GHSA-WM4W-7H2Q-3PF7 Matrix IRC Bridge truncated content of messages can be leaked

Impact The matrix-appservice-irc before version 2.0.0 can be exploited to leak the truncated body of a message if a malicious user sends a Matrix reply to an event ID they don't have access to. As a precondition to the attack, the malicious user needs to know the event ID of the message they want...

Important: unbound security update

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. The default combination ...

CVE-2024-31492

An external control of file name or path vulnerability CWE-73 in FortiClientMac version 7.2.3 and below, version 7.0.10 and below installer may allow a local attacker to execute arbitrary code or commands via writing a malicious configuration file in /tmp before starting the installation process...

CVE-2024-31492

An external control of file name or path vulnerability CWE-73 in FortiClientMac version 7.2.3 and below, version 7.0.10 and below installer may allow a local attacker to execute arbitrary code or commands via writing a malicious configuration file in /tmp before starting the installation process...

CVE-2024-31492

CVE-2024-31492 describes an external control of file name or path (CWE-73) in FortiClientMac installers: FortiClientMac versions 7.2.3 and below and 7.0.10 and below allow a local attacker to execute arbitrary code by writing a malicious configuration file in /tmp before installation. Fortinet PS...

CVE-2024-31492

An external control of file name or path vulnerability CWE-73 in FortiClientMac version 7.2.3 and below, version 7.0.10 and below installer may allow a local attacker to execute arbitrary code or commands via writing a malicious configuration file in /tmp before starting the installation process...

CVE-2024-31815

TOTOLINK EX200, version 4.0.3c.7314_B20191204, is exposed to an unauthorized disclosure of the device configuration via the /cgi-bin/ExportSettings.sh API endpoint. Multiple sources (CVE record, Red Hat security entry, CNVD/CNNVD summaries) align on a vulnerability described as improper privilege...

CVE-2024-31815

In TOTOLINK EX200 V4.0.3c.7314B20191204, an attacker can obtain the configuration file without authorization through /cgi-bin/ExportSettings.sh...

PT-2024-24223 · Totolink · Totolink Ex200

Name of the Vulnerable Software and Affected Versions: TOTOLINK EX200 version 4.0.3c.7314 B20191204 Description: An attacker can obtain the configuration file without authorization through the "/cgi-bin/ExportSettings.sh" API endpoint. Recommendations: For TOTOLINK EX200 version 4.0.3c.7314...

CVE-2024-31815

In TOTOLINK EX200 V4.0.3c.7314B20191204, an attacker can obtain the configuration file without authorization through /cgi-bin/ExportSettings.sh...

CVE-2024-29225

ELECOM wireless LAN routers allow a network-adjacent unauthenticated attacker to obtain the configuration file containing sensitive information by sending a specially crafted request...

CVE-2024-29225

ELECOM wireless LAN routers allow a network-adjacent unauthenticated attacker to obtain the configuration file containing sensitive information by sending a specially crafted request...

CVE-2024-29225

ELECOM wireless LAN routers allow a network-adjacent unauthenticated attacker to obtain the configuration file containing sensitive information by sending a specially crafted request...

CVE-2024-29225

The CVE-2024-29225 issue affects ELECOM WRC-X3200GST3-B (version ≤1.25) and WRC-G01-W (version ≤1.24). A network-adjacent, unauthenticated attacker can retrieve a sensitive configuration file by sending a crafted request, exposing stored credentials or configuration data. The Red Hat/NU vendor ad...

CVE-2023-46052

Sane 1.2.1 heap bounds overwrite in initoptions from backend/test.c via a long initmode string in a configuration file. NOTE: this is disputed because there is no expectation that test.c code should be executed with an attacker-controlled configuration file...

CVE-2023-46052

Sane 1.2.1 heap bounds overwrite in initoptions from backend/test.c via a long initmode string in a configuration file. NOTE: this is disputed because there is no expectation that test.c code should be executed with an attacker-controlled configuration file...

UBUNTU-CVE-2023-46052

DISPUTED Sane 1.2.1 heap bounds overwrite in initoptions from backend/test.c via a long initmode string in a configuration file. NOTE: this is disputed because there is no expectation that test.c code should be executed with an attacker-controlled configuration file...

Multiple vulnerabilities in ELECOM wireless LAN routers

Overview Multiple wireless LAN routers provided by ELECOM CO.,LTD. contain multiple vulnerabilities listed below. OS Command Injection CWE-78 - CVE-2024-25568 OS Command Injection CWE-78 - CVE-2024-26258 Exposure of Sensitive Information to an Unauthorized Actor CWE-200 - CVE-2024-29225 Chuya...

CVE-2023-46052

Sane 1.2.1 heap bounds overwrite in initoptions from backend/test.c via a long initmode string in a configuration file. NOTE: this is disputed because there is no expectation that test.c code should be executed with an attacker-controlled configuration file...

CVE-2023-46047

An issue in Sane 1.2.1 allows a local attacker to execute arbitrary code via a crafted file to the saneiconfigureattach function. NOTE: this is disputed because there is no expectation that the product should be starting with an attacker-controlled configuration file...