(LGPCSuite Setup), (IPSFULLHD, LG ULTRAWIDE, ULTRA HD Driver Setup) Security Vulnerabilities

RHEL 8 / 9 : OpenShift Container Platform 4.13.3 (RHSA-2023:3536)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3536 advisory. golang: net/http, net/textproto: denial of service from excessive memory allocation (CVE-2023-24534) golang: net/http, net/textproto,...

RHEL 7 : CloudForms 4.7.8 (RHSA-2019:2466)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:2466 advisory. cfme: Improper authorization in migration log controller allows any user to access VM migration logs (CVE-2019-10159) Note that Nessus has not...

RHEL 8 : Red Hat Virtualization (RHSA-2023:0759)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:0759 advisory. postgresql-jdbc: Information leak of prepared statement data due to insecure temporary file permissions (CVE-2022-41946) Note that Nessus has...

RHEL 8 / 9 : OpenShift Container Platform 4.12.0 (RHSA-2022:7398)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:7398 advisory. go-yaml: Denial of Service in go-yaml (CVE-2021-4235) golang: net/http: improper sanitization of Transfer-Encoding header...

CVE-2022-48652

In the Linux kernel, the following vulnerability has been resolved: ice: Fix crash by keep old cfg when update TCs more than queues There are problems if allocated queues less than Traffic Classes. Commit a632b2a4c920 ("ice: ethtool: Prohibit improper channel config for DCB") already disallow...

RHEL 7 : CloudForms 4.6.3 update (Moderate) (RHSA-2018:2184)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2184 advisory. ansible: Failed tasks do not honour no_log option allowing for secrets to be disclosed in logs (CVE-2018-10855) Note that Nessus has not tested...

RHEL 7 : Red Hat CloudForms (RHSA-2018:1972)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:1972 advisory. ansible-tower: Privilege escalation flaw allows for organization admins to obtain system privileges (CVE-2018-1101) ansible-tower:...

RHEL 7 : CloudForms 4.6.5 (RHSA-2018:3466)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:3466 advisory. rubyzip: arbitrary file write vulnerability / arbitrary code execution using a specially crafted zip file (CVE-2018-1000544) Note that Nessus...

RHEL 7 : CloudForms 4.5.5 (RHSA-2018:2745)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2745 advisory. rubygem-sprockets: Path traversal in forbidden_request?() can allow remote attackers to read arbitrary files (CVE-2018-3760) cfme:...

RHEL 7 : Red Hat CloudForms (RHSA-2017:3005)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:3005 advisory. supervisor: Command injection via malicious XML-RPC request (CVE-2017-11610) Ansible Tower:modification of git hooks in SCM repo via...

RHEL 7 : Red Hat CloudForms (RHSA-2018:0374)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:0374 advisory. CFME: VMRC plugin console grants users administrative access (CVE-2017-12191) Note that Nessus has not tested for this issue but has instead relied...

Exploit for Out-of-bounds Write in F5 Nginx Ingress Controller

evilMP4 Explore CVE-2022-41741 with the Evil MP4 repository....

CVE-2024-2603

The Salon booking system WordPress plugin through 9.6.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin (or editor depending on Salon booking system WordPress plugin through 9.6.5 configuration) to perform Stored Cross-Site Scripting attacks.....

CVE-2024-2310

The WP Google Review Slider WordPress plugin before 13.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...

CVE-2024-2439

The Salon booking system WordPress plugin through 9.6.5 does not sanitise and escape some of its settings, which could allow high privilege users such as Editor to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...

CVE-2024-2908

The Call Now Button WordPress plugin before 1.4.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...

Call Now Button < 1.4.7 - Admin+ Stored XSS

The Call Now Button WordPress plugin before 1.4.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...

Salon booking system <= 9.6.5 - Editor+ Stored XSS via Email Settings

The Salon booking system WordPress plugin through 9.6.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin (or editor depending on Salon booking system WordPress plugin through 9.6.5 configuration) to perform Stored Cross-Site Scripting attacks.....

Salon booking system <= 9.6.5 - Editor+ Stored XSS

The Salon booking system WordPress plugin through 9.6.5 does not sanitise and escape some of its settings, which could allow high privilege users such as Editor to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...

WP Google Review Slider < 13.6 - Admin+ Stored XSS

The WP Google Review Slider WordPress plugin before 13.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...

Popup4Phone <= 1.3.2 - Editor+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as Editor to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...

