Koyo PLC Programming Software) Security Vulnerabilities

Denial Of Service (DoS)

github.com/stacklok/minder is vulnerable to a Denial Of Service (DoS). The vulnerability is due to the sigstore verifier reading an untrusted response entirely into memory without enforcing a limit on the response body. The vulnerability allows an attacker to crash the Minder server and deny other....

CVE-2024-21512

Versions of the package mysql2 before 3.9.8 are vulnerable to Prototype Pollution due to improper user input sanitization passed to fields and tables when using...

firefox regressions

USN-6779-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could ...

[SECURITY] Fedora 40 Update: qt6-qtbase-6.7.1-2.fc40

Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network...

Veeam Data Cloud Authentication Error

Veeam Data Cloud Authentication...

AdFoxly – Ad Manager, AdSense Ads & Ads.txt <= 1.8.5 - Missing Authorization

Description The AdFoxly – Ad Manager, AdSense Ads & Ads.txt plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 1.8.5. This makes it possible for unauthenticated attackers to perform an unauthorized...

Migrate queue importer - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-024

The Migrate queue importer module enables you to create cron migrations(configuration entities) with a reference towards migration entities in order to import them during cron runs. The module doesn't sufficiently protect against Cross Site Request Forgery under specific scenarios allowing an...

Progress Software WhatsUp Gold FaviconController Server-Side Request Forgery Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Progress Software WhatsUp Gold. Authentication is required to exploit this vulnerability. The specific flaw exists within the FaviconController class. The issue results from following HTTP...

Fastly < 1.2.26 - Missing Authorization

Description The Fastly plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in versions up to, and including, 1.2.25. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform...

Tainacan < 0.21.4 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The Tainacan plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 0.21.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject...

Praison SEO WordPress <= 4.0.15 - Authenticated (Author+) Stored Cross-Site Scripting

Description The Praison SEO WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 4.0.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level access and above, to...

Image Sizes - Moderately critical - Access bypass - SA-CONTRIB-2024-023

This module enables you to create responsive image styles that depend on the parent element's width. The module doesn't sufficiently check access to rendered images, resulting in access bypass vulnerabilities in specific...

ROS-20240529-01

Vulnerability in the Lightweight HTTP Server component of the Oracle Java SE software platform and virtual machine Oracle GraalVM Enterprise Edition is related to unrestricted resource allocation. Exploitation exploitation of the vulnerability could allow a remote attacker to cause a denial of...

EulerOS Virtualization 2.11.0 : kernel (EulerOS-SA-2024-1735)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Avoid potential UAF in LPI translation...

Progress Software Telerik Reporting ValidateMetadaUri XML External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Progress Software Telerik Reporting. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within...

RHEL 8 : python39:3.9 and python39-devel:3.9 (RHSA-2024:3466)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3466 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

K000139627: NGINX HTTP/3 QUIC vulnerability CVE-2024-34161

Security Advisory Description When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module and the network infrastructure supports a Maximum Transmission Unit (MTU) of 4096 or greater without fragmentation, undisclosed QUIC packets can cause NGINX worker processes to leak previously...

Debug Log – Manger Tool < 1.5 - Unauthenticated Information Exposure via Logs

Description The Debug Log – Manger Tool plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.5 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in...

Tainacan < 0.21.4 - Unauthenticated Stored Cross-Site Scripting

Description The Tainacan plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 0.21.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that...

K000139609: NGINX HTTP/3 QUIC vulnerability CVE-2024-32760

Security Advisory Description When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 encoder instructions can cause NGINX worker processes to terminate or cause other potential impact. (CVE-2024-32760) Note: This issue affects NGINX systems compiled with the.....

K000139612: NGINX HTTP/3 QUIC vulnerability CVE-2024-35200

Security Advisory Description When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate. (CVE-2024-35200) Note: This issue affects NGINX systems compiled with the ngx_http_v3_module module, where the...

K000139810: Oracle Java vulnerability CVE-2024-20919

Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK:.....

K000139628: Out-of-band Security Notification (May 29, 2024)

Security Advisory Description On May 29, 2024, F5 announced the following security issues. This document is intended to serve as an overview of these vulnerabilities to help determine the impact to your F5 devices. You can find the details of each issue in the associated articles. You can watch...

Important: python39:3.9 and python39-devel:3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security...

EulerOS Virtualization 2.11.1 : kernel (EulerOS-SA-2024-1734)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Avoid potential UAF in LPI translation...

JVN#22182715: Redmine DMSF Plugin vulnerable to path traversal

Redmine DMSF Plugin provided by Kontron contains a path traversal vulnerability (CWE-22). ## Impact When the affected version of the plugin is enabled on the Redmine instance, the logged-in user may obtain or delete arbitrary files on the server (within the privilege of the Redmine process). ##...

Security Bulletin: Triton Inference Server - May 2024

NVIDIA has released a software update for NVIDIA Triton Inference Server to address the issue disclosed in this bulletin. To protect your system, install the latest release from the Triton Inference Server Releases page on GitHub, and view the Secure Deployment Considerations Guide. Go to NVIDIA...

Important: python39:3.9 and python39-devel:3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security...

K000139611: NGINX HTTP/3 QUIC vulnerability CVE-2024-31079

Security Advisory Description When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate or cause other potential impact. This attack requires that a request be specifically timed during the connection...

