FileBird – WordPress Media Library Folders & File Manager Security Vulnerabilities

SUSE: Security Advisory (SUSE-SU-2024:2180-1)

The remote host is missing an update for...

ROS-20240625-06

Vulnerability in TCP Initial Sequence Number Handler component of Tianocore EDK2 library is related to buffer overflow. buffer overflow. Exploitation of the vulnerability allows an attacker acting remotely to gain unauthorized access to confidential data. Unauthorized access to confidential data...

Ansible vulnerabilities

Releases Ubuntu 22.04 LTS Ubuntu 20.04 LTS Ubuntu 18.04 ESM Ubuntu 16.04 ESM Packages ansible - Configuration management, deployment, and task execution system Details It was discovered that Ansible incorrectly handled certain inputs when using tower_callback parameter. If a user or an...

Fedora: Security Advisory for python-PyMySQL (FEDORA-2024-b26f07d27b)

The remote host is missing an update for...

Debian dsa-5719 : emacs - security update

The remote Debian 11 / 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5719 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5719-1 [email protected] ...

EulerOS 2.0 SP11 : nghttp2 (EulerOS-SA-2024-1841)

According to the versions of the nghttp2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0 keeps reading the...

EulerOS 2.0 SP11 : glibc (EulerOS-SA-2024-1832)

According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting...

libheif vulnerabilities

Releases Ubuntu 23.10 Ubuntu 22.04 LTS Ubuntu 20.04 LTS Ubuntu 18.04 ESM Packages libheif - ISO/IEC 23008-12:2017 HEIF file format decoder - development file Details It was discovered that libheif incorrectly handled certain image data. An attacker could possibly use this issue to crash the...

EulerOS 2.0 SP11 : llvm (EulerOS-SA-2024-1818)

According to the versions of the llvm packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : LLVM 15.0.0 has a NULL pointer dereference in the parseOneMetadata() function via a crafted pdflatex.fmt file (or perhaps a crafted .o file) to...

WordPress < 6.5.5 - Contributor+ Stored XSS in HTML API

Description WordPress does not properly escape URL attributes in the HTML API, allowing high-privileged users to perform Stored Cross-Site Scripting (XSS)...

CVE-2024-37356

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix shift-out-of-bounds in dctcp_update_alpha(). In dctcp_update_alpha(), we use a module parameter dctcp_shift_g as follows: alpha -= min_not_zero(alpha, alpha &gt;&gt; dctcp_shift_g); ... delivered_ce &lt;&lt;= (10 -...

CVE-2024-33847

In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: don't allow unaligned truncation on released compress inode f2fs image may be corrupted after below testcase: - mkfs.f2fs -O extra_attr,compression -f /dev/vdb - mount /dev/vdb /mnt/f2fs - touch /mnt/f2fs/file -...

Debian dsa-5718 : elpa-org - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5718 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5718-1 [email protected] ...

Mageia: Security Advisory (MGASA-2024-0235)

The remote host is missing an update for...

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2024-1811)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2024-1832)

The remote host is missing an update for the Huawei...

SUSE SLES15 / openSUSE 15 Security Update : grafana and mybatis (SUSE-SU-2024:1530-2)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1530-2 advisory. grafana was updated to version 9.5.18: - Grafana now requires Go 1.20 - Security issues fixed: * CVE-2024-1313: Require same...

EulerOS 2.0 SP11 : nghttp2 (EulerOS-SA-2024-1820)

According to the versions of the nghttp2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0 keeps reading the...

EulerOS 2.0 SP11 : libyaml (EulerOS-SA-2024-1838)

According to the versions of the libyaml package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in yaml libyaml up to 0.2.5 and classified as critical. Affected by this issue is the function...

EulerOS 2.0 SP11 : llvm (EulerOS-SA-2024-1839)

According to the versions of the llvm packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : LLVM 15.0.0 has a NULL pointer dereference in the parseOneMetadata() function via a crafted pdflatex.fmt file (or perhaps a crafted .o file) to...

Fedora: Security Advisory for python-PyMySQL (FEDORA-2024-e7141ab284)

The remote host is missing an update for...

Faronics WINSelect Hardcoded Credentials / Bad Permissions / Unhashed Password

...

WordPress < 6.5.5 - Contributor+ Path Traversal in Template-Part Block

Description WordPress does not properly escape the "file" attribute in the "Template Part block" allowing high-privileged users to perform Path Traversal on Windows servers, leading to arbitrary File...

WordPress < 6.5.5 - Contributor+ Stored XSS in Template-Part Block

Description WordPress does not properly escape the "tagName" attribute in the "Template Part block" allowing high-privileged users to perform Stored Cross-Site Scripting (XSS)...

