5 Stars Rating Funnel WordPress Plugin | RRatingg Security Vulnerabilities

CentOS 8 : python-jinja2 (CESA-2024:3102)

The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2024:3102 advisory. Jinja is an extensible templating engine. Special placeholders in the template allow writing code similar to Python syntax. It is possible to inject...

CentOS 8 : libtiff (CESA-2024:3059)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2024:3059 advisory. LibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948, allowing attackers to cause a denial-of-service via a crafted tiff file. For users...

RHEL 9 : Red Hat OpenStack Platform 17.1 (python-gunicorn) (RHSA-2024:2727)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:2727 advisory. Gunicorn (Green Unicorn) is a Python WSGI HTTP server for UNIX Security Fix(es): * HTTP Request Smuggling due to improper validation of...

CentOS 8 : gstreamer1-plugins-bad-free (CESA-2024:3060)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:3060 advisory. GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary...

Ubuntu 16.04 LTS : Linux kernel (GCP) vulnerabilities (USN-6777-3)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6777-3 advisory. Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use-...

RHEL 8 : Red Hat OpenStack Platform 17.1 (tripleo-ansible and openstack-tripleo-heat-templates) (RHSA-2024:2770)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2770 advisory. Heat templates for TripleO TripleO Ansible project repository. Contains playbooks for use with TripleO OpenStack deployments....

VLC vulnerabilities

Releases Ubuntu 23.10 Ubuntu 22.04 LTS Ubuntu 20.04 LTS Ubuntu 18.04 ESM Ubuntu 16.04 ESM Packages vlc - multimedia player and streamer Details It was discovered that VLC incorrectly handled certain media files. A remote attacker could possibly use this issue to cause VLC to crash, resulting...

RHEL 9 : Red Hat OpenStack Platform 17.1 (python-glance-store) (RHSA-2024:2732)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:2732 advisory. OpenStack image service store library Security Fix(es): * Glance Store access key logged in DEBUG log level (CVE-2024-1141) For more details about...

SUSE SLES15 Security Update : kernel (Live Patch 37 for SLE 15 SP2) (SUSE-SU-2024:1735-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1735-1 advisory. In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header If an...

CentOS 8 : gstreamer1-plugins-good (CESA-2024:3089)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2024:3089 advisory. GStreamer FLAC File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on...

CentOS 8 : resource-agents (CESA-2024:2952)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:2952 advisory. urllib3 is a user-friendly HTTP client library for Python. urllib3 previously wouldn't remove the HTTP request body when an HTTP redirect response...

CentOS 8 : freeglut (CESA-2024:3120)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:3120 advisory. freeglut 3.4.0 was discovered to contain a memory leak via the menuEntry variable in the glutAddSubMenu function. (CVE-2024-24258) freeglut...

CentOS 8 : linux-firmware (CESA-2024:3178)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:3178 advisory. Protection mechanism failure for some Intel(R) PROSet/Wireless WiFi software may allow a privileged user to potentially enable escalation of...

SUSE SLES15 Security Update : kernel (Live Patch 46 for SLE 15 SP2) (SUSE-SU-2024:1719-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1719-1 advisory. In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header If an...

CentOS 8 : exempi (CESA-2024:3066)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:3066 advisory. Buffer Overflow vulnerability in function ID3_Support::ID3v2Frame::getFrameValue in exempi 2.5.0 and earlier allows remote attackers to cause a...

CentOS 8 : libXpm (CESA-2024:2974)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:2974 advisory. A vulnerability was found in libXpm due to a boundary condition within the XpmCreateXpmImageFromBuffer() function. This flaw allows a local...

SUSE SLES15 Security Update : kernel (Live Patch 8 for SLE 15 SP5) (SUSE-SU-2024:1705-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1705-1 advisory. In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header If an...

CentOS 8 : python-dns (CESA-2024:3275)

The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2024:3275 advisory. eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS name resolution by quickly sending an invalid...

