ICONICS GenBroker64, Platform Services, Workbench, FrameWorX Server Security Vulnerabilities

CVE-2024-5208

An uncontrolled resource consumption vulnerability exists in the upload-link endpoint of mintplex-labs/anything-llm. This vulnerability allows attackers to cause a denial of service (DOS) by shutting down the server through sending invalid upload requests. Specifically, the server can be made to...

CVE-2024-5208 Uncontrolled Resource Consumption in mintplex-labs/anything-llm

An uncontrolled resource consumption vulnerability exists in the upload-link endpoint of mintplex-labs/anything-llm. This vulnerability allows attackers to cause a denial of service (DOS) by shutting down the server through sending invalid upload requests. Specifically, the server can be made to...

CVE-2024-5208 Uncontrolled Resource Consumption in mintplex-labs/anything-llm

An uncontrolled resource consumption vulnerability exists in the upload-link endpoint of mintplex-labs/anything-llm. This vulnerability allows attackers to cause a denial of service (DOS) by shutting down the server through sending invalid upload requests. Specifically, the server can be made to...

Credential Leakage

org.keycloak, keycloak-core is vulnerable to Credential Leakage. The vulnerability is due to a lack of proper validation and enforcement when administrators change the LDAP Connection URL without requiring re-entry of the currently configured LDAP bind credentials. The vulnerability allows an...

CVE-2024-6132 Pexels: Free Stock Photos <= 1.2.2 - Authenticated (Contributor+) Arbitrary File Upload

The Pexels: Free Stock Photos plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'pexels_fsp_images_options_validate' function in all versions up to, and including, 1.2.2. This makes it possible for authenticated attackers, with...

CVE-2024-5853 Image Optimizer, Resizer and CDN – Sirv <= 7.2.6 - Authenticated (Contributor+) Arbitrary File Upload

The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the sirv_upload_file_by_chanks AJAX action in all versions up to, and including, 7.2.6. This makes it possible for authenticated attackers, with...

CVE-2024-6132 Pexels: Free Stock Photos <= 1.2.2 - Authenticated (Contributor+) Arbitrary File Upload

The Pexels: Free Stock Photos plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'pexels_fsp_images_options_validate' function in all versions up to, and including, 1.2.2. This makes it possible for authenticated attackers, with...

CVE-2024-5574 WP Magazine Modules Lite <= 1.1.2 - Authenticated (Contributor+) Local File Inclusion

The WP Magazine Modules Lite plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.1.2 via the 'blockLayout' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary files...

Denial Of Service (DoS)

github.com/stacklok/minder is vulnerable to Denial Of Service (DoS). The vulnerability is due to a lack of input validation within the Clone() method when handling Git URLs provided by Minder users. The vulnerability allows Minder users to clone large repositories without enforcing size limits,...

CVE-2024-3229

The Salon booking system plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the SLN_Action_Ajax_ImportAssistants function along with missing authorization checks in all versions up to, and including, 10.2. This makes it possible for unauthenticated.....

CVE-2024-3229

The Salon booking system plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the SLN_Action_Ajax_ImportAssistants function along with missing authorization checks in all versions up to, and including, 10.2. This makes it possible for unauthenticated.....

CVE-2024-3229 Salon Booking System <= 10.2 - Unauthenticated Arbitrary File Upload

The Salon booking system plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the SLN_Action_Ajax_ImportAssistants function along with missing authorization checks in all versions up to, and including, 10.2. This makes it possible for unauthenticated.....

CVE-2024-5021

The WordPress Picture / Portfolio / Media Gallery plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.0.1 via the 'file_get_contents' function. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations...

CVE-2024-5021

The WordPress Picture / Portfolio / Media Gallery plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.0.1 via the 'file_get_contents' function. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations...

CVE-2024-2381

The AliExpress Dropshipping with AliNext Lite plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ajax_save_image function in all versions up to, and including, 3.3.5. This makes it possible for authenticated attackers, with subscriber-level...

CVE-2024-2381

The AliExpress Dropshipping with AliNext Lite plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ajax_save_image function in all versions up to, and including, 3.3.5. This makes it possible for authenticated attackers, with subscriber-level...

CVE-2024-2381 AliExpress Dropshipping with AliNext Lite <= 3.3.5 - Authenticated (Subscriber+) Arbitrary File Upload

The AliExpress Dropshipping with AliNext Lite plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ajax_save_image function in all versions up to, and including, 3.3.5. This makes it possible for authenticated attackers, with subscriber-level...

CVE-2024-5021 WordPress Picture / Portfolio / Media Gallery <= 3.0.1 - Unauthenticated Server-Side Request Forgery

The WordPress Picture / Portfolio / Media Gallery plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.0.1 via the 'file_get_contents' function. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations...

