ABB Ability™ Symphony® Plus Operations Security Vulnerabilities

CVE-2024-34346 Deno contains a permission escalation via open of privileged files with missing `--deny` flag

Deno is a JavaScript, TypeScript, and WebAssembly runtime with secure defaults. The Deno sandbox may be unexpectedly weakened by allowing file read/write access to privileged files in various locations on Unix and Windows platforms. For example, reading /proc/self/environ may provide access...

Security Bulletin: Common Vulnerabilities in Cloudera Data Platform Private Cloud Base 7.1.9.

Summary Common vulnerabilities reported in Cloudera Data Platform Private Cloud Base 7.1.9 have been addressed, and are available in Hotfix 2. Vulnerability Details ** CVEID: CVE-2015-1772 DESCRIPTION: **Apache Hive could allow a remote attacker to bypass security restrictions, caused by an error.....

linux, linux-azure, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-gkeop-5.15, linux-ibm, linux-ibm-5.15, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle, linux-oracle-5.15 vulnerabilities

It was discovered that the Open vSwitch implementation in the Linux kernel could overflow its stack during recursive action operations under certain conditions. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-1151) Sander Wiebing, Alvise de Faveri Tron,...

Security Bulletin: IBM Planning Analytics Local - Planning Analytics Workspace is affected by vulnerabilities in multiple Open Source Software (OSS) components

Summary There are vulnerabilities in multiple Open Source Software (OSS) components consumed by IBM Planning Analytics Local - Planning Analytics Workspace. These issues have been addressed in IBM Planning Analytics Local - Planning Analytics Workspace 2.1.2 and IBM Planning Analytics Local -...

Take Command Summit: A Message from Rapid7 Chairman and CEO, Corey Thomas

The Rapid7 Take Command Summit is just two short weeks away. We’re busy putting together one of the most impactful programs on the latest in cybersecurity trends, technology, and innovations available, and we are eager to share it with all of you. So eager, in fact, that Chairman and CEO of...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Base OS issues

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Base OS issues. We have updated the base image used by our Speech Services and the following vulnerabilities have been addressed. Please read the details for remediation below. Vulnerability Details...

CVE-2024-34084

Minder's HandleGithubWebhook is susceptible to a denial of service attack from an untrusted HTTP request. The vulnerability exists before the request has been validated, and as such the request is still untrusted at the point of failure. This allows an attacker with the ability to send requests to....

CVE-2024-34084

Minder's HandleGithubWebhook is susceptible to a denial of service attack from an untrusted HTTP request. The vulnerability exists before the request has been validated, and as such the request is still untrusted at the point of failure. This allows an attacker with the ability to send requests to....

CVE-2024-34084 Minder's Github Webhook Handler vulnerable to denial of service from un-validated requests

Minder's HandleGithubWebhook is susceptible to a denial of service attack from an untrusted HTTP request. The vulnerability exists before the request has been validated, and as such the request is still untrusted at the point of failure. This allows an attacker with the ability to send requests to....

Minder's GitHub Webhook Handler vulnerable to DoS from un-validated requests

Minder's HandleGithubWebhook is susceptible to a denial of service attack from an untrusted HTTP request. The vulnerability exists before the request has been validated, and as such the request is still untrusted at the point of failure. This allows an attacker with the ability to send requests to....

Minder's GitHub Webhook Handler vulnerable to DoS from un-validated requests

Minder's HandleGithubWebhook is susceptible to a denial of service attack from an untrusted HTTP request. The vulnerability exists before the request has been validated, and as such the request is still untrusted at the point of failure. This allows an attacker with the ability to send requests to....

libvirt vulnerability

Martin Širokov discovered that libvirt incorrectly handled certain memory operations. A local attacker could possibly use this issue to access virtproxyd without...

Exploit for CVE-2023-49606

[![Profile...

Exploits and vulnerabilities in Q1 2024

We at Kaspersky continuously monitor the evolving cyberthreat landscape to ensure we respond promptly to emerging threats, equipping our products with detection logic and technology. Software vulnerabilities that threat actors can exploit or are already actively exploiting are a critical component....

APT42’s Operations Employ “Nicecurl” and “Tamecat” Malwares

...

Improper Access Control

github.com/piraeusdatastore/piraeus-operator is vulnerable to Improper access control. The vulnerability is due to the ClusterRole being granted excessive permissions, specifically the ability to list all secrets in the cluster, which allows an attacker to impersonate the service account bound to.....

Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

SUSE SLES15 / openSUSE 15 Security Update : SUSE Manager Client Tools (SUSE-SU-2024:1509-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1509-1 advisory. A flaw was found in Ansible before version 2.2.0. The apt_key module does not properly verify key fingerprints, allowing...

