AR3200; NGFW Module Security Vulnerabilities

CVE-2024-34347

@hoppscotch/cli is a CLI to run Hoppscotch Test Scripts in CI environments. Prior to 0.8.0, the @hoppscotch/js-sandbox package provides a Javascript sandbox that uses the Node.js vm module. However, the vm module is not safe for sandboxing untrusted Javascript code. This is because code inside the....

Ubuntu: Security Advisory (USN-6765-1)

The remote host is missing an update for...

CVE-2021-34981

Linux Kernel Bluetooth CMTP Module Double Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to.....

CVE-2021-34981

Linux Kernel Bluetooth CMTP Module Double Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to.....

linux-oem-6.5 vulnerabilities

Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service (system crash). (CVE-2023-6356, CVE-2023-6535, CVE-2023-6536) Sander.....

tigervnc security update

[1.13.1-8.3] - Rebuild (z-stream target) Resolves: RHEL-30985 Resolves: RHEL-31015 [1.13.1-8.2] - Fix crash caused by fix for CVE-2024-31083 Resolves: RHEL-30985 [1.13.1-8.1] - Fix CVE-2024-31080 tigervnc: xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents ...

Linux kernel (OEM) vulnerabilities

Releases Ubuntu 22.04 LTS Packages linux-oem-6.5 - Linux kernel for OEM systems Details Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to...

ROS-20240507-09

Vulnerability in the Extensions component of Microsoft Edge and Google Chrome browsers is related to incorrect security checks for standard elements. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive information V8 JavaScript script handler...

CVE-2024-34532

A SQL injection vulnerability in Yvan Dotet PostgreSQL Query Deluxe module (aka query_deluxe) 17.x before 17.0.0.4 allows a remote attacker to gain privileges via the query parameter to...

CVE-2024-34534

A SQL injection vulnerability in Cybrosys Techno Solutions Text Commander module (aka text_commander) 16.0 through 16.0.1 allows a remote attacker to gain privileges via the data parameter to...

CVE-2024-34533

A SQL injection vulnerability in ZI PT Solusi Usaha Mudah Analytic Data Query module (aka izi_data) 11.0 through 17.x before 17.0.3 allows a remote attacker to gain privileges via a query to IZITools::query_check, IZITools::query_fetch, or...

CVE-2023-43526

Memory corruption while querying module parameters from Listen Sound model client in kernel from user...

nodejs:20 security update

An update is available for nodejs-packaging, module.nodejs-nodemon, module.nodejs-packaging, nodejs-nodemon. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list...

container-tools:rhel8 security and bug fix update

An update is available for libslirp, module.buildah, module.crun, buildah, fuse-overlayfs, udica, module.oci-seccomp-bpf-hook, module.netavark, module.runc, conmon, module.containers-common, python-podman, module.libslirp, module.aardvark-dns, module.fuse-overlayfs, runc, criu, aardvark-dns,...

httpd:2.4/mod_http2 security update

An update is available for httpd, mod_md, mod_http2, module.mod_md, module.mod_http2, module.httpd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The httpd...

nodejs:20 security update

An update is available for nodejs-nodemon, module.nodejs, nodejs, module.nodejs-nodemon, module.nodejs-packaging, nodejs-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each...

varnish security update

An update is available for module.varnish, varnish-modules, varnish, module.varnish-modules. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Varnish Cache is a.....

tigervnc security update

An update is available for tigervnc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Virtual Network Computing (VNC) is a remote display system which allows...

Important: container-tools:4.0 security update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix(es): buildah: full container escape at build time (CVE-2024-1753) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and...

DL1 bug fix update

An update is available for custodia, module.custodia, pyusb, python-qrcode, module.slapi-nis, module.pyusb, module.softhsm, python-jwcrypto, python-kdcproxy, module.opendnssec, module.python-kdcproxy, module.ipa, ipa-healthcheck, softhsm, module.python-jwcrypto, ipa, opendnssec, python-yubico,...

go-toolset:rhel8 security update

An update is available for module.golang, go-toolset, delve, module.go-toolset, module.delve, golang. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Go Toolset....

container-tools:4.0 security update

An update is available for libslirp, module.buildah, module.crun, buildah, fuse-overlayfs, udica, module.oci-seccomp-bpf-hook, module.runc, conmon, module.containers-common, python-podman, module.libslirp, module.fuse-overlayfs, runc, criu, module.toolbox, module.container-selinux,...

Important: container-tools:rhel8 security and bug fix update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Bug Fix(es): container_init_t does not possess ptrace process context [rhel-8.9.0.z] (JIRA:Rocky Linux-28923) Security Fix(es): podman: full container escape at build time...

OS Command Injection

sagemaker is vulnerable to OS Command Injection. The vulnerability is due to the capture_dependencies function in the sagemaker.serve.save_retrive.version_1_0_0.save.utils module. An attacker can execute arbitrary code or cause a denial of service by passing an inappropriate command as the...

Deserialization Of Untrusted Data

sagemaker is vulnerable to Deserialization of Untrusted Data. The vulnerability is due the deserialization of pickled object arrays within the sagemaker.base_deserializers.NumpyDeserializer module, which could allow an unprivileged third party to cause Remote Code Execution or Denial of Service...

(RHSA-2024:2697) Important: kpatch-patch security update

This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix(es): kernel: nf_tables: use-after-free vulnerability in the nft_verdict_init() function (CVE-2024-1086) kernel: GSM multiplexing race condition...

Docker Privileged Container Kernel Escape

...

