SP Project & Document Manager Security Vulnerabilities

CVE-2024-6212 SourceCodester Simple Student Attendance System student_form.php get_student cross site scripting

A vulnerability was found in SourceCodester Simple Student Attendance System 1.0 and classified as problematic. Affected by this issue is the function get_student of the file student_form.php. The manipulation of the argument id leads to cross site scripting. The attack may be launched remotely....

CVE-2024-34452

CMSimple_XH 1.7.6 allows XSS by uploading a crafted SVG...

Ivanti Endpoint Manager < 2022 SU4 Privilege Escalation (SA-2023-06-20)

A deserialization of untrusted data exists in EPM 2022 Su3 and all prior versions that allows an unauthenticated user to elevate rights. This exploit could potentially be used in conjunction with other OS (Operating System) vulnerabilities to escalate privileges on the machine or be used as a...

SUSE SLES15 / openSUSE 15 Security Update : php-composer2 (SUSE-SU-2024:2106-1)

The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2106-1 advisory. - CVE-2024-35241: Fixed code execution when installing packages in repository with specially crafted branch names...

CVE-2024-37672

Cross Site Scripting vulnerability in Tessi Docubase Document Management product 5.x allows a remote attacker to execute arbitrary code via the idactivity...

CVE-2024-37673

Cross Site Scripting vulnerability in Tessi Docubase Document Management product 5.x allows a remote attacker to execute arbitrary code via the filename...

SUSE: Security Advisory (SUSE-SU-2024:2106-1)

The remote host is missing an update for...

(Pwn2Own) HP Color LaserJet Pro MFP 4301fdw CFF Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of HP Color LaserJet Pro MFP 4301fdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of embedded fonts. The issue results...

SUSE SLED15 / SLES15 / openSUSE 15 : Recommended update for google-cloud SDK (SUSE-SU-SUSE-RU-2024:1637-2)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-SUSE-RU-2024:1637-2 advisory. - Add python311 cloud services packages and dependencies (jsc#PED-7987, jsc#PED-6697) - Bellow 5....

(Pwn2Own) Phoenix Contact CHARX SEC-3100 Config Manager Improper Input Validation Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Phoenix Contact CHARX SEC-3100 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CharxSystemConfigManager service, which listens on...

CVE-2024-37675

Cross Site Scripting vulnerability in Tessi Docubase Document Management product 5.x allows a remote attacker to execute arbitrary code via the parameter "sectionContent" related to the functionality of adding notes to an uploaded...

CVE-2024-37673

Cross Site Scripting vulnerability in Tessi Docubase Document Management product 5.x allows a remote attacker to execute arbitrary code via the filename...

CVE-2024-37671

Cross Site Scripting vulnerability in Tessi Docubase Document Management product 5.x allows a remote attacker to execute arbitrary code via the page...

Ivanti Endpoint Manager < 2022 SU3 Privilege Escalation (SA-2023-06-06)

A improper input validation vulnerability exists in Ivanti Endpoint Manager 2022 and below that could allow privilege escalation or remote code execution. Note that Nessus has not tested for these issues but has instead relied only on the service's self-reported version...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Base OS issues

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Base OS issues. We have updated the base image used by our Speech Services and the following vulnerabilities have been addressed. Please read the details for remediation below. Vulnerability Details...

Exploit for Path Traversal in Gitlab

CVE-2023-2825 (Unauthenticated) Directory traversal leads...

Malicious code in melichat-component-library (npm)

-= Per source details. Do not edit below this line.=- Source: ossf-package-analysis (1d7d152708054848a62109924487b7dcacac50e054b19a8682b3b0b26b279e6b) The OpenSSF Package Analysis project identified 'melichat-component-library' @ 1.1.0 (npm) as malicious. It is considered malicious because: The...

KrebsOnSecurity Threatened with Defamation Lawsuit Over Fake Radaris CEO

On March 8, 2024, KrebsOnSecurity published a deep dive on the consumer data broker Radaris, showing how the original owners are two men in Massachusetts who operated multiple Russian language dating services and affiliate programs, in addition to a dizzying array of people-search websites. The...

Malicious code in trip-component-platform-online-region-selector (npm)

-= Per source details. Do not edit below this line.=- Source: ghsa-malware (007878676d8487bbeba763b564d225daf11ed353d8624a1aa8e52264efe40497) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

BokuLoader - A Proof-Of-Concept Cobalt Strike Reflective Loader Which Aims To Recreate, Integrate, And Enhance Cobalt Strike's Evasion Features!

