Leaflet Maps Marker (Google Maps, OpenStreetMap, Bing Maps) Security Vulnerabilities

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: grype, cluster-autoscaler, temporal, external-dns, influxd, kubernetes-csi-external-attacher, terraform-provider-aws, osv-scanner, containerd, hubble-ui, gomplate, terraform, boring-registry, prometheus, k8sgpt-operator, ctop, cilium, kwok, crossplane-provider-aws,...

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: grype, cluster-autoscaler, temporal, external-dns, influxd, kubernetes-csi-external-attacher, terraform-provider-aws, osv-scanner, containerd, hubble-ui, gomplate, terraform, boring-registry, prometheus, k8sgpt-operator, ctop, cilium, kwok, crossplane-provider-aws,...

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: kubernetes-csi-external-attacher, osv-scanner, containerd, gomplate, k8sgpt-operator, cluster-api-controller, crossplane-provider-aws, kubernetes-ingress-defaultbackend, neuvector-scanner, newrelic-nri-statsd, prometheus-node-exporter, bank-vaults, go,...

GHSA-4V7X-PQXF-CX7M vulnerabilities

Vulnerabilities for packages: kubernetes-csi-external-attacher, osv-scanner, containerd, gomplate, k8sgpt-operator, cluster-api-controller, crossplane-provider-aws, kubernetes-ingress-defaultbackend, neuvector-scanner, newrelic-nri-statsd, prometheus-node-exporter, bank-vaults, go,...

GHSA-9763-4F94-GFCH vulnerabilities

Vulnerabilities for packages: slsa-verifier, scorecard, aactl, gitness, wolfictl, boring-registry, crossplane, kubevela, apko, sops, crossplane-provider-aws, keda, zot, flux-image-automation-controller, flux-source-controller, pulumi-language-yaml, tekton-chains, terraform-provider-google, kaniko,....

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: chartmuseum, prometheus-mongodb-exporter-fips, aws-efs-csi-driver-fips, cert-manager-fips, rekor, kubeflow-pipelines, pulumi-language-dotnet, azure-aad-pod-identity-mic, gatekeeper, nfs-subdir-external-provisioner, flux-notification-controller-2.0,...

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: hello-world-golang, cni-plugins, gobump, chartmuseum, prometheus-mongodb-exporter-fips, go-bindata, wireguard-go, aws-efs-csi-driver-fips, cert-manager-fips, rekor, kubeflow-pipelines, pulumi-language-dotnet, azure-aad-pod-identity-mic, http-echo, gatekeeper,...

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: chartmuseum, prometheus-mongodb-exporter-fips, aws-efs-csi-driver-fips, cert-manager-fips, rekor, kubeflow-pipelines, pulumi-language-dotnet, azure-aad-pod-identity-mic, gatekeeper, nfs-subdir-external-provisioner, flux-notification-controller-2.0,...

GHSA-4V7X-PQXF-CX7M vulnerabilities

Vulnerabilities for packages: hello-world-golang, cni-plugins, gobump, chartmuseum, prometheus-mongodb-exporter-fips, go-bindata, wireguard-go, aws-efs-csi-driver-fips, cert-manager-fips, rekor, kubeflow-pipelines, pulumi-language-dotnet, azure-aad-pod-identity-mic, http-echo, gatekeeper,...

GHSA-9763-4F94-GFCH vulnerabilities

Vulnerabilities for packages: boring-registry, flux-kustomize-controller, sops, tkn, flux-notification-controller, pulumi-kubernetes-operator, cosign, flux-kustomize-controller-2.0, goreleaser, kubevela, crossplane, terraform-provider-google, scorecard, spire-server-fips, wolfictl,...

CVE-2024-4264

A remote code execution (RCE) vulnerability exists in the berriai/litellm project due to improper control of the generation of code when using the eval function unsafely in the litellm.get_secret() method. Specifically, when the server utilizes Google KMS, untrusted data is passed to the eval...