K000139532 : Node.js vulnerability CVE-2024-27983

Security Advisory Description An attacker can make the Node.js HTTP/2 server completely unavailable by sending a small amount of HTTP/2 frames packets with a few HTTP/2 frames inside. It is possible to leave some data in nghttp2 memory after reset when headers with HTTP/2 CONTINUATION frame are...

SUSE: Security Advisory (SUSE-SU-2024:0862-1)

The remote host is missing an update for...

The Plus Addons for Elementor < 5.5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The The Plus Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's element attributes in all versions up to, and including, 5.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

K000139533 : MySQL vulnerability CVE-2024-21090

Security Advisory Description Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are 8.3.0 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to...

Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6765-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6765-1 advisory. In the Linux kernel, the following vulnerability has been resolved: apparmor: avoid crash when parsed profile name is empty When processing a packed...

libvirt vulnerability

Releases Ubuntu 24.04 LTS Packages libvirt - Libvirt virtualization toolkit Details Martin Širokov discovered that libvirt incorrectly handled certain memory operations. A local attacker could possibly use this issue to access virtproxyd without...

Linux kernel vulnerabilities

Releases Ubuntu 22.04 LTS Ubuntu 20.04 LTS Packages linux - Linux kernel linux-azure - Linux kernel for Microsoft Azure Cloud systems linux-azure-5.15 - Linux kernel for Microsoft Azure cloud systems linux-azure-fde - Linux kernel for Microsoft Azure CVM cloud systems linux-azure-fde-5.15 -...

Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Adobe Acrobat Reader DC AcroForm Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the....

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6766-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6766-1 advisory. In the Linux kernel, the following vulnerability has been resolved: net: prevent mss overflow in skb_segment() Once again syzbot is able...

CVE-2021-34981

Linux Kernel Bluetooth CMTP Module Double Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to.....

Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : java-17-openjdk (SUSE-SU-2024:1499-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1499-1 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise...

Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-6767-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6767-1 advisory. In the Linux kernel, the following vulnerability has been resolved: net: prevent mss overflow in skb_segment() Once again syzbot is able...

The Plus Addons for Elementor < 5.5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Age Gate

Description The The Plus Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Age Gate widget in all versions up to, and including, 5.4.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

SUSE: Security Advisory (SUSE-SU-2024:1345-1)

The remote host is missing an update for...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : java-11-openjdk (SUSE-SU-2024:1498-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1498-1 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise...

CVE-2024-34373

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite allows Stored XSS.This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a through...

CVE-2024-34373 WordPress The Plus Addons for Elementor plugin <= 5.4.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite allows Stored XSS.This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a through...

Exploit for Prototype Pollution in Salesforce Tough-Cookie

SEAL SECURITY PROJECT : Open Source Engineer Task Create...

Exploit for CVE-2023-46012

CVE-2023-46012 LINKSYS AC1900 EA7500v3 IGD UPnP Stack...

CVE-2023-31346

A flaw was found in some AMD CPUs where the guest message responses have not been zero-initialized. This issue may allow a local attacker with the ability to run arbitrary code on a container or virtual machine to discover sensitive information contained in the host system's memory. Mitigation...

Why Your VPN May Not Be As Secure As It Claims

Virtual private networking (VPN) companies market their services as a way to prevent anyone from snooping on your Internet usage. But new research suggests this is a dangerous assumption when connecting to a VPN via an untrusted network, because attackers on the same network could force a target's....

Litestar and Starlite vulnerable to Path Traversal

Summary Local File Inclusion via Path Traversal in LiteStar Static File Serving A Local File Inclusion (LFI) vulnerability has been discovered in the static file serving component of LiteStar. This vulnerability allows attackers to exploit path traversal flaws, enabling unauthorized access to...

Litestar and Starlite vulnerable to Path Traversal

Summary Local File Inclusion via Path Traversal in LiteStar Static File Serving A Local File Inclusion (LFI) vulnerability has been discovered in the static file serving component of LiteStar. This vulnerability allows attackers to exploit path traversal flaws, enabling unauthorized access to...

Rocky Linux 8 / 9 : java-21-openjdk (RLSA-2024:1828)

The remote Rocky Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:1828 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot)....

Rocky Linux 9 : nodejs:20 (RLSA-2024:1688)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:1688 advisory. The Node.js Permission Model does not clarify in the documentation that wildcards should be only used as the last character of a file path. For...

Debian dsa-5680 : affs-modules-6.1.0-21-4kc-malta-di - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5680 advisory. In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fix deadlock when enabling ASPM A last minute revert in 6.7-final introduced a...

Oracle Linux 9 : libssh (ELSA-2024-2504)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2504 advisory. A flaw was found in the libssh implements abstract layer for message digest (MD) operations implemented by different supported crypto backends....

Systemd Insecure PTY Handling

...

Rocky Linux 8 / 9 : java-1.8.0-openjdk (RLSA-2024:1818)

The remote Rocky Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:1818 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot)....