Media Library Folder & File Manager Security Vulnerabilities
A flaw was found in azure-file-csi-driver. Anyone with access to the driver logs could observe service account tokens. These tokens could then potentially be exchanged with external cloud providers to access secrets stored in cloud vault...
azure-file-csi-driver leaks service account tokens in the logs
A security issue was discovered in azure-file-csi-driver where an actor with access to the driver logs could observe service account tokens. These tokens could then potentially be exchanged with external cloud providers to access secrets stored in cloud vault solutions. Tokens are only logged when....
azure-file-csi-driver leaks service account tokens in the logs
A security issue was discovered in azure-file-csi-driver where an actor with access to the driver logs could observe service account tokens. These tokens could then potentially be exchanged with external cloud providers to access secrets stored in cloud vault solutions. Tokens are only logged when....
Summary The IBM Security Directory Integrator was vulnerable to multiple security vulnerabilities in the Eclipse Jetty component. This was addressed in version 10 of the IBM Security Directory Integrator. Vulnerability Details ** CVEID: CVE-2017-9735 DESCRIPTION: **Jetty could allow a remote...
9.8CVSS
9AI Score
0.802EPSS
Security Advisory Description CVE-2024-21054 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network...
4.9CVSS
6AI Score
0.001EPSS
SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2024:1648-1)
The remote SUSE Linux SLED12 / SLED_SAP12 / SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1648-1 advisory. In the Linux kernel, the following vulnerability has been resolved: netlabel: fix out-of-bounds memory ...
SUSE SLES12 Security Update : kernel (SUSE-SU-2024:1646-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1646-1 advisory. In the Linux kernel, the following vulnerability has been resolved: netlabel: fix out-of-bounds memory accesses There are two array...
WhatsApp Desktop < 0.3.9309 Persistent Cross-Site Scripting (CVE-2019-18426)
The version of WhatsApp Desktop installed on the remote Windows host is prior to 0.3.9309. It is, therefore, affected by a persistent cross-site scripting vulnerability. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version...
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:1644-1)
The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1644-1 advisory. In the Linux kernel, the following vulnerability has been resolved: spi: spi-zynqmp-gqspi: return -ENOMEM if...
Adobe Acrobat Reader Font gvar GlyphVariationData out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2024-1946 Adobe Acrobat Reader Font gvar GlyphVariationData out-of-bounds read vulnerability May 15, 2024 CVE Number CVE-2024-30311 SUMMARY An out-of-bounds read vulnerability exists in the Font functionality of Adobe Acrobat Reader 2023.008.20470.A specially...
SUSE SLES15 Security Update : kernel (SUSE-SU-2024:1641-1)
The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1641-1 advisory. In the Linux kernel, the following vulnerability has been resolved: spi: spi-zynqmp-gqspi: return -ENOMEM if dma_map_single...
Juniper Junos OS Vulnerability (JSA75759)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA75759 advisory. An Access of Memory Location After End of Buffer vulnerability in the Layer-2 Control Protocols Daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved allows...
Security Updates for Microsoft Office Online Server (May 2023)
The Microsoft Office Web Apps installation on the remote host is missing a security update. It is, therefore, affected by the following: Microsoft Excel is affected by a remote code execution vulnerability. (CVE-2024-30042) Note that Nessus has not tested for this issue but has instead relied...
F5 Networks BIG-IP : BIG-IP Configuration utility XSS vulnerability (K000138894)
The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.10.4 / 16.1.4.3 / 17.1.1.3. It is, therefore, affected by a vulnerability as referenced in the K000138894 advisory. A reflected cross-site scripting (XSS) vulnerability exist in undisclosed page of the BIG-IP...
Security Updates for Microsoft Office Products C2R (May 2024)
The Microsoft Office Products are missing a security update. It is, therefore, affected by the following vulnerability: Microsoft Excel is affected by a remote code execution vulnerability. (CVE-2024-30042) Note that Nessus has not tested for this issue but has instead relied only on the...
Adobe Acrobat Reader Font CPAL numColorRecords out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2024-1952 Adobe Acrobat Reader Font CPAL numColorRecords out-of-bounds read vulnerability May 15, 2024 CVE Number CVE-2024-30312 SUMMARY An out-of-bounds read vulnerability exists in the Font functionality of Adobe Acrobat Reader 2023.008.20533.A specially crafted.....
