Media Library Folder & File Manager Security Vulnerabilities

Security Bulletin: AIX is vulnerable to a denial of service due to libxml2 (CVE-2024-25062)

Summary Vulnerability in libxml2 could allow a remote attacker to cause a denial of service (CVE-2024-25062). AIX uses libxml2 as part of its XML parsing functions. Vulnerability Details ** CVEID: CVE-2024-25062 DESCRIPTION: **GNOME libxml2 is vulnerable to a denial of service, caused by a...

CVE-2024-34363

Envoy is a cloud-native, open source edge and service proxy. Due to how Envoy invoked the nlohmann JSON library, the library could throw an uncaught exception from downstream data if incomplete UTF-8 strings were serialized. The uncaught exception would cause Envoy to...

CVE-2024-34363

Envoy is a cloud-native, open source edge and service proxy. Due to how Envoy invoked the nlohmann JSON library, the library could throw an uncaught exception from downstream data if incomplete UTF-8 strings were serialized. The uncaught exception would cause Envoy to...

CVE-2024-34363 Envoy can crash due to uncaught nlohmann JSON exception

Envoy is a cloud-native, open source edge and service proxy. Due to how Envoy invoked the nlohmann JSON library, the library could throw an uncaught exception from downstream data if incomplete UTF-8 strings were serialized. The uncaught exception would cause Envoy to...

CVE-2024-37273

An arbitrary file upload vulnerability in the /v1/app/appendFileSync interface of Jan v0.4.12 allows attackers to execute arbitrary code via uploading a crafted...

CVE-2024-37273

An arbitrary file upload vulnerability in the /v1/app/appendFileSync interface of Jan v0.4.12 allows attackers to execute arbitrary code via uploading a crafted...

CVE-2024-36858

An arbitrary file upload vulnerability in the /v1/app/writeFileSync interface of Jan v0.4.12 allows attackers to execute arbitrary code via uploading a crafted...

CVE-2024-36858

An arbitrary file upload vulnerability in the /v1/app/writeFileSync interface of Jan v0.4.12 allows attackers to execute arbitrary code via uploading a crafted...

CVE-2024-36857

Jan v0.4.12 was discovered to contain an arbitrary file read vulnerability via the /v1/app/readFileSync...

CVE-2024-36857

Jan v0.4.12 was discovered to contain an arbitrary file read vulnerability via the /v1/app/readFileSync...

CVE-2024-25095

Insertion of Sensitive Information into Log File vulnerability in Code Parrots Easy Forms for Mailchimp.This issue affects Easy Forms for Mailchimp: from n/a through...

CVE-2024-25095

Insertion of Sensitive Information into Log File vulnerability in Code Parrots Easy Forms for Mailchimp.This issue affects Easy Forms for Mailchimp: from n/a through...

CVE-2024-25095 WordPress Easy Forms for Mailchimp plugin <= 6.9.0 - Sensitive Data Exposure via Log File vulnerability

Insertion of Sensitive Information into Log File vulnerability in Code Parrots Easy Forms for Mailchimp.This issue affects Easy Forms for Mailchimp: from n/a through...

malicious container creates symlink "mtab" on the host External

Impact A malicious container can affect the host by taking advantage of code cri-o added to show the container mounts on the host. A workload built from this Dockerfile: ``` FROM docker.io/library/busybox as source RUN mkdir /extra && cd /extra && ln -s ../../../../../../../../root etc FROM...

malicious container creates symlink "mtab" on the host External

Impact A malicious container can affect the host by taking advantage of code cri-o added to show the container mounts on the host. A workload built from this Dockerfile: ``` FROM docker.io/library/busybox as source RUN mkdir /extra && cd /extra && ln -s ../../../../../../../../root etc FROM...

apko Exposure of HTTP basic auth credentials in log output

Summary Exposure of HTTP basic auth credentials from repository and keyring URLs in log output Details There was a handful of instances where the apko tool was outputting error messages and log entries where HTTP basic authentication credentials were exposed for one of two reasons: The%s verb was.....

apko Exposure of HTTP basic auth credentials in log output

Summary Exposure of HTTP basic auth credentials from repository and keyring URLs in log output Details There was a handful of instances where the apko tool was outputting error messages and log entries where HTTP basic authentication credentials were exposed for one of two reasons: The%s verb was.....