CVE-2024-36682

In the module "Theme settings" (pk_themesettings) &lt;= 1.8.8 from Promokit.eu for PrestaShop, a guest can download all email collected while SHOP is in maintenance mode. Due to a lack of permissions control, a guest can access the txt file which collect email when maintenance is enable which can.....

CVE-2024-36682

In the module "Theme settings" (pk_themesettings) &lt;= 1.8.8 from Promokit.eu for PrestaShop, a guest can download all email collected while SHOP is in maintenance mode. Due to a lack of permissions control, a guest can access the txt file which collect email when maintenance is enable which can.....

Security Bulletin: AIX is affected by a denial of service due to Python (CVE-2024-0450)

Summary Vulnerability in Python could allow a remote attacker to cause a denial of service (CVE-2024-0450). Python is used by AIX as part of Ansible node management automation. Vulnerability Details ** CVEID: CVE-2024-0450 DESCRIPTION: **Python CPython is vulnerable to a denial of service, caused.....

Updated python-werkzeug packages fix security vulnerability

Werkzeug is a comprehensive WSGI web application library. The debugger in affected versions of Werkzeug can allow an attacker to execute code on a developer's machine under some circumstances. This requires the attacker to get the developer to interact with a domain and subdomain they control, and....

Updated python-aiohttp packages fix security vulnerability

aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. A XSS vulnerability exists on index pages for static file handling. This vulnerability is fixed in 3.9.4. We have always recommended using a reverse proxy server (e.g. nginx) for serving static files. Users following...

Improper Restriction of XML External Entity Reference in org.cyclonedx:cyclonedx-core-java

Impact Before deserializing CycloneDX Bill of Materials in XML format, cyclonedx-core-java leverages XPath expressions to determine the schema version of the BOM. The DocumentBuilderFactory used to evaluate XPath expressions was not configured securely, making the library vulnerable to XML...

Improper Restriction of XML External Entity Reference in org.cyclonedx:cyclonedx-core-java

Impact Before deserializing CycloneDX Bill of Materials in XML format, cyclonedx-core-java leverages XPath expressions to determine the schema version of the BOM. The DocumentBuilderFactory used to evaluate XPath expressions was not configured securely, making the library vulnerable to XML...

CVE-2024-37732

Cross Site Scripting vulnerability in Anchor CMS v.0.12.7 allows a remote attacker to execute arbitrary code via a crafted .pdf...

CVE-2024-37732

Cross Site Scripting vulnerability in Anchor CMS v.0.12.7 allows a remote attacker to execute arbitrary code via a crafted .pdf...

CVE-2024-37732

Cross Site Scripting vulnerability in Anchor CMS v.0.12.7 allows a remote attacker to execute arbitrary code via a crafted .pdf...

go-retryablehttp can leak basic auth credentials to log files

go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp...

go-retryablehttp can leak basic auth credentials to log files

go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp...

CVE-2024-6104

go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp...

CVE-2024-6104

go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp...

CVE-2024-6104

go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp...

CVE-2024-6104

go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp...

CVE-2024-33880

An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. It discloses full pathnames via...

CVE-2024-33881

An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. The Virto.SharePoint.FileDownloader/Api/Download.ashx isCompleted method allows an NTLMv2 hash leak via a UNC share pathname in the path...

CVE-2024-33879

An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. The Virto.SharePoint.FileDownloader/Api/Download.ashx isCompleted method allows arbitrary file download and deletion via absolute path traversal in the path...

CVE-2024-33879

An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. The Virto.SharePoint.FileDownloader/Api/Download.ashx isCompleted method allows arbitrary file download and deletion via absolute path traversal in the path...

CVE-2024-33881

An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. The Virto.SharePoint.FileDownloader/Api/Download.ashx isCompleted method allows an NTLMv2 hash leak via a UNC share pathname in the path...

CVE-2024-33880

An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. It discloses full pathnames via...

CVE-2024-6104 go-retryablehttp can leak basic auth credentials to log files

go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp...

CVE-2024-6104 go-retryablehttp can leak basic auth credentials to log files

go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp...

Change Healthcare confirms the customer data stolen in ransomware attack

For the first time since news broke about a ransomware attack on Change Healthcare, the company has released details about the data stolen during the attack. First, a quick refresher: On February 21, 2024, Change Healthcare experienced serious system outages due to a cyberattack. The incident led.....

Exploit for CVE-2024-5806

CVE-2024-5806 Exploit for Progress MOVEit Transfer...