K000139594 : libxml2 vulnerability CVE-2022-40304
Security Advisory Description An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked. (CVE-2022-40304). Impact This vulnerability allows a...
7.8CVSS
7.2AI Score
0.001EPSS
According to its self-reported version, the Cisco Integrated Management Controller Web-Based Management Interface is affected by a command injection vulnerability. Due to insufficient user input validation, an authenticated, remote attacker with Administrator-level privileges could perform command....
Security Advisory Description CVE-2024-21049 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols...
4.9CVSS
6AI Score
0.0004EPSS
9.1CVSS
0.0004EPSS
SUSE SLED12 / SLES12 Security Update : SUSE Manager Client Tools Beta (SUSE-SU-2024:1629-1)
The remote SUSE Linux SLED12 / SLED_SAP12 / SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1629-1 advisory. base/logging.c in Nagios Core before 4.2.4 allows local users with access to an account in the nagios ...
F5 Networks BIG-IP : BIG-IP SSL vulnerability (K000138912)
The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.10.4 / 16.1.4.3 / 17.1.1.3. It is, therefore, affected by a vulnerability as referenced in the K000138912 advisory. When an SSL profile with alert timeout is configured with a non-default value on a virtual...
F5 Networks BIG-IP : BIG-IP Configuration utility XSS vulnerability (K000138636)
The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.10.4 / 16.1.4.3 / 17.1.1.3. It is, therefore, affected by a vulnerability as referenced in the K000138636 advisory. A stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP ...
SolarWinds Access Rights Manager Hard-Coded Credentials Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of SolarWinds Access Rights Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of a RabbitMQ instance. The issue results from the use.....
8.6CVSS
F5 Networks BIG-IP : BIG-IP APM browser network access VPN client vulnerability (K000138744)
The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.10.3 / 16.1.4.2 / 17.1.1. It is, therefore, affected by a vulnerability as referenced in the K000138744 advisory. An origin validation vulnerability exists in BIG-IP APM browser network access VPN client for...
This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Access Rights Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...
9CVSS
SUSE SLES15 Security Update : kernel (SUSE-SU-2024:1642-1)
The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1642-1 advisory. In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix stack OOB read while fragmenting IPv4...
K000139615 : Node.js vulnerability CVE-2024-27982
Security Advisory Description The team has identified a critical vulnerability in the http server of the most recent version of Node, where malformed headers can lead to HTTP request smuggling. Specifically, if a space is placed before a content-length header, it is not interpreted correctly,...
6.5CVSS
6.5AI Score
0.0004EPSS
K000139616 : MySQL vulnerability CVE-2024-21051
Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise...
4.9CVSS
6AI Score
0.0004EPSS
SUSE SLES15 Security Update : perl (SUSE-SU-2024:1630-1)
The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1630-1 advisory. Race condition in the rmtree and remove_tree functions in the File-Path module before 2.13 for Perl allows attackers to set...
Microsoft Azure Migrate Auto Update < 6.1.294.1008 XSS
The version of Microsoft Azure Migrate installed on the remote Windows host is prior to 6.1.294.1008. It is, therefore, affected by a cross-site scripting vulnerability. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version...
F5 Networks BIG-IP : TMM vulnerability (K000139037)
The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.4 / 17.1.1. It is, therefore, affected by a vulnerability as referenced in the K000139037 advisory. When BIG-IP AFM is licensed and provisioned, undisclosed DNS traffic can cause the Traffic Management Microkernel...
This vulnerability allows remote attackers to execute arbitrary code on affected installations of NI FlexLogger. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...
7.8CVSS
SUSE SLES12 Security Update : kernel (SUSE-SU-2024:1643-1)
The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1643-1 advisory. In the Linux kernel, the following vulnerability has been resolved: netlabel: fix out-of-bounds memory accesses There are two...
In the Linux kernel, the following vulnerability has been resolved: io_uring/af_unix: disable sending io_uring over sockets File reference cycles have caused lots of problems for io_uring in the past, and it still doesn't work exactly right and races with unix_stream_read_generic(). The safest fix....
7AI Score
0.0004EPSS
Grafana folders admin only permission privilege escalation
Today we are releasing Grafana 9.1.6, 9.0.9, 8.5.13. This patch release includes a Moderate severity security fix for CVE-2022-36062 that affects Grafana instances which are using Grafana role-based access control (RBAC). Release 9.1.6, latest patch, also containing security fix: Download Grafana.....