A proof-of-concept User-Defined Reflective Loader (UDRL) which aims to recreate, integrate, and enhance Cobalt Strike's evasion features! Contributors: Contributor | Twitter | Notable Contributions ---|---|--- Bobby Cooke | @0xBoku | Project original author and maintainer Santiago Pecin |...

Malicious code in webquickauth (PyPI)

-= Per source details. Do not edit below this line.=- Source: ossf-package-analysis (e838cec17c1006b567e2a70f9554fd2a040c9fb0cfdf8d753e81548c1ea02c49) The OpenSSF Package Analysis project identified 'webquickauth' @ 2.3.5 (pypi) as malicious. It is considered malicious because: The package...

Malicious code in wordpress-theme-core (npm)

-= Per source details. Do not edit below this line.=- Source: ossf-package-analysis (11ba6949abd5e27add3ceeb9c4709ae17be63d4831af09c7f34ca236d3b06b8e) The OpenSSF Package Analysis project identified 'wordpress-theme-core' @ 0.0.123 (npm) as malicious. It is considered malicious because: The...

AIX is vulnerable to security restrictions bypass due to cURL libcurl (CVE-2024-0853)

IBM SECURITY ADVISORY First Issued: Thu Jun 20 15:10:42 CDT 2024 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/curl_advisory5.asc Security Bulletin: AIX is vulnerable to security restrictions bypass due to cURL libcurl...

Execute commands by sending JSON? Learn how unsafe deserialization vulnerabilities work in Ruby projects

Can an attacker execute arbitrary commands on a remote server just by sending JSON? Yes, if the running code contains unsafe deserialization vulnerabilities. But how is that possible? In this blog post, we’ll describe how unsafe deserialization vulnerabilities work and how you can detect them in...

Researchers Uncover UEFI Vulnerability Affecting Multiple Intel CPUs

Cybersecurity researchers have disclosed details of a now-patched security flaw in Phoenix SecureCore UEFI firmware that affects multiple families of Intel Core desktop and mobile processors. Tracked as CVE-2024-0762 (CVSS score: 7.5), the "UEFIcanhazbufferoverflow" vulnerability has been...

Malicious code in tyk-developer-portal (npm)

-= Per source details. Do not edit below this line.=- Source: ossf-package-analysis (9470d0dbad461aef3c32477548b1436fddb07b774a50e7d8aba76571f473eb30) The OpenSSF Package Analysis project identified 'tyk-developer-portal' @ 1.0.0 (npm) as malicious. It is considered malicious because: The...

PCI DSS v4.0: What You Need to Know and What the End of v3.2.1 Means for the Future of Digital Payments

On March 31st, 2024, The Payments Card Industry Standards Security Council (PCI SSC) officially retired version 3.2.1 of the PCI Data Security Standard (PCI DSS) with the publication of its new sets of protocols and security standards for v4.0. With the continued rise in cyber threats against...

Wordfence Intelligence Weekly WordPress Vulnerability Report (June 10, 2024 to June 16, 2024)

_ Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? __Researchers can earn up to $10,400, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we handle all the...

Malicious code in storefront-h5-sdk (npm)

-= Per source details. Do not edit below this line.=- Source: ossf-package-analysis (3bdecd59d5667e506fd4f66d29c575454020e37384211ce8a27e463cd6971298) The OpenSSF Package Analysis project identified 'storefront-h5-sdk' @ 1.0.0 (npm) as malicious. It is considered malicious because: The package...

Exploit for Deserialization of Untrusted Data in Clear Clearml

CVE-2024-24590 Deserialization of untrusted data can occur in...

XWiki < 14.10.14 - Cross-Site Scripting

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. When document names are validated according to a name strategy (disabled by default), XWiki starting in version 12.0-rc-1 and prior to versions 12.10.12 and 15.5-rc-1 is vulnerable to a...

New Rust-based Fickle Malware Uses PowerShell for UAC Bypass and Data Exfiltration

A new Rust-based information stealer malware called Fickle Stealer has been observed being delivered via multiple attack chains with the goal of harvesting sensitive information from compromised hosts. Fortinet FortiGuard Labs said it's aware of four different distribution methods -- namely VBA...

Security Bulletin: IBM Watson Explorer affected by vulnerability in Apache ZooKeeper.(CVE-2024-23944)

Summary IBM Watson Explorer Foundational Components contains a vulnerable version of Apache ZooKeeper.(CVE-2024-23944) Vulnerability Details ** CVEID: CVE-2024-23944 DESCRIPTION: **Apache ZooKeeper could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw in...