CentOS 8 : python3.11-cryptography (CESA-2024:3105)

The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2024:3105 advisory. cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Calling load_pem_pkcs7_certificates or...

SUSE SLES15 Security Update : kernel (Live Patch 47 for SLE 15 SP2) (SUSE-SU-2024:1730-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1730-1 advisory. In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header If an...

FreeBSD : Roundcube -- Cross-site scripting vulnerabilities (e020b0fd-1751-11ef-a490-84a93843eb75)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the e020b0fd-1751-11ef-a490-84a93843eb75 advisory. The Roundcube project reports: cross-site scripting (XSS) vulnerability in handling SVG animate...

RHEL 9 : Red Hat OpenStack Platform 17.1 (python-django) (RHSA-2024:2731)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:2731 advisory. Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much ...

FreeBSD : Openfire administration console authentication bypass (9bcff2c4-1779-11ef-b489-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 9bcff2c4-1779-11ef-b489-b42e991fc52e advisory. Openfire is an XMPP server licensed under the Open Source Apache License. Openfire's administrative ...

ROS-20240522-01

A vulnerability in the CRI-O container mechanism is related to the injection of an arbitrary property via the Pod annotation. systemd. Exploitation of the vulnerability could allow an attacker acting remotely to perform an an arbitrary action on the host...

SUSE SLES15 Security Update : kernel (Live Patch 11 for SLE 15 SP5) (SUSE-SU-2024:1731-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1731-1 advisory. In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header If an...

CHAOS 5.0.8 Cross Site Scripting / Remote Command Execution Exploit

CHAOS version 5.0.8 is a free and open-source Remote Administration Tool that allows generated binaries to control remote operating systems. The web application contains a remote command execution vulnerability which can be triggered by an authenticated user when generating a new executable. The...

CVE-2024-3518 Media Library Assistant <= 3.15 - Authenticated (Contributor+) SQL Injection via Shortcode

The Media Library Assistant plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode(s) in all versions up to, and including, 3.15 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible.....

CVE-2024-3519 Media Library Assistant <= 3.15 - Reflected Cross-Site Scripting via lang

The Media Library Assistant plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the lang parameter in all versions up to, and including, 3.15 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary...

CVE-2024-35220

@fastify/session is a session plugin for fastify. Requires the @fastify/cookie plugin. When restoring the cookie from the session store, the expires field is overriden if the maxAge field was set. This means a cookie is never correctly detected as expired and thus expired sessions are not...

CVE-2024-35220

@fastify/session is a session plugin for fastify. Requires the @fastify/cookie plugin. When restoring the cookie from the session store, the expires field is overriden if the maxAge field was set. This means a cookie is never correctly detected as expired and thus expired sessions are not...

Shopware Remote Code Execution Vulnerability

Under certain circumstances it is possible to execute an authorized foreign code in Shopware version prior to...

Shopware Remote Code Execution Vulnerability

Under certain circumstances it is possible to execute an authorized foreign code in Shopware version prior to...

Shopware Remote Code Execution Vulnerability

Under certain circumstances, it’s possible to execute an unauthorized foreign code in Shopware in versions prior to 5.2.16. One possible threat is if a template that doesn’t derive from the Shopware standard has been completely copied. Themes or plugins that execute or overwrite the following...

Shopware Remote Code Execution Vulnerability

Under certain circumstances, it’s possible to execute an unauthorized foreign code in Shopware in versions prior to 5.2.16. One possible threat is if a template that doesn’t derive from the Shopware standard has been completely copied. Themes or plugins that execute or overwrite the following...

Shopware Non-Persistent XSS in the Frontend

A non-persistent Cross-Site Scripting (XSS) vulnerability has been identified in the Shopware eCommerce platform within the frontend. This vulnerability may allow an attacker to inject and execute malicious scripts in the context of a victim's web...