3.8CVSS
4.4AI Score
0.001EPSS
Grafana folders admin only permission privilege escalation
Today we are releasing Grafana 9.1.6, 9.0.9, 8.5.13. This patch release includes a Moderate severity security fix for CVE-2022-36062 that affects Grafana instances which are using Grafana role-based access control (RBAC). Release 9.1.6, latest patch, also containing security fix: Download Grafana.....
3.8CVSS
7AI Score
0.001EPSS
containerd started with non-empty inheritable Linux process capabilities
Impact A bug was found in containerd where containers were incorrectly started with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capabilities to elevate those capabilities to the permitted set during...
containerd started with non-empty inheritable Linux process capabilities
Impact A bug was found in containerd where containers were incorrectly started with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capabilities to elevate those capabilities to the permitted set during...
NATS server TLS missing ciphersuite settings when CLI flags used
(This advisory is canonically https://advisories.nats.io/CVE/CVE-2021-32026.txt) Problem Description The NATS server by default uses a restricted set of modern ciphersuites for TLS. This selection can be overridden through configuration. The defaults include just RSA and ECDSA with either AES/GCM.....
6.8AI Score
NATS server TLS missing ciphersuite settings when CLI flags used
(This advisory is canonically https://advisories.nats.io/CVE/CVE-2021-32026.txt) Problem Description The NATS server by default uses a restricted set of modern ciphersuites for TLS. This selection can be overridden through configuration. The defaults include just RSA and ECDSA with either AES/GCM.....
dotmesh arbitrary file read and/or write
Dotmesh is a git-like command-line interface for capturing, organizing and sharing application states. In versions 0.8.1 and prior, the unsafe handling of symbolic links in an unpacking routine may enable attackers to read and/or write to arbitrary locations outside the designated target...
8.1CVSS
0.0004EPSS
dotmesh arbitrary file read and/or write
Dotmesh is a git-like command-line interface for capturing, organizing and sharing application states. In versions 0.8.1 and prior, the unsafe handling of symbolic links in an unpacking routine may enable attackers to read and/or write to arbitrary locations outside the designated target...
8.1CVSS
6.3AI Score
0.0004EPSS
Dotmesh is a git-like command-line interface for capturing, organizing and sharing application states. In versions 0.8.1 and prior, the unsafe handling of symbolic links in an unpacking routine may enable attackers to read and/or write to arbitrary locations outside the designated target...
8.1CVSS
7.3AI Score
0.0004EPSS
Summary The following security vulnerabilities are addressed with IBM Process Mining 1.14.4 IF001 Vulnerability Details ** CVEID: CVE-2024-22259 DESCRIPTION: **VMware Tanzu Spring Framework could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability in...
9.8CVSS
8.8AI Score
0.005EPSS
GHSL-2020-254: Arbitrary file read and/or write in dotmesh
Dotmesh is a git-like command-line interface for capturing, organizing and sharing application states. In versions 0.8.1 and prior, the unsafe handling of symbolic links in an unpacking routine may enable attackers to read and/or write to arbitrary locations outside the designated target...
6.7AI Score
Patch Tuesday, May 2024 Edition
Microsoft today released updates to fix more than 60 security holes in Windows computers and supported software, including two "zero-day" vulnerabilities in Windows that are already being exploited in active attacks. There are also important security patches available for macOS and Adobe users,...
8.8CVSS
8.4AI Score
PrestaShop cross-site scripting via customer contact form in FO, through file upload
Impact Only PrestaShops with customer-thread feature flag enabled are impacted, starting from PrestaShop 8.1.0. The impact is substantial, when the customer thread feature flag is enabled, through the front-office contact form, a hacker can upload a malicious file containing an XSS that will be...
9.6CVSS
9.1AI Score
PrestaShop cross-site scripting via customer contact form in FO, through file upload
Impact Only PrestaShops with customer-thread feature flag enabled are impacted, starting from PrestaShop 8.1.0. The impact is substantial, when the customer thread feature flag is enabled, through the front-office contact form, a hacker can upload a malicious file containing an XSS that will be...
9.6CVSS
9AI Score
Scrapy allows redirect following in protocols other than HTTP
Impact Scrapy was following redirects regardless of the URL protocol, so redirects were working for data://, file://, ftp://, s3://, and any other scheme defined in the DOWNLOAD_HANDLERS setting. However, HTTP redirects should only work between URLs that use the http:// or https:// schemes. A...