The vulnerabilities of the LoadIndexFile() and DownloadIndexFile() functions in the repo package, as well as the LoadDir() function in the plugin package of the Kubernetes Helm package manager, allow a malicious actor to cause service interruptions.

The vulnerability of the LoadIndexFile and DownloadIndexFile functions in the repo package, as well as the LoadDir function in the plugin package of the Kubernetes Helm package manager, is related to the use of uninitialized variables during the processing of index.yaml and plugin.yaml files...

Information Leakage

@electron/packager is vulnerable to Information Leakage. The vulnerability is due to improper memory allocation during the bundling process, which can expose sensitive information such as environment variables or secret files...

BIT-MLFLOW-2024-27132 Insufficient sanitization in MLflow leads to XSS when running an untrusted recipe.

Insufficient sanitization in MLflow leads to XSS when running an untrusted recipe. This issue leads to a client-side RCE when running an untrusted recipe in Jupyter Notebook. The vulnerability stems from lack of sanitization over template variables...

R2Frida - Radare2 And Frida Better Together

This is a self-contained plugin for radare2 that allows to instrument remote processes using frida. The radare project brings a complete toolchain for reverse engineering, providing well maintained functionalities and extend its features with other programming languages and tools. Frida is a...

@electron/packager's build process memory potentially leaked into final executable

Impact A random segment of 1-10kb of Node.js heap memory allocated either side of a known buffer will be leaked into the final executable. This memory could contain sensitive information such as environment variables, secrets files, etc. Patches This issue is patched in 18.3.1 Workarounds No...

CVE-2024-29900

Electron Packager bundles Electron-based application source code with a renamed Electron executable and supporting files into folders ready for distribution. A random segment of 1-10kb of Node.js heap memory allocated either side of a known buffer will be leaked into the final executable. This...

Electron Packager 安全漏洞

Electron is a personal developer of a user to write cross-platform desktop application JavaScript framework. The framework is based on nodejs and Chromium and enables the writing of cross-platform desktop applications using HTML and CSS. A security vulnerability exists in Electron Packager versio...

CVE-2024-1540

A command injection vulnerability exists in the deploy+test-visual.yml workflow of the gradio-app/gradio repository, due to improper neutralization of special elements used in a command. This vulnerability allows attackers to execute unauthorized commands, potentially leading to unauthorized...

CVE-2024-1540 Command Injection in gradio-app/gradio via deploy+test-visual.yml workflow

A command injection vulnerability exists in the deploy+test-visual.yml workflow of the gradio-app/gradio repository, due to improper neutralization of special elements used in a command. This vulnerability allows attackers to execute unauthorized commands, potentially leading to unauthorized...

Code Injection

getgrav/grav is vulnerable to Code Injection. The vulnerability is due to unrestricted access to the Twig extension class from the Grav context. This flaw allows attackers to redefine configuration variables and bypass previous Server-Side Template Injection SSTI mitigations...

nodejs: code injection and privilege escalation through Linux capabilities

A flaw was found in Node.js. On Linux, Node.js ignores certain environment variables if an unprivileged user has set them while the process is running with elevated privileges, except for CAPNETBINDSERVICE. Due to a bug in the implementation of this exception, Node.js incorrectly applies this...

Oracle Linux 9 : nodejs:18 (ELSA-2024-1503)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1503 advisory. - Fixes: CVE-2024-21892 CVE-2024-22019 high Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Not...

nodejs: code injection and privilege escalation through Linux capabilities

A flaw was found in Node.js. On Linux, Node.js ignores certain environment variables if an unprivileged user has set them while the process is running with elevated privileges, except for CAPNETBINDSERVICE. Due to a bug in the implementation of this exception, Node.js incorrectly applies this...

PT-2024-3637 · Ros2 · Ros2

Name of the Vulnerable Software and Affected Versions: ROS2 versions 2 through 3 Description: The issue is related to the handling of shell command execution in ROS2, specifically with the ROS VERSION and ROS PYTHON VERSION environment variables. This can allow a remote attacker to execute...

Important: nodejs

Issue Overview: A flaw was found in Node.js. On Linux, Node.js ignores certain environment variables if they have been set by an unprivileged user while the process is running with elevated privileges, with the exception of CAPNETBINDSERVICE. Due to a bug in the implementation of this exception,...

Huawei EulerOS: Security Advisory for gcc (EulerOS-SA-2024-1412)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.11.1 : gcc (EulerOS-SA-2024-1412)

According to the versions of the gcc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - DISPUTEDA failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an...

CVE-2023-41877

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. A path traversal vulnerability in versions 2.23.4 and prior requires GeoServer Administrator with access to the admin console to misconfigure the Global Settings for log file location ...

PT-2024-21351 · Apache · Apache Tomcat

Name of the Vulnerable Software and Affected Versions: Meta4 HR affected versions not specified Description: A vulnerability has been found that allows an attacker to obtain information about the application, including variables set in the process, Tomcat versions, library versions, and the...

Metasploit Wrap-Up 03/15/2024

New module content 3 GitLab Password Reset Account Takeover Authors: asterion04 and h00die Type: Auxiliary Pull request: 18716 contributed by h00die Path: admin/http/gitlabpasswordresetaccounttakeover AttackerKB reference: CVE-2023-7028 Description: This adds an exploit module that leverages an...