[SECURITY] Fedora 40 Update: kitty-0.35.1-4.fc40

Offloads rendering to the GPU for lower system load and buttery smooth scrolling. Uses threaded rendering to minimize input latency. - Supports all modern terminal features: graphics (images), unicode, true-c olor, OpenType ligatures, mouse protocol, focus tracking, bracketed paste and ...

[SECURITY] Fedora 40 Update: webkitgtk-2.44.2-2.fc40

WebKitGTK is the port of the WebKit web rendering engine to the GTK...

curl: NULL dereference when encoding DN of x509 certificate

libcurl at commit 04739054cdac5a0614fb94e3655e313c03399f35 contains a NULL-dereference in function encodeDN() when parsing the certificate of a server during the TLS connect-phase. The vulnerable code is in lib/vtls/x509asn1.c:701: ```c static CURLcode encodeDN(struct dynbuf store, struct...

CVE-2024-6144

Actiontec WCB6200Q Multipart Boundary Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this...

CVE-2024-6146

Actiontec WCB6200Q uh_get_postdata_withupload Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this...

CVE-2024-6145

Actiontec WCB6200Q Cookie Format String Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specific flaw...

CVE-2024-6145

Actiontec WCB6200Q Cookie Format String Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specific flaw...

CVE-2024-6144

Actiontec WCB6200Q Multipart Boundary Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this...

CVE-2024-6146

Actiontec WCB6200Q uh_get_postdata_withupload Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this...

CVE-2024-6143

Actiontec WCB6200Q uh_tcp_recv_header Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The...

CVE-2024-6142

Actiontec WCB6200Q uh_tcp_recv_content Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The...

CVE-2024-6142

Actiontec WCB6200Q uh_tcp_recv_content Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The...

CVE-2024-6143

Actiontec WCB6200Q uh_tcp_recv_header Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The...

SUSE: Security Advisory (SUSE-SU-2024:2061-1)

The remote host is missing an update for...

SUSE SLES15 Security Update : podman (SUSE-SU-2024:2050-1)

The remote SUSE Linux SLES15 / SLES_SAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2050-1 advisory. - Update to version 4.9.5 - CVE-2024-3727: Fixed a flaw that allowed attackers to trigger unexpected authenticated registry...

MariaDB vulnerability

Releases Ubuntu 24.04 LTS Ubuntu 23.10 Ubuntu 22.04 LTS Packages mariadb - MariaDB database mariadb-10.6 - MariaDB database Details A security issue was discovered in MariaDB and this update includes new upstream MariaDB versions to fix the issue. MariaDB has been updated to 10.6.18 in Ubuntu...

Nextcloud Server < 23.0.12.17, 24.x < 24.0.12.13, 25.x < 25.0.13.8, 26.x < 26.0.13, 27.x < 27.1.8, 28.x < 28.0.4 Improper Access control Vulnerability (GHSA-jjm3-j9xh-5xmq)

Nextcloud Server is prone to an improper access control ...

SUSE SLES15 Security Update : booth (SUSE-SU-2024:2062-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2024:2062-1 advisory. - CVE-2024-3049: Fixed a vulnerability where a specially crafted hash can lead to invalid HMAC being accepted by Booth server. (bsc#1226032) ...

SUSE: Security Advisory (SUSE-SU-2024:2068-1)

The remote host is missing an update for...

RHEL 6 : vertx-core (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. io.vertx:vertx-core: memory leak when a TCP server is configured with TLS and SNI support (CVE-2024-1300) Note that...

Ubuntu: Security Advisory (USN-6818-4)

The remote host is missing an update for...

Ubuntu 22.04 LTS / 23.10 / 24.04 LTS : MariaDB vulnerability (USN-6839-1)

The remote Ubuntu 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6839-1 advisory. A security issue was discovered in MariaDB and this update includes new upstream MariaDB versions to fix the issue. MariaDB has been...

CentOS 7 : ipa (RHSA-2024:3760)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3760 advisory. A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the client's session key. This key is different for each new...

Fedora: Security Advisory for kitty (FEDORA-2024-15039ba9f9)

The remote host is missing an update for...

openSUSE: Security Advisory for booth (SUSE-SU-2024:2062-1)

The remote host is missing an update for...

openSUSE: Security Advisory for booth (SUSE-SU-2024:2063-1)

The remote host is missing an update for...

SUSE: Security Advisory (SUSE-SU-2024:2050-1)

The remote host is missing an update for...

SUSE: Security Advisory (SUSE-SU-2024:2082-1)

The remote host is missing an update for...

SUSE: Security Advisory (SUSE-SU-2024:2081-1)

The remote host is missing an update for...

SUSE SLES15 / openSUSE 15 Security Update : booth (SUSE-SU-2024:2063-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2063-1 advisory. - CVE-2024-3049: Fixed a vulnerability where a specially crafted hash can lead to invalid HMAC being accepted by Booth server....

openSUSE: Security Advisory for booth (SUSE-SU-2024:2040-1)

The remote host is missing an update for...

SUSE: Security Advisory (SUSE-SU-2024:2080-1)

The remote host is missing an update for...