UBUNTU-CVE-2024-50184

In the Linux kernel, the following vulnerability has been resolved: virtiopmem: Check device status before requesting flush If a pmem device is in a bad status, the driver side could wait for host ack forever in virtiopmemflush, causing the system to hang. So add a status check in the beginning o...

CVE-2023-52045

Studio-42 eLfinder 2.1.62 contains a filename restriction bypass leading to a persistent Cross-site Scripting XSS vulnerability...

CVE-2023-52045

Studio-42 eLfinder 2.1.62 contains a filename restriction bypass leading to a persistent Cross-site Scripting XSS vulnerability...

CVE-2023-52045

CVE-2023-52045 affects Studio-42 elFinder 2.1.62, where a filename restriction bypass leads to a persistent XSS vulnerability. Impact: stored XSS via crafted filenames; context is in elFinder file handling. Remediation: upgrade to elFinder 2.1.63 or higher (as reported by Snyk/Veracode/Red Hat re...

Important: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.17.0 Security, Enhancement, & Bug Fix Update

Updated images that include numerous enhancements, security, and bug fixes are now available for Red Hat OpenShift Data Foundation 4.17.0 on Red Hat Enterprise Linux 9. Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container...

Cookiebot + GTM - Moderately critical - Cross Site Scripting - SA-CONTRIB-2024-055

This module makes it possible for you to integrate Cookiebot and Google Tag Manager in a fast and simple way. The module doesn't sufficiently filter for malicious script leading to a persistent cross site scripting XSS vulnerability...

JetBrains Hub Improper Access Control Vulnerability

JetBrains Hub is a Web-based identity management service launched by JetBrains, which is mainly used for centralized management of YouTrack, TeamCity and other team collaboration tools such as user authentication, permission assignment and project collaboration. JetBrains Hub suffers from an...

JetBrains Hub 安全漏洞

JetBrains Hub is a Web-based identity management service launched by JetBrains, which is mainly used for centralized management of YouTrack, TeamCity and other team collaboration tools such as user authentication, permission assignment and project collaboration. JetBrains Hub suffers from an...

Malicious npm Packages Target Developers' Ethereum Wallets with SSH Backdoor

Cybersecurity researchers have discovered a number of suspicious packages published to the npm registry that are designed to harvest Ethereum private keys and gain remote access to the machine via the secure shell SSH protocol. The packages attempt to "gain SSH access to the victim's machine by...

Unmasking Lumma Stealer: Analyzing Deceptive Tactics with Fake CAPTCHA

Summary Lumma Stealer is an information-stealing malware available through a Malware-as-a-Service MaaS. It specializes in stealing sensitive data such as passwords, browser information, and cryptocurrency wallet details. The attacker has advanced its tactics, moving from traditional phishing to...

SideWinder APT Strikes Middle East and Africa With Stealthy Multi-Stage Attack

An advanced persistent threat APT actor with suspected ties to India has sprung forth with a flurry of attacks against high-profile entities and strategic infrastructures in the Middle East and Africa. The activity has been attributed to a group tracked as SideWinder, which is also known as...

Malicious code in jifa-frontend (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c700c6936dcb6a2eb1fbff5232aa1305e7e989c7ce3ce5ef847c3efc413f04e4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in mp3-file-zip-d-ownload-push-the-sky-away-m86s1-rigirm (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware aa43de94a064d8c602ce88408a0fab3a3c1d87c658eaa342cd9dff9c3fdb624b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in new-al-bum-av-ailable-2014-15374-tourniquets-hacksaws-and-graves-53p3g-eabxqr (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e55ad95ce8db20fb7a4867c68d83feef1239cd52cd8a74058f49cb9c9d443daf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2024-45741 Persistent Cross-Site Scripting (XSS) via props.conf on Splunk Enterprise

In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108 and 9.1.2312.205, a low-privileged user that does not hold the "admin" or "power" Splunk roles could create a malicious payload through a custom configuration file that the "api.uri" paramete...

Important: bubblewrap

Issue Overview: A sandbox escape vulnerability was found in Flatpak due to a symlink-following issue when mounting persistent directories. This flaw allows a local user or attacker to craft a symbolic link that can bypass the intended restrictions, enabling access to and modification of files...

Malicious code in request-ip-check (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1e096389994e4f977393f6e6f087f2fdaa9aae5f79ffaa89122d7e6bb72f083a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-9233 Malicious code in foldl (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d2abd5909394808c19b6d87a3b9b46e6356ee553bed6e8fe55dfa696dc0908b6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in numeral-light (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0745207c17df1a5cbcd760a28f72def582f071d4860ce74387cd251b4556c1a8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in updated-script-retail-tycoon-2-script-h-a-c-k-9u9pw3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 10991d290106057e87a9d1c0c73b0dd03e2ccad25e2eaef6547a2feb1551f4c0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...