WordPress Backup & Migration Security Vulnerabilities

SSH-Private-Key-Looting-Wordlists - A Collection Of Wordlists To Aid In Locating Or Brute-Forcing SSH Private Key File Names

SSH Private Key Looting Wordlists. A Collection Of Wordlists To Aid In Locating Or Brute-Forcing SSH Private Key File Names. LFI for Lateral Movement? Gain SSH Access? ?file=../../../../../../../../home/user/.ssh/id_rsa ?file=../../../../../../../../home/user/.ssh/id_rsa-cert SSH Private Key...

Fedora: Security Advisory for slf4j (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for...

[SECURITY] Fedora 40 Update: slf4j-1.7.32-12.fc40

The Simple Logging Facade for Java or (SLF4J) is intended to serve as a simple facade for various logging APIs allowing to the end-user to plug in the desired implementation at deployment time. SLF4J also allows for a gradual migration path away from Jakarta Commons Logging (JCL). Logging API...

Security Bulletin: AIX is vulnerable to security restrictions bypass due to cURL libcurl (CVE-2023-46218)

Summary Vulnerability in cURL libcurl could allow a remote attacker to bypass security restrictions (CVE-2023-46218). AIX uses cURL libcurl as part of rsyslog, LV/PV encryption integration with HPCS and in Live Update for interacting with HMC. Vulnerability Details ** CVEID: CVE-2023-46218 ...

Securing the Next Level: Automated Cloud Defense in Game Development with InsightCloudSec

Imagine the following scenario: You're about to enjoy a strategic duel on chess.com or dive into an intense battle in Fortnite, but as you log in, you find your hard-earned achievements, ranks, and reputation have vanished into thin air. This is not just a hypothetical scenario but a real...

Wordfence Intelligence Weekly WordPress Vulnerability Report (February 26, 2024 to March 3, 2024)

Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 121 vulnerabilities disclosed in 88...

CVE-2023-52588

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to tag gcing flag on page during block migration It needs to add missing gcing flag on page during block migration, in order to garantee migrated data be persisted during checkpoint, otherwise out-of-order persistency...

AIX is vulnerable to security restrictions bypass due to cURL libcurl (CVE-2023-46218)

IBM SECURITY ADVISORY First Issued: Wed Mar 6 15:05:06 CST 2024 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/curl_advisory4.asc Security Bulletin: AIX is vulnerable to security restrictions bypass due to cURL libcurl...

(RHSA-2024:1188) Moderate: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: out-of-bounds write in hw_atl_utils_fw_rpc_wait() in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c (CVE-2021-43975) kernel: memory leak in drivers/hid/hid-elo.c...

BIT-gitlab-2021-39913

Accidental logging of system root password in the migration log in all versions of GitLab CE/EE before 14.2.6, all versions starting from 14.3 before 14.3.4, and all versions starting from 14.4 before 14.4.1 allows an attacker with local file system access to obtain system root-level...

BIT-tensorflow-2022-29205

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, there is a potential for segfault / denial of service in TensorFlow by calling tf.compat.v1.* ops which don't yet have support for quantized types, which was added after migration to...

BIT-tensorflow-2022-29207

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, multiple TensorFlow operations misbehave in eager mode when the resource handle provided to them is invalid. In graph mode, it would have been impossible to perform these API calls, but...

BIT-moodle-2021-3943

A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. A remote code execution risk when restoring backup files was...

BIT-solr-2020-13941

Reported in SOLR-14515 (private) and fixed in SOLR-14561 (public), released in Solr version 8.6.0. The Replication handler (https://lucene.apache.org/solr/guide/8_6/index-replication.html#http-api-commands-for-the-replicationhandler) allows commands backup, restore and deleteBackup. Each of these.....

BIT-solr-2023-50386

Improper Control of Dynamically-Managed Code Resources, Unrestricted Upload of File with Dangerous Type, Inclusion of Functionality from Untrusted Control Sphere vulnerability in Apache Solr.This issue affects Apache Solr: from 6.0.0 through 8.11.2, from 9.0.0 before 9.4.1.In the affected...

BIT-moodle-2022-40314

A remote code execution risk when restoring backup files originating from Moodle 1.9 was...

BIT-percona-xtrabackup-2020-10997

Percona XtraBackup before 2.4.20 unintentionally writes the command line to any resulting backup file output. This may include sensitive arguments passed at run time. In addition, when --history is passed at run time, this command line is also written to the PERCONA_SCHEMA.xtrabackup_history...

BIT-percona-xtrabackup-binary-2020-10997

Percona XtraBackup before 2.4.20 unintentionally writes the command line to any resulting backup file output. This may include sensitive arguments passed at run time. In addition, when --history is passed at run time, this command line is also written to the PERCONA_SCHEMA.xtrabackup_history...

BIT-percona-xtrabackup-2022-26944

Percona XtraBackup 2.4.20 unintentionally writes the command line to any resulting backup file output. This may include sensitive arguments passed at run time. In addition, when --history is passed at run time, this command line is also written to the PERCONA_SCHEMA.xtrabackup_history table. NOTE:....

BIT-percona-xtrabackup-binary-2022-26944

Percona XtraBackup 2.4.20 unintentionally writes the command line to any resulting backup file output. This may include sensitive arguments passed at run time. In addition, when --history is passed at run time, this command line is also written to the PERCONA_SCHEMA.xtrabackup_history table. NOTE:....

BIT-moodle-2023-28330

Insufficient sanitizing in backup resulted in an arbitrary file read risk. The capability to access this feature is only available to teachers, managers and admins by...

BIT-gitea-2022-38795

In Gitea through 1.17.1, repo cloning can occur in the migration...