Security Bulletin: IBM QRadar SIEM is vulnerable to AJP Smuggling (CVE-2022-26377)

Summary IBM QRadar SIEM is vulnerable to AJP Smuggling to Response Queue Poisoning. This vulnerability has been addressed in the update. Vulnerability Details ** CVEID: CVE-2022-26377 DESCRIPTION: **Apache HTTP Server is vulnerable to HTTP request smuggling, caused by an inconsistent...

Flooding Server with Thumbnail files

Details 1. All Imagick supported Fileformats are served without filtering The Thumbnail endpoint does not check against any filters what file formats should be served. We can transcode the image in all formats imagemagick supports. With that we can create Files that are much larger in filesize...

Flooding Server with Thumbnail files

Details 1. All Imagick supported Fileformats are served without filtering The Thumbnail endpoint does not check against any filters what file formats should be served. We can transcode the image in all formats imagemagick supports. With that we can create Files that are much larger in filesize...

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation Fixes for May 2024.

Summary In addition to OS level package updates, multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.3-IF033 and 23.0.2-IF005. Vulnerability Details ** CVEID: CVE-2024-21501 DESCRIPTION: **Node.js sanitize-html module could allow a remote attacker to...

CVE-2024-36963

In the Linux kernel, the following vulnerability has been resolved: tracefs: Reset permissions on remount if permissions are options There's an inconsistency with the way permissions are handled in tracefs. Because the permissions are generated when accessed, they default to the root inode's...

CVE-2024-36961

In the Linux kernel, the following vulnerability has been resolved: thermal/debugfs: Fix two locking issues with thermal zone debug With the current thermal zone locking arrangement in the debugfs code, user space can open the "mitigations" file for a thermal zone before the zone's debugfs pointer....

Security Bulletin: Due to use of IBM® SDK Java™ Technology Edition, IBM Tivoli Monitoring (ITM) components is vulnerable to a local authenticated attacker to bypass security restrictions.

Summary A vulnerabilitiy in IBM® SDK Java™ Technology Edition that is shipped as part of multiple IBM Tivoli Monitoring (ITM) components. CVE-2024-3933 Vulnerability Details ** CVEID: CVE-2024-3933 DESCRIPTION: **Eclipse Openj9 could allow a local authenticated attacker to bypass security...

AIX is vulnerable to denial of service due to ISC BIND

IBM SECURITY ADVISORY First Issued: Tue Jun 4 16:06:25 CDT 2024 |Updated: Wed Jun 5 08:17:08 CDT 2024 |Update: Corrected the affected fileset levels to reflect that | bind.rte 7.1.916.2604 and 7.3.916.2601 are vulnerable. The most recent version of this document is available here:...

Access Restriction Bypass in go-ipfs in github.com/ipfs/go-ipfs

Access Restriction Bypass in go-ipfs in...

Owncast vulnerable to arbitrary file deletion in emoji.go (GHSL-2023-277) in github.com/owncast/owncast

Owncast vulnerable to arbitrary file deletion in emoji.go (GHSL-2023-277) in...

Apache Answer Unrestricted Upload of File with Dangerous Type vulnerability in github.com/apache/incubator-answer

Apache Answer Unrestricted Upload of File with Dangerous Type vulnerability in...

Pebble service manager's file pull API allows access by any user in github.com/canonical/pebble

Pebble service manager's file pull API allows access by any user in...

azure-file-csi-driver leaks service account tokens in the logs in sigs.k8s.io/azurefile-csi-driver

azure-file-csi-driver leaks service account tokens in the logs in...

Sensitive Information leak via Log File in Kubernetes in k8s.io/kubernetes

Sensitive Information leak via Log File in Kubernetes in...

Pterodactyl Wings vulnerable to improper isolation of server file access in github.com/pterodactyl/wings

Pterodactyl Wings vulnerable to improper isolation of server file access in...

