PT-2024-7450 · Microsoft · Power Platform

Name of the Vulnerable Software and Affected Versions: Power Platform affected versions not specified Description: The issue is related to a lack of authorization in Power Platform, allowing an unauthenticated attacker to view sensitive information through a network attack vector. This can lead t...

Security Bulletin: IBM® Db2® NSE (Net Search Extender) is affected by a vulnerability in the open source Expat library. (CVE-2024-28757)

Summary IBM® Db2® NSE Net Search Extender is affected by a vulnerability in the open source Expat library. Vulnerability Details CVEID:CVE-2024-28757 DESCRIPTION: libexpat could allow a remote attacker to obtain sensitive information, caused by improper handling of XML external entity XXE...

WordPress Divi Torque Lite plugin <= 3.6.6 - Authenticated Stored Cross-Site Scripting via SVG Upload vulnerability

Authenticated Stored Cross-Site Scripting via SVG Upload vulnerability discovered by wesley wcraft in WordPress Plugin DiviTorque – Divi Theme, Divi Builder and Extra Theme versions = 3.6.6...

The vulnerability of the PHP-SVG-Lib library for file analysis and rendering of vector graphics lies in improper external control of file names or paths, allowing attackers to execute arbitrary code.

The vulnerability of the php-svg-lib library for analyzing and rendering vector graphics is related to improper external manipulation of the file name or path. Exploiting this vulnerability could allow an attacker to execute arbitrary code with insufficient protection against attacks...

GHSA-GWPM-PM6X-H7RJ ZendFramework Cross-site Scripting vector in `Zend_Filter_StripTags`

ZendFilterStripTags is a filtering class analogous to PHP's striptags function. In addition to stripping HTML tags and selectively keeping those provided in a whitelist, it also provides the ability to whitelist specific attributes to retain per whitelisted tag. The reporter discovered that...

GHSA-XFFP-6W68-4775 Zendframework Remote Address Spoofing Vector in `Zend\Http\PhpEnvironment\RemoteAddress`

The Zend\Http\PhpEnvironment\RemoteAddress class provides features around detecting the internet protocol IP address for an incoming proxied request via the X-Forwarded-For header, taking into account a provided list of trusted proxy server IPs. Prior to 2.2.5, the class was not taking into accou...

DEBIAN-CVE-2024-37383

Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via SVG animate attributes...

UBUNTU-CVE-2024-37383

Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via SVG animate attributes...

SSRF (Server-Side Request Forgery) org.springframework:spring-web Dependency in Confluence Data Center and Server

This High severity org.springframework:spring-web Dependency vulnerability was introduced in versions 1.0 of Confluence Data Center and Server. This org.springframework:spring-web Dependency vulnerability, with a CVSS Score of 8.1 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N...

Netgear WNR614 安全漏洞

The NETGEAR WNR614 is an N300 wireless router with external antenna from Netgear USA. The NETGEAR WNR614 suffers from an information disclosure vulnerability that originates from allowing an attacker to bypass authentication and access the management interface via an unspecified vector. No detail...

PT-2024-23319 · Mintplex · Anything-Llm

Name of the Vulnerable Software and Affected Versions: mintplex-labs/anything-llm versions prior to 1.0.0 Description: An improper authorization issue exists in the mintplex-labs/anything-llm application, specifically within the "/api/v/" endpoint and its sub-routes. This flaw allows...

Denial of Service via Zip/Decompression Bomb sent over HTTP or gRPC

Summary An unsafe decompression vulnerability allows unauthenticated attackers to crash the collector via excessive memory consumption. Details The OpenTelemetry Collector handles compressed HTTP requests by recognizing the Content-Encoding header, rewriting the HTTP request body, and allowing...

Insecure Deserialization & Arbitrary Code Execution in TYPO3 CMS

Phar files formerly known as "PHP archives" can act als self extracting archives which leads to the fact that source code is executed when Phar files are invoked. The Phar file format is not limited to be stored with a dedicated file extension - "bundle.phar" would be valid as well as "bundle.txt...

[SECURITY] Fedora 40 Update: qt5-qtsvg-5.15.14-1.fc40

Scalable Vector Graphics SVG is an XML-based language for describing two-dimensional vector graphics. Qt provides classes for rendering and displaying SVG drawings in widgets and on other paint devices...

kernel: untrusted VMM can trigger int80 syscall handling

A flaw was found in the Linux kernel. A VMM can inject external interrupts on any arbitrary vector at any time, which may allow the guest OS to be manipulated from the VMM side...

kernel: powerpc/lib: Validate size for vector operations

A potential stack corruption flaw was found in arch/powerpc/lib/sstep.c in the Linux kernel. This may lead to compromised Confidentiality, Integrity, or Availability...

CVE-2024-34364 Envoy OOM vector from HTTP async client with unbounded response buffer for mirror response

Envoy is a cloud-native, open source edge and service proxy. Envoy exposed an out-of-memory OOM vector from the mirror response, since async HTTP client will buffer the response with an unbounded buffer...

CVE-2024-34364 Envoy OOM vector from HTTP async client with unbounded response buffer for mirror response

Envoy is a cloud-native, open source edge and service proxy. Envoy exposed an out-of-memory OOM vector from the mirror response, since async HTTP client will buffer the response with an unbounded buffer...

SUSE CVE-2022-26306

LibreOffice supports the storage of passwords for web connections in the user's configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice existed where the required initialization vector for encryption was always the same which...

Security Bulletin: Information disclosure vulnerabilities affect IBM Business Automation Workflow - CVE-2024-28849, CVE-2024-21501

Summary IBM Business Automation Workflow Web Process Designer is vulnerable to information disclosure attacks. Vulnerability Details CVEID:CVE-2024-28849 DESCRIPTION: Node.js follow-redirects module could allow a remote authenticated attacker to obtain sensitive information, caused by the leakage...