Popup4Phone <= 1.3.2 - Editor+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as Editor to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) PoC 1. Go to "Popup4Phone &gt;...

vyper performs double eval of the argument of sqrt

Summary Using the sqrt builtin can result in multiple eval evaluation of side effects when the argument has side-effects. The bug is more difficult (but not impossible!) to trigger as of 0.3.4, when the unique symbol fence was introduced (https://github.com/vyperlang/vyper/pull/2914). A contract...

vyper performs double eval of the argument of sqrt

Summary Using the sqrt builtin can result in multiple eval evaluation of side effects when the argument has side-effects. The bug is more difficult (but not impossible!) to trigger as of 0.3.4, when the unique symbol fence was introduced (https://github.com/vyperlang/vyper/pull/2914). A contract...

CVE-2024-25624

Iris is a web collaborative platform aiming to help incident responders sharing technical details during investigations. Due to an improper setup of Jinja2 environment, reports generation in iris-web is prone to a Server Side Template Injection (SSTI). Successful exploitation of the vulnerability.....

iris-web vulnerable to Server Side Template Injection in reports

Iris is a web collaborative platform aiming to help incident responders sharing technical details during investigations. Due to an improper setup of Jinja2 environment, reports generation in iris-web is prone to a Server Side Template Injection (SSTI). Successful exploitation of the vulnerability.....

CVE-2024-25917

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in CodeRevolution WP Setup Wizard.This issue affects WP Setup Wizard: from n/a through...

WordPress WP Setup Wizard plugin <= 1.0.8.1 - Auth. Full Database Download Vulnerability

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in CodeRevolution WP Setup Wizard.This issue affects WP Setup Wizard: from n/a through...

CVE-2024-2907

The AGCA WordPress plugin before 7.2.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...

AGCA – Custom Dashboard & Login Page < 7.2.2 - Admin+ Stored XSS via Image URL

The AGCA WordPress plugin before 7.2.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...

Newsletter Popup <= 1.2 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) PoC 1. Go to "Newsletter Popup &gt; A...

Newsletter Popup <= 1.2 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...

Securing millions of developers through 2FA

Though technology has advanced significantly to combat the proliferation of sophisticated security threats, the reality is that preventing the next cyberattack depends on getting the security basics right, and efforts to secure the software ecosystem must protect the developers who design, build,.....

CVE-2024-2972

The Floating Chat Widget: Contact Chat Icons, WhatsApp, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button WordPress plugin before 3.1.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting...

CVE-2024-2402

The Better Comments WordPress plugin before 1.5.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...

Floating Chat Widget < 3.1.9 - Editor+ Stored XSS

The Floating Chat Widget: Contact Chat Icons, WhatsApp, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button WordPress plugin before 3.1.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting...

Better Comments < 1.5.6 - Admin+ Stored XSS

The Better Comments WordPress plugin before 1.5.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...

RHEL 7 : CloudForms 4.6.2 update (Important) (RHSA-2018:1328)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:1328 advisory. ansible-tower: Privilege escalation flaw allows for organization admins to obtain system privileges (CVE-2018-1101) ansible-tower:...

HL Twitter <= 2014.1.18 - Admin+ Stored XSS via Widget

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) PoC 1. In the widget area, add the...

month name translation benaceur < 2.3.8 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...

month name translation benaceur < 2.3.8 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) PoC 1. Go to...

HL Twitter <= 2014.1.18 - Admin+ Stored XSS via Widget

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...

Exploit for Exposure of Private Personal Information to an Unauthorized Actor in Easyappointments

CVE-2022-0482 Vulnerability Exploitation Introduction This...

Exploit for Vulnerability in Reportlab

CVE-2023-33733 on Reportlab v3.6.12 This lab was set up to...

Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack

Palo Alto Networks has shared more details of a critical security flaw impacting PAN-OS that has come under active exploitation in the wild by malicious actors. The company described the vulnerability, tracked as CVE-2024-3400 (CVSS score: 10.0), as "intricate" and a combination of two bugs in...

Security Bulletin: Multiple vulnerabilities affect IBM Db2® on Cloud Pak for Data, and Db2 Warehouse® on Cloud Pak for Data

Summary IBM has released the below fix for IBM Db2® on Cloud Pak for Data and Db2 Warehouse® on Cloud Pak for Data in response to multiple vulnerabilities found in multiple components. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details ** CVEID:...

Improper Logs Output Neutralization

org.keycloak:keycloak-services is vulnerable to Improper Logs Output Neutralization . The vulnerability is due to errors in the browser client setup/auth process with "Security Key login" (WebAuthn), which are written into the form, sent to Keycloak, and are logged without proper escaping, which...

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:1322-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1322-1 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: fix kernel panic caused by race of smc_sock A...

SUSE SLES15 Security Update : kernel (SUSE-SU-2024:1321-1)

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1321-1 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: fix kernel panic caused by race of smc_sock A...

Save as PDF < 3.2.0 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...