Pterodactyl Wings vulnerable to Arbitrary File Write/Read in github.com/pterodactyl/wings

Pterodactyl Wings vulnerable to Arbitrary File Write/Read in...

CVE-2024-32871

Pimcore is an Open Source Data & Experience Management Platform. The Pimcore thumbnail generation can be used to flood the server with large files. By changing the file extension or scaling factor of the requested thumbnail, attackers can create files that are much larger in file size than the...

CVE-2024-32871

Pimcore is an Open Source Data & Experience Management Platform. The Pimcore thumbnail generation can be used to flood the server with large files. By changing the file extension or scaling factor of the requested thumbnail, attackers can create files that are much larger in file size than the...

CVE-2024-32871

Pimcore is an Open Source Data & Experience Management Platform. The Pimcore thumbnail generation can be used to flood the server with large files. By changing the file extension or scaling factor of the requested thumbnail, attackers can create files that are much larger in file size than the...

Typo3 Arbitrary File Disclosure in Form Component

Failing to properly validate user input, the form component is susceptible to Arbitrary File Disclosure. A valid backend user account is needed to exploit this vulnerability. Only forms are vulnerable, which contain upload...

Typo3 Arbitrary File Disclosure in Form Component

Failing to properly validate user input, the form component is susceptible to Arbitrary File Disclosure. A valid backend user account is needed to exploit this vulnerability. Only forms are vulnerable, which contain upload...

TotalCloud Insights: Securing Your Data—The Power of Encryption in Preventing Threats

Introduction Did you know there is a 90% failure rate for encryption-related controls of MySQL Server in Microsoft Azure? The issue isn't confined to Azure; in Google Cloud Platform (GCP) environments there is a 98% failure rate of encryption-related controls for both compute engine and storage...

XML External Entity (XXE) Processing in TYPO3 Core

All XML processing within the TYPO3 CMS are vulnerable to XEE processing. This can lead to load internal and/or external (file) content within an XML structure. Furthermore it is possible to inject arbitrary files for an XML Denial of Service attack. For more information on that topic see...

XML External Entity (XXE) Processing in TYPO3 Core

All XML processing within the TYPO3 CMS are vulnerable to XEE processing. This can lead to load internal and/or external (file) content within an XML structure. Furthermore it is possible to inject arbitrary files for an XML Denial of Service attack. For more information on that topic see...

CVE-2024-32871 Pimcore Vulnerable to Flooding Server with Thumbnail files

Pimcore is an Open Source Data & Experience Management Platform. The Pimcore thumbnail generation can be used to flood the server with large files. By changing the file extension or scaling factor of the requested thumbnail, attackers can create files that are much larger in file size than the...

CVE-2024-35629

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Wow-Company Easy Digital Downloads – Recent Purchases allows PHP Remote File Inclusion.This issue affects Easy Digital Downloads – Recent Purchases: from n/a through...

CVE-2024-35629

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Wow-Company Easy Digital Downloads – Recent Purchases allows PHP Remote File Inclusion.This issue affects Easy Digital Downloads – Recent Purchases: from n/a through...

CVE-2024-35634

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Wow-Company Woocommerce – Recent Purchases allows PHP Local File Inclusion.This issue affects Woocommerce – Recent Purchases: from n/a through...

CVE-2024-35634

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Wow-Company Woocommerce – Recent Purchases allows PHP Local File Inclusion.This issue affects Woocommerce – Recent Purchases: from n/a through...

CVE-2024-34552

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Select-Themes Stockholm allows PHP Local File Inclusion.This issue affects Stockholm: from n/a through...

CVE-2024-34551

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Select-Themes Stockholm allows PHP Local File Inclusion.This issue affects Stockholm: from n/a through...

CVE-2024-34551

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Select-Themes Stockholm allows PHP Local File Inclusion.This issue affects Stockholm: from n/a through...

CVE-2024-34554

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Select-Themes Stockholm Core allows PHP Local File Inclusion.This issue affects Stockholm Core: from n/a through...