Shopware Non-Persistent XSS in the Frontend

A non-persistent Cross-Site Scripting (XSS) vulnerability has been identified in the Shopware eCommerce platform within the frontend. This vulnerability may allow an attacker to inject and execute malicious scripts in the context of a victim's web...

CVE-2024-35220 @fastify/session reuses destroyed session cookie

@fastify/session is a session plugin for fastify. Requires the @fastify/cookie plugin. When restoring the cookie from the session store, the expires field is overriden if the maxAge field was set. This means a cookie is never correctly detected as expired and thus expired sessions are not...

CVE-2024-31989

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. It has been discovered that an unprivileged pod in a different namespace on the same cluster could connect to the Redis server on port 6379. Despite having installed the latest version of the VPC CNI plugin on the EKS...

CVE-2024-31989

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. It has been discovered that an unprivileged pod in a different namespace on the same cluster could connect to the Redis server on port 6379. Despite having installed the latest version of the VPC CNI plugin on the EKS...

CVE-2024-31989 ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. It has been discovered that an unprivileged pod in a different namespace on the same cluster could connect to the Redis server on port 6379. Despite having installed the latest version of the VPC CNI plugin on the EKS...

Shopware Remote Code Execution Vulnerability

Under certain circumstances, it’s possible to execute an unauthorized foreign code in Shopware. This is a critical security vulnerability that could affect the entire system. All Shopware versions including Shopware 5.2.14 are...

Shopware Remote Code Execution Vulnerability

Under certain circumstances, it’s possible to execute an unauthorized foreign code in Shopware. This is a critical security vulnerability that could affect the entire system. All Shopware versions including Shopware 5.2.14 are...

ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache

Summary By default, the Redis database server is not password-protected. Consequently, an attacker with access to the Redis server can gain read/write access to the data in Redis. The attacker can also modify the "mfst" (manifest) key to cause ArgoCD to execute any deployment, potentially...

ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache

Summary By default, the Redis database server is not password-protected. Consequently, an attacker with access to the Redis server can gain read/write access to the data in Redis. The attacker can also modify the "mfst" (manifest) key to cause ArgoCD to execute any deployment, potentially...

CVE-2023-52879

In the Linux kernel, the following vulnerability has been resolved: tracing: Have trace_event_file have ref counters The following can crash the kernel: # cd /sys/kernel/tracing # echo 'p:sched schedule' &gt; kprobe_events # exec 5&gt;&gt;events/kprobes/sched/enable # &gt; kprobe_events # exec 5&gt...

CVE-2023-52879

In the Linux kernel, the following vulnerability has been resolved: tracing: Have trace_event_file have ref counters The following can crash the kernel: # cd /sys/kernel/tracing # echo 'p:sched schedule' &gt; kprobe_events # exec 5&gt;&gt;events/kprobes/sched/enable # &gt; kprobe_events # exec 5&gt...

CVE-2023-52866

In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: Fix user-memory-access bug in uclogic_params_ugee_v2_init_event_hooks() When CONFIG_HID_UCLOGIC=y and CONFIG_KUNIT_ALL_TESTS=y, launch kernel and then the below user-memory-access bug occurs. In...

CVE-2023-52866

In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: Fix user-memory-access bug in uclogic_params_ugee_v2_init_event_hooks() When CONFIG_HID_UCLOGIC=y and CONFIG_KUNIT_ALL_TESTS=y, launch kernel and then the below user-memory-access bug occurs. In...

CVE-2023-52842

In the Linux kernel, the following vulnerability has been resolved: virtio/vsock: Fix uninit-value in virtio_transport_recv_pkt() KMSAN reported the following uninit-value access issue: ===================================================== BUG: KMSAN: uninit-value in...

CVE-2023-52842

In the Linux kernel, the following vulnerability has been resolved: virtio/vsock: Fix uninit-value in virtio_transport_recv_pkt() KMSAN reported the following uninit-value access issue: ===================================================== BUG: KMSAN: uninit-value in...