resulting in a variety of impacts including possible...