Fedora 37 : php (2022-f204e1d0ed)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-f204e1d0ed advisory. PHP version 8.1.12 27 Oct 2022 Core: Fixes segfault with Fiber on FreeBSD i386 architecture. David Carlier Fileinfo: Fixed bug GH-8805 finfo returns...

CVE-2024-36241

Mattermost versions 9.5.x = 9.5.3, 9.6.x = 9.6.1 and 8.1.x = 8.1.12 fail to enforce proper access controls which allows user to view arbitrary post contents via the /playbook add slash command...

CVE-2024-29215

Mattermost Server vulnerability CVE-2024-29215: Improper access control in slash commands linked to playbook tasks allows a user to run a slash command in a channel they are not a member of. Affected versions: Mattermost 9.5.x up to 9.5.3; 9.7.x up to 9.7.1; 9.6.x up to 9.6.1; 8.1.x up to 8.1.12....

CVE-2024-31859 Member promoted to channel admin via playbooks run linking to channel

Mattermost versions 9.5.x = 9.5.3, 9.6.x = 9.6.1 and 8.1.x = 8.1.12 fail to perform proper authorization checks which allows a member running a playbook in an existing channel to be promoted to a channel admin...

CVE-2024-4183

Mattermost versions 8.1.x before 8.1.12, 9.6.x before 9.6.1, 9.5.x before 9.5.3, 9.4.x before 9.4.5 fail to limit the number of active sessions, which allows an authenticated attacker to crash the server via repeated requests to the getSessions API after flooding the sessions table...

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability exists in Mattermost that stems from the presence of an issue where a team administrator can demote a user to guest via an HTTP request. The vulnerability affects the following...

WordPress plugin ActiveCampaign 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

ActiveCampaign < 8.1.12 - Contributor+ Stored XSS

The plugin does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks As a contributor, add a "AC Forms" Gutenberg block to a...

CVE-2022-37454 affecting package php for versions less than 8.1.12-1

CVE-2022-37454 affecting package php for versions less than 8.1.12-1. An upgraded version of the package is available that resolves this issue...

Chocolatey PHP Permission Design Vulnerability

PHP is a scripting language that executes on the server side. A privilege design vulnerability exists in the Chocolatey PHP package v8.1.12 and below, which originates from all users in the Authenticated users group having write access to the subfolder C:\tools\php81 and all files in that folder,...

CVE-2022-43566

In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, an authenticated user can run risky commands using a more privileged user’s permissions to bypass SPL safeguards for risky commands https://docs.splunk.com/Documentation/SplunkCloud/latest/Security/SPLsafeguards in the Analytics...

CVE-2022-43568

In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, a View allows for a Reflected Cross Site Scripting via JavaScript Object Notation JSON in a query parameter when outputmode=radio...

CVE-2022-43569

In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, an authenticated user can inject and store arbitrary scripts that can lead to persistent cross-site scripting XSS in the object name of a Data Model...

CVE-2022-43565

In Splunk Enterprise versions below 8.2.9 and 8.1.12, the way that the ‘tstats command handles Javascript Object Notation JSON lets an attacker bypass SPL safeguards for risky commands https://docs.splunk.com/Documentation/SplunkCloud/latest/Security/SPLsafeguards . The vulnerability requires the...

CVE-2022-43572

In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, sending a malformed file through the Splunk-to-Splunk S2S or HTTP Event Collector HEC protocols to an indexer results in a blockage or denial-of-service preventing further indexing...

PT-2022-26967 · Splunk · Splunk Enterprise

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 8.1.12 Splunk Enterprise versions prior to 8.2.9 Splunk Enterprise versions prior to 9.0.2 Description: A remote user who can create search macros and schedule search reports can cause a denial of service...

PT-2022-26972 · Splunk · Splunk Enterprise

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 8.1.12 Splunk Enterprise versions prior to 8.2.9 Splunk Enterprise versions prior to 9.0.2 Description: The issue allows an authenticated user to inject and store arbitrary scripts, leading to persistent...

PT-2022-26966 · Splunk · Splunk Enterprise

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 8.2.9 Splunk Enterprise versions prior to 8.1.12 Description: The issue arises from how the rex search command handles field names, allowing an attacker to bypass SPL safeguards for risky commands. This...

PT-2022-26968 · Splunk · Splunk Enterprise

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 8.2.9 Splunk Enterprise versions prior to 8.1.12 Description: The issue arises from how the tstats command handles Javascript Object Notation JSON, allowing an attacker to bypass SPL safeguards for risky...

CVE-2022-43571

In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, an authenticated user can execute arbitrary code through the dashboard PDF generation component...