CVE-2024-4264 Remote Code Execution in berriai/litellm

A remote code execution (RCE) vulnerability exists in the berriai/litellm project due to improper control of the generation of code when using the eval function unsafely in the litellm.get_secret() method. Specifically, when the server utilizes Google KMS, untrusted data is passed to the eval...

random_compat Uses insecure CSPRNG

random_compat versions prior to 2.0 are affected by a security vulnerability related to the insecure usage of Cryptographically Secure Pseudo-Random Number Generators (CSPRNG). The affected versions use openssl_random_pseudo_bytes(), which may result in insufficient entropy and compromise the...

onelogin/php-saml signature wrapping attacks

Vulnerability in onelogin/php-saml versions prior to 2.10.0 allows signature Wrapping attacks which may result in a malicious user gaining unauthorized access to a...

onelogin/php-saml Improper signature validation on LogoutRequest/LogoutResponse.

In order to verify Signatures on Logoutrequests and LogoutResponses we use the verifySignature of the class XMLSecurityKey from the xmlseclibs library. That method end up calling openssl_verify() depending on the signature algorithm used. The openssl_verify() function returns 1 when the signature.....

nzo/url-encryptor-bundle Insecure default secret key and IV allowing anyone to decrypt values

Versions of nzo/url-encryptor-bundle prior to 5.0.1 and 4.3.2 are affected by a security vulnerability related to the lack of mandatory key and IV requirements. By default, the bundle uses the aes-256-ctr algorithm, which is susceptible to malleability attacks, potentially leading to Insecure...

Flow Swift Mailer package Remote code execution

A remote code execution vulnerability has been found in the Swift Mailer library (swiftmailer/swiftmailer) recently. See this advisory for details. If you are not using the default mail() transport, this particular problem does not affect you. Upgrading is of course still...

Cross-site Scripting vulnerabilities in Neos

It has been discovered that Neos is vulnerable to several XSS attacks. Through these vulnerabilities, an attacker could tamper with page rendering, redirect victims to a fake login page, or capture user credentials (such as cookies). With the potential backdoor upload an attacker could gain access....

Privilege Escalation in TYPO3 Neos

It has been discovered that TYPO3 Neos is vulnerable to Privilege Escalation. Logged in editors could access, create and modify content nodes that exist in the workspace of other...

Time-Based Information Disclosure Vulnerability in Flow

The PersistedUsernamePasswordProvider was prone to a information disclosure of account existance based on timing attacks as the hashing of passwords was only done in case an account was found. We changed the core so that the provider always does a password comparison in case credentials were...

Neos Information Disclosure Security Note

Due to reports it has been validated that internal workspaces in Neos are accessible without authentication. Some users assumed this is a planned feature but it is not. A workspace preview should be an additional feature with respective security measures in place. Note that this only allows...

Neos Flow Information disclosure in entity security

If you had used entity security and wanted to secure entities not just based on the user's role, but on some property of the user (like the company he belongs to), entity security did not work properly together with the doctrine query cache. This could lead to other users re-using SQL queries from....

Neos Flow Arbitrary file upload and XML External Entity processing

It has been discovered that Flow 3.0.0 allows arbitrary file uploads, inlcuding server-side scripts, posing the risk of attacks. If those scripts are executed by the server when accessed through their public URL, anything not blocked through other means is possible (information disclosure,...

Insecure deserialize Vulnerability in FLOW3

Due to a missing signature (HMAC) for a request argument, an attacker could unserialize arbitrary objects within FLOW3. To our knowledge it is neither possible to inject code through this vulnerability, nor are there exploitable objects within the FLOW3 Base Distribution. However, there might be...

namshi/jose - Verification bypass

Several widely-used JSON Web Token (JWT) libraries, including node-jsonwebtoken, pyjwt, namshi/jose, php-jwt, and jsjwt, are affected by critical vulnerabilities that could allow attackers to bypass the verification step when using asymmetric keys (RS256, RS384, RS512, ES256, ES384,...

namshi/jose insecure JSON Web Signatures (JWS)

namshi/jose allows the acceptance of unsecure JSON Web Signatures (JWS) by default. The vulnerability arises from the $allowUnsecure flag, which, when set to true during the loading of JWSes, permits tokens signed with 'none' algorithms to be processed. This behavior poses a significant security...

Exploit for CVE-2024-29895

CVE-2024-29895 - RCE ON CACTI [!WARNING] This is an...