JVN#15637138: EC-Orange vulnerable to authorization bypass

EC-Orange provided by S-cubism Inc. is an e-commerce website building system package based on an open source software EC-CUBE. EC-Orange contains an authorization bypass vulnerability (CWE-639). This is the same issue as JVN#51770585 (EC-CUBE vulnerable to authorization bypass). ## Impact A user...

RHEL 7 : rh-nodejs14 (RHSA-2024:3472)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3472 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security...

Debian dla-3822 : python-pymysql - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3822 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3822-1 [email protected] ...

Debian dsa-5700 : python-pymysql-doc - security update

The remote Debian 11 / 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5700 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5700-1 [email protected] ...

AI/LLM Software Report

This plugin utilizes various Nessus detection methods and reports software identified by to Nessus and known to utilize "Artificial Intelligence" (AI) and Large Language Model (LLM) technology. Note that this plugin uses several detection methods. The products reported by this plugin will grow as.....

Drupal REST & JSON API Authentication - Moderately critical - Access bypass - SA-CONTRIB-2024-022

Drupal REST & JSON API Authentication module restricts and secures unauthorized access to your Drupal site APIs using different authentication methods including Basic Authentication , API Key Authentication , JWT Authentication , OAuth Authentication , External / Third-Party Provider...

Malicious code in controlbundler (npm)

-= Per source details. Do not edit below this line.=- Source: ossf-package-analysis (db9a250abd3db6888ce6c77c0308a1e67927ee02b972e1516c7fdf295f33e522) The OpenSSF Package Analysis project identified 'controlbundler' @ 1.0.6 (npm) as malicious. It is considered malicious because: The package...

CVE-2024-36112

Nautobot is a Network Source of Truth and Network Automation Platform. A user with permissions to view Dynamic Group records (extras.view_dynamicgroup permission) can use the Dynamic Group detail UI view (/extras/dynamic-groups/&lt;uuid&gt;/) and/or the members REST API view...

SimpleSAMLphp Information Disclosure vulnerability

Background SimpleSAMLphp 1.17 includes a preview of the new user interface to be included in the future version 2.0. This new user interface can be enabled by setting the usenewui configuration option to true, and it includes a new admin interface in a module called admin, which can be disabled....

SimpleSAMLphp Information Disclosure vulnerability

Background SimpleSAMLphp 1.17 includes a preview of the new user interface to be included in the future version 2.0. This new user interface can be enabled by setting the usenewui configuration option to true, and it includes a new admin interface in a module called admin, which can be disabled....

ansibleguy-webui Cross-site Scripting vulnerability

Impact Multiple forms in version &lt;0.0.21 allowed injection of HTML elements. These are returned to the user after executing job actions and thus evaluated by the browser. Patches We recommend to upgrade to version &gt;= 0.0.21 References Report GitHub Issue...

ansibleguy-webui Cross-site Scripting vulnerability

Impact Multiple forms in version &lt;0.0.21 allowed injection of HTML elements. These are returned to the user after executing job actions and thus evaluated by the browser. Patches We recommend to upgrade to version &gt;= 0.0.21 References Report GitHub Issue...

rockhopper Buffer Overflow vulnerability

A vulnerability, which was classified as critical, has been found in bwoodsend rockhopper up to 0.1.2. Affected by this issue is the function count_rows of the file rockhopper/src/ragged_array.c of the component Binary Parser. The manipulation of the argument raw leads to buffer overflow. Local...

rockhopper Buffer Overflow vulnerability

A vulnerability, which was classified as critical, has been found in bwoodsend rockhopper up to 0.1.2. Affected by this issue is the function count_rows of the file rockhopper/src/ragged_array.c of the component Binary Parser. The manipulation of the argument raw leads to buffer overflow. Local...

dbt allows Binding to an Unrestricted IP Address via socketsocket

Summary Binding to INADDR_ANY (0.0.0.0) or IN6ADDR_ANY (::) exposes an application on all network interfaces, increasing the risk of unauthorized access. While doing some static analysis and code inspection, I found the following code binding a socket to INADDR_ANY by passing "" as the address....

dbt allows Binding to an Unrestricted IP Address via socketsocket

Summary Binding to INADDR_ANY (0.0.0.0) or IN6ADDR_ANY (::) exposes an application on all network interfaces, increasing the risk of unauthorized access. While doing some static analysis and code inspection, I found the following code binding a socket to INADDR_ANY by passing "" as the address....

Umbraco Commerce vulnerable to Stored Cross-site Scripting on Print Functionality

Impact Stored Cross-site scripting (XSS) enable attackers to inject malicious code into Print Functionality Patches 12.1.4, 10.0.5 References...

Umbraco Commerce vulnerable to Stored Cross-site Scripting on Print Functionality

Impact Stored Cross-site scripting (XSS) enable attackers to inject malicious code into Print Functionality Patches 12.1.4, 10.0.5 References...

CVE-2024-35226

Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. In affected versions template authors could inject php code by choosing a malicious file name for an extends-tag. Sites that cannot fully trust template authors should update asap....

SimpleSAMLphp Reflected Cross-site Scripting vulnerability

Background SimpleSAMLphp uses metadata to determine how to interact with other SAML entities. This metadata includes what’s called endpoints, which are URLs belonging to that entity where SAML messages can be sent. These URLs are used directly by SimpleSAMLphp when a message is sent, either via an....

SimpleSAMLphp Reflected Cross-site Scripting vulnerability

Background SimpleSAMLphp uses metadata to determine how to interact with other SAML entities. This metadata includes what’s called endpoints, which are URLs belonging to that entity where SAML messages can be sent. These URLs are used directly by SimpleSAMLphp when a message is sent, either via an....