CVE-2022-48688

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix kernel crash during module removal The driver incorrectly frees client instance and subsequent i40e module removal leads to kernel crash. Reproducer: 1. Do ethtool offline test followed immediately by another one host#...

CVE-2024-34469

Rukovoditel before 3.5.3 allows XSS via user_photo to...

[SECURITY] Fedora 38 Update: python-idna-3.7-1.fc38

A library to support the Internationalised Domain Names in Applications (ID NA) protocol as specified in RFC 5891 http://tools.ietf.org/html/rfc5891. Th is version of the protocol is often referred to as "IDNA2008" and can produce different results from the earlier standard from 2003. The...

[SECURITY] Fedora 39 Update: python-idna-3.7-1.fc39

A library to support the Internationalised Domain Names in Applications (ID NA) protocol as specified in RFC 5891 http://tools.ietf.org/html/rfc5891. Th is version of the protocol is often referred to as "IDNA2008" and can produce different results from the earlier standard from 2003. The...

Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link - Authentication Bypass

...

Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link - Device Config Disclosure

...

[SECURITY] [DLA 3807-1] glibc security update

Debian LTS Advisory DLA-3807-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk May 04, 2024 https://wiki.debian.org/LTS Package : glibc Version : 2.28-10+deb10u3 CVE ID :...

Security Bulletin: IBM Planning Analytics Workspace is affected by vulnerabilities in multiple Open Source Software (OSS) components

Summary There are vulnerabilities in multiple Open Source Software (OSS) components consumed by IBM Planning Analytics Workspace. These issues have been addressed in IBM Planning Analytics 2.1.2 and IBM Planning Analytics 2.0.95 by upgrading or removing the vulnerable libraries. Please refer to...

sagemaker-python-sdk Command Injection vulnerability

Impact The capture_dependencies function in sagemaker.serve.save_retrive.version_1_0_0.save.utils module before version 2.214.3 allows for potentially unsafe Operating System (OS) Command Injection if inappropriate command is passed as the “requirements_path” parameter. This consequently may allow....

sagemaker-python-sdk Command Injection vulnerability

Impact The capture_dependencies function in sagemaker.serve.save_retrive.version_1_0_0.save.utils module before version 2.214.3 allows for potentially unsafe Operating System (OS) Command Injection if inappropriate command is passed as the “requirements_path” parameter. This consequently may allow....

sagemaker-python-sdk vulnerable to Deserialization of Untrusted Data

Impact sagemaker.base_deserializers.NumpyDeserializer module before v2.218.0 allows potentially unsafe deserialization when untrusted data is passed as pickled object arrays. This consequently may allow an unprivileged third party to cause remote code execution, denial of service, affecting both...

sagemaker-python-sdk vulnerable to Deserialization of Untrusted Data

Impact sagemaker.base_deserializers.NumpyDeserializer module before v2.218.0 allows potentially unsafe deserialization when untrusted data is passed as pickled object arrays. This consequently may allow an unprivileged third party to cause remote code execution, denial of service, affecting both...

CVE-2022-48688

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix kernel crash during module removal The driver incorrectly frees client instance and subsequent i40e module removal leads to kernel crash. Reproducer: 1. Do ethtool offline test followed immediately by another one host#...

Metasploit Weekly Wrap-Up 05/03/24

Dump secrets inline This week, our very own cdelafuente-r7 added a significant improvement to the well-known Windows Secrets Dump module to reduce the footprint when dumping SAM hashes, LSA secrets and cached credentials. The module is now directly reading the Windows Registry remotely without...

CVE-2022-48688

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix kernel crash during module removal The driver incorrectly frees client instance and subsequent i40e module removal leads to kernel crash. Reproducer: 1. Do ethtool offline test followed immediately by another one...

CVE-2022-48688

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix kernel crash during module removal The driver incorrectly frees client instance and subsequent i40e module removal leads to kernel crash. Reproducer: 1. Do ethtool offline test followed immediately by another one host#...

CVE-2024-34073

sagemaker-python-sdk is a library for training and deploying machine learning models on Amazon SageMaker. In affected versions the capture_dependencies function in sagemaker.serve.save_retrive.version_1_0_0.save.utils module allows for potentially unsafe Operating System (OS) Command Injection if.....

CVE-2024-34072

sagemaker-python-sdk is a library for training and deploying machine learning models on Amazon SageMaker. The sagemaker.base_deserializers.NumpyDeserializer module before v2.218.0 allows potentially unsafe deserialization when untrusted data is passed as pickled object arrays. This consequently...

CVE-2024-34073

sagemaker-python-sdk is a library for training and deploying machine learning models on Amazon SageMaker. In affected versions the capture_dependencies function in sagemaker.serve.save_retrive.version_1_0_0.save.utils module allows for potentially unsafe Operating System (OS) Command Injection if.....

Security Bulletin: QRadar Suite Software includes components with multiple known vulnerabilities

Summary QRadar Suite Software includes components with known vulnerabilities. These have been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version. Vulnerability Details **...

CVE-2023-50225

TP-Link TL-WR902AC dm_fillObjByStr Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR902AC routers. Authentication is required to exploit this vulnerability. The.....

CVE-2023-42123

Control Web Panel mysql_manager Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Control Web Panel. Authentication is required to exploit this vulnerability. The specific flaw exists within the.....

CVE-2023-42120

Control Web Panel dns_zone_editor Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Control Web Panel. Authentication is required to exploit this vulnerability. The specific flaw exists within...