CVE-2023-52588

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to tag gcing flag on page during block migration It needs to add missing gcing flag on page during block migration, in order to garantee migrated data be persisted during checkpoint, otherwise out-of-order persistency...

CVE-2023-52588

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to tag gcing flag on page during block migration It needs to add missing gcing flag on page during block migration, in order to garantee migrated data be persisted during checkpoint, otherwise out-of-order persistency...

CVE-2023-52588

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to tag gcing flag on page during block migration It needs to add missing gcing flag on page during block migration, in order to garantee migrated data be persisted during checkpoint, otherwise out-of-order persistency...

Spoofing

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to tag gcing flag on page during block migration It needs to add missing gcing flag on page during block migration, in order to garantee migrated data be persisted during checkpoint, otherwise out-of-order persistency...

CVE-2023-52588 f2fs: fix to tag gcing flag on page during block migration

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to tag gcing flag on page during block migration It needs to add missing gcing flag on page during block migration, in order to garantee migrated data be persisted during checkpoint, otherwise out-of-order persistency...

CVE-2023-52588

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to tag gcing flag on page during block migration It needs to add missing gcing flag on page during block migration, in order to garantee migrated data be persisted during checkpoint, otherwise out-of-order persistency...

Artica Proxy 4.40 / 4.50 Local File Inclusion / Traversal

...

Artica Proxy 4.40 / 4.50 Local File Inclusion / Traversal Vulnerability

...

RHEL 8 : kernel (RHSA-2024:1188)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1188 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: out-of-bounds write in...

Artica Proxy 4.40 / 4.50 Authentication Bypass / Privilege Escalation Vulnerability

The Rich Filemanager feature of Artica Proxy versions 4.40 and 4.50 provides a web-based interface for file management capabilities. When the feature is enabled, it does not require authentication by default, and runs as the root user. This provides an unauthenticated attacker complete access to...

Artica Proxy 4.40 / 4.50 Authentication Bypass / Privilege Escalation

...

(RHSA-2024:1147) Moderate: rear security update

Relax-and-Recover is a recovery and system migration utility. The utility produces a bootable image and restores from backup using this image. It allows to restore to different hardware and can therefore be also used as a migration utility. Security Fix(es): rear: creates a world-readable initrd...

Moderate: rear security update

Relax-and-Recover is a recovery and system migration utility. The utility produces a bootable image and restores from backup using this image. It allows to restore to different hardware and can therefore be also used as a migration utility. Security Fix(es): rear: creates a world-readable initrd...

CentOS: Security Advisory for squid (CESA-2023:6805)

The remote host is missing an update for...

This Week in Spring - March 5th, 2024

Hi, Spring fans! Welcome to another exciting roundup of This Week in Spring! I expect many of you are reading this for the first time, especially with Facebook and Instagram being down. People have been exploring all the other lesser-known corners of the web, looking for their daily "doom scroll."....

Moderate: rear security update

Relax-and-Recover is a recovery and system migration utility. The utility produces a bootable image and restores from backup using this image. It allows to restore to different hardware and can therefore be also used as a migration utility. Security Fix(es): rear: creates a world-readable initrd...

Backup and Restore WordPress < 1.50 - Unauthenticated Sensitive Data Exposure

Description The plugin does not protect some log files containing sensitive information such as site configuration etc, allowing unauthenticated users to access such data. PoC 1) There is a lot of sensitive data and most importantly, you can download this logs to your machine and read it. These...

Artica Proxy Unauthenticated File Manager Vulnerability

Vulnerability Details Affected Vendor: Artica Affected Product: Artica Proxy Affected Version: 4.40 and 4.50 Platform: Debian 10 LTS CWE Classification: CWE-288: Authentication Bypass Using an Alternate Path or Channel, CWE-552: Files or Directories...

Multilaser RE160V / RE160 URL Manipulation Access Bypass Vulnerability

Multilaser RE160V web management interface versions 12.03.01.08_pt and 12.03.01.09_pt along with RE160 versions 5.07.51_pt_MTL01 and 5.07.52_pt_MTL01 suffer from an access control bypass vulnerability through URL...

Multilaser RE160V Header Manipulation Access Bypass Vulnerability

Multilaser RE160V web management interface versions 12.03.01.09_pt and 12.03.01.10_pt suffer from an access control bypass vulnerability through header...

Multilaser RE160 Cookie Manipulation Access Bypass Vulnerability

Multilaser RE160 versions 5.07.51_pt_MTL01 and 5.07.52_pt_MTL01 suffer from an access control bypass vulnerability through cookie...

RHEL 9 : rear (RHSA-2024:1147)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:1147 advisory. Relax-and-Recover is a recovery and system migration utility. The utility produces a bootable image and restores from backup using this image. It...

Artica Proxy Unauthenticated LFI Protection Bypass Vulnerability

Vulnerability Details Affected Vendor: Artica Affected Product: Artica Proxy Affected Version: 4.40 and 4.50 Platform: Debian 10 LTS CWE Classification: CWE-23: Relative Path Traversal CVE ID: CVE-2024-2053 Vulnerability Description The Artica Proxy administrative web application attempts...

Backup and Restore WordPress < 1.50 - Unauthenticated Sensitive Data Exposure

Description The plugin does not protect some log files containing sensitive information such as site configuration etc, allowing unauthenticated users to access such...

openSUSE: Security Advisory for qemu (SUSE-SU-2023:4056-1)

The remote host is missing an update for...

openSUSE: Security Advisory for tar (SUSE-SU-2023:0463-1)

The remote host is missing an update for...

openSUSE: Security Advisory for opera (openSUSE-SU-2023:0338-1)

The remote host is missing an update for...

openSUSE: Security Advisory for SUSE Manager Server 4.2 (SUSE-SU-2023:2594-1)

The remote host is missing an update for...