Security Bulletin: Vulnerabilities in IBM WebSphere Application Server and WebSphere Application Server Liberty affect IBM Watson Explorer (CVE-2024-22354)

Summary IBM WebSphere Application Server and IBM WebSphere Application Server Liberty is used by IBM Watson Explorer. IBM Watson Explorer has addressed the applicable CVE (CVE-2024-22354). Vulnerability Details ** CVEID: CVE-2024-22354 DESCRIPTION: **IBM WebSphere Application Server 8.5, 9.0 and...

Malicious code in comet-chat-react-ui-kit (npm)

-= Per source details. Do not edit below this line.=- Source: ossf-package-analysis (9a6f38c4d9dd2413e237c8d146d5fcf11d04f613910b552a32a52b3e4cf199f6) The OpenSSF Package Analysis project identified 'comet-chat-react-ui-kit' @ 1.0.1 (npm) as malicious. It is considered malicious because: The...

Debian dla-3838 : composer - security update

The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3838 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3838-1 [email protected] ...

SUSE SLES15 Security Update : openssl-3 (SUSE-SU-2024:2088-1)

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2088-1 advisory. - CVE-2024-4741: Fixed a use-after-free with SSL_free_buffers. (bsc#1225551) Tenable has extracted the preceding description block directly.....

SUSE SLES15 Security Update : openssl-1_1 (SUSE-SU-2024:2089-1)

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2089-1 advisory. - CVE-2024-4741: Fixed a use-after-free with SSL_free_buffers. (bsc#1225551) Tenable has extracted the preceding description block directly.....

SUSE: Security Advisory (SUSE-SU-2024:2089-1)

The remote host is missing an update for...

SUSE: Security Advisory (SUSE-SU-2024:2088-1)

The remote host is missing an update for...

AnythingLLM Detected

This is an informational plugin to inform the user that the scanner has detected a publicly accessible AnythingLLM instance on the target application. AnythingLLM let you choose beetween differents LLM or vector database to use and allow to convert any document or content into references that the.....

Project Naptime: Evaluating Offensive Security Capabilities of Large Language Models

Posted by Sergei Glazunov and Mark Brand, Google Project Zero Introduction At Project Zero, we constantly seek to expand the scope and effectiveness of our vulnerability research. Though much of our work still relies on traditional methods like manual source code audits and reverse engineering,...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : gdk-pixbuf (SUSE-SU-2024:2077-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2077-1 advisory. gdk-pixbuf was updated to version 2.42.12: - Security issues fixed: * CVE-2022-48622: Fixed heap...

Important: booth

Issue Overview: A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcry_md_get_algo_dlen(), it may allow an invalid HMAC to be accepted by the Booth server. (CVE-2024-3049) Affected Packages: booth Note: This advisory is applicable to Amazon Linux 2...

CVE-2024-36117

Reposilite is an open source, lightweight and easy-to-use repository manager for Maven based artifacts in JVM ecosystem. Reposilite v3.5.10 is affected by an Arbitrary File Read vulnerability via path traversal while serving expanded javadoc files. Reposilite has addressed this issue in version...

CVE-2024-36117

Reposilite is an open source, lightweight and easy-to-use repository manager for Maven based artifacts in JVM ecosystem. Reposilite v3.5.10 is affected by an Arbitrary File Read vulnerability via path traversal while serving expanded javadoc files. Reposilite has addressed this issue in version...

CVE-2024-36115

Reposilite is an open source, lightweight and easy-to-use repository manager for Maven based artifacts in JVM ecosystem. As a Maven repository manager, Reposilite provides the ability to view the artifacts content in the browser, as well as perform administrative tasks via API. The problem lies in....

CVE-2024-36115

Reposilite is an open source, lightweight and easy-to-use repository manager for Maven based artifacts in JVM ecosystem. As a Maven repository manager, Reposilite provides the ability to view the artifacts content in the browser, as well as perform administrative tasks via API. The problem lies in....

CVE-2024-36116

Reposilite is an open source, lightweight and easy-to-use repository manager for Maven based artifacts in JVM ecosystem. Reposilite provides support for JavaDocs files, which are archives that contain documentation for artifacts. Specifically, JavadocEndpoints.kt controller allows to expand the...

CVE-2024-36116

Reposilite is an open source, lightweight and easy-to-use repository manager for Maven based artifacts in JVM ecosystem. Reposilite provides support for JavaDocs files, which are archives that contain documentation for artifacts. Specifically, JavadocEndpoints.kt controller allows to expand the...