CVE-2024-4671

Use after free in Visuals in Google Chrome prior to 124.0.6367.201 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) Mitigation Red Hat has investigated whether a possible...

CVE-2024-35190

Asterisk is an open source private branch exchange and telephony toolkit. After upgrade to 18.23.0, ALL unauthorized SIP requests are identified as PJSIP Endpoint of local asterisk server. This vulnerability is fixed in 18.23.1, 20.8.1, and...

Submariner Operator sets unnecessary RBAC permissions in helm charts

A flaw was found in the Submariner project. Due to unnecessary role-based access control permissions, a privileged attacker can run a malicious container on a node that may allow them to steal service account tokens and further compromise other nodes and potentially the entire...

CVE-2023-47683

Improper Privilege Management vulnerability in miniOrange WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) allows Privilege Escalation.This issue affects WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn): from n/a through...

CVE-2023-44478

Cross-Site Request Forgery (CSRF) vulnerability in WP Hive Events Rich Snippets for Google allows Exploitation of Trusted Credentials.This issue affects Events Rich Snippets for Google: from n/a through...

CVE-2023-47683 WordPress Social Login, Social Sharing by miniOrange plugin <= 7.6.6 - Authenticated Privilege Escalation vulnerability

Improper Privilege Management vulnerability in miniOrange WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) allows Privilege Escalation.This issue affects WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn): from n/a through...

CVE-2023-44478 WordPress Events Rich Snippets for Google plugin <= 1.8 - CSRF Leading to Privilege Escalation vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in WP Hive Events Rich Snippets for Google allows Exploitation of Trusted Credentials.This issue affects Events Rich Snippets for Google: from n/a through...

Security Bulletin: IBM Operational Decision Manager for April 2024 - Multiple CVEs addressed

Summary IBM Operational Decision Manager is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed. Vulnerability Details ** CVEID:...

bind9 - security update

Bulletin has no...

thunderbird - security update

Bulletin has no...

Mageia: Security Advisory (MGASA-2024-0178)

The remote host is missing an update for...

Huawei EulerOS: Security Advisory for libwebp (EulerOS-SA-2024-1689)

The remote host is missing an update for the Huawei...

chromium - security update

Bulletin has no...

CVE-2023-46103

Sequence of processor instructions leads to unexpected behavior in Intel(R) Core(TM) Ultra Processors may allow an authenticated user to potentially enable denial of service via local...

CVE-2023-45745

Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local...

CVE-2023-45733

Hardware logic contains race conditions in some Intel(R) Processors may allow an authenticated user to potentially enable partial information disclosure via local...

ConsoleMe has an Arbitrary File Read Vulnerability via Limited Git command

ID: NFLX-2024-002 Impact Authenticated users can achieve limited RCE in ConsoleMe, restricted to flag inputs on a single CLI command. Due to this constraint, it is not currently known whether full RCE is possible but it is unlikely. However, a specific flag allows authenticated users to read any...

Updated chromium-browser-stable packages fix security vulnerabilities

The chromium-browser-stable package has been updated to the 124.0.6367.207 release. It includes 4 security fixes. Please, do note, only x86_64 is supported from now on. i586 support for linux was stopped some years ago and the community is not able to provide patches anymore for the latest...

Exploit for CVE-2024-29895

Cacti RCE - CVE-2024-29895 Usage: `python3...

Rounding up some of the major headlines from RSA

While I one day wish to make it to the RSA Conference in person, I've never had the pleasure of making the trek to San Francisco for one of the largest security conferences in the U.S. Instead, I had to watch from afar and catch up on the internet every day like the common folk. This at least...

Denial of service of Minder Server with attacker-controlled REST endpoint

The Minder REST ingester is vulnerable to a denial of service attack via an attacker-controlled REST endpoint that can crash the Minder server. The REST ingester allows users to interact with REST endpoints to fetch data for rule evaluation. When fetching data with the REST ingester, Minder sends.....

REXML contains a denial of service vulnerability

Impact The REXML gem before 3.2.6 has a DoS vulnerability when it parses an XML that has many <s>

linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities

Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-47233)...