Security Bulletin: Multiple vulnerabilities fixed in IBM Security Verify Governance - Identity Manager virtual appliance component

Summary Multiple security vulnerabilities related to jQuery and other components have been addressed in IBM Security Verify Governance - Identity Manager virtual appliance component. Vulnerability Details CVEID:CVE-2023-46158 DESCRIPTION: IBM WebSphere Application Server Liberty 23.0.0.9 through...

Amazon Linux 2 : xmlgraphics-commons (ALAS-2024-2411)

The version of xmlgraphics-commons installed on the remote host is prior to 1.5-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2411 advisory. Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input...

Amazon Linux 2 : perl-HTTP-Daemon (ALAS-2024-2405)

The version of perl-HTTP-Daemon installed on the remote host is prior to 6.01-8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2405 advisory. HTTP::Daemon is a simple http server class written in perl. Versions prior to 6.15 are subject to a vulnerability which cou...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-1036)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GHSA-9XG9-HH45-XCM6 Apache InLong Manager Remote Code Execution vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Apache InLong.This issue affects Apache InLong: from 1.5.0 through 1.9.0, which could lead to Remote Code Execution. Users are advised to upgrade to Apache InLong's 1.10.0 or cherry-pick 1 to solve it. 1...

CVE-2023-51784

Improper Control of Generation of Code 'Code Injection' vulnerability in Apache InLong.This issue affects Apache InLong: from 1.5.0 through 1.9.0, which could lead to Remote Code Execution. Users are advised to upgrade to Apache InLong's 1.10.0 or cherry-pick 1 to solve it. 1...

WP All Import < 3.7.3 - Admin+ Arbitrary File Upload to RCE

Description The plugin accepts all zip files and automatically extracts the zip file into a publicly accessible directory without sufficiently validating the extracted file type. This may allows high privilege users such as administrator to upload an executable file type leading to remote code...

K000138057: mod_ssl vulnerabilities CVE-2002-1157 and CVE-2002-0653

Security Advisory Description CVE-2002-1157 Cross-site scripting vulnerability in the modssl Apache module 2.8.9 and earlier, when UseCanonicalName is off and wildcard DNS is enabled, allows remote attackers to execute script as other web site visitors, via the server name in an HTTPS response on...

Design/Logic Flaw

Arbitrary file properties reading vulnerability in Apache Software Foundation Apache OFBiz when user operates an uri call without authorizations. The same uri can be operated to realize a SSRF attack also without authorizations. Users are recommended to upgrade to version 18.12.11, which fixes th...

CVE-2023-50968

Apache OFBiz

Apache Airflow Security Bypass Vulnerability (CNVD-2024-0101425)

Apache Airflow is the United States Apache Apache Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. A security bypass vulnerability exists in Apache Airflow versions prior to 2.8.0,...

Apache IoTDB Deserialization Vulnerability

Apache IoTDB is an integrated data management engine designed for time-series data from the Apache USA Foundation, which provides data collection, storage, and analysis services, among other things. A deserialization vulnerability exists in Apache IoTDB versions 0.13.0 through 0.13.4, which can b...

Deserialization Of Untrusted Data

Apache IoTDB is vulnerable to Deserialization Of Untrusted Data. The vulnerability is due to directly deserializing the key/values from the deviceOwnerFile within the deSerializeDeviceOwnerMap method. Each key/value from the owner file is parsed directly using the ObjectOutputStream class, withou...

Apache Airflow vulnerable to Exposure of Resource to Wrong Sphere

Apache Airflow, in versions prior to 2.8.0, contains a security vulnerability that allows an authenticated user with limited access to some DAGs, to craft a request that could give the user write access to various DAG resources for DAGs that the user had no access to, thus, enabling the user to...

CVE-2023-43826

CVE-2023-43826 affects Apache Guacamole: older releases (1.5.3 and earlier) do not consistently ensure that values from a VNC server avoid integer overflow in VNC image buffers. The root cause is improper handling of VNC data that can trigger memory corruption, with the potential for arbitrary co...

Tenable SecurityCenter Multiple Vulnerabilities (TNS-2023-44)

According to its self-reported version, the Tenable SecurityCenter running on the remote host is . It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2023-44 advisory. - Security Center leverages third-party software to help provide underlying functionality. One of th...

Duplicator < 1.3.0 - Unauthenticated RCE

Description The plugin does not properly escape values when its installer script replaces values in WordPress configuration files. If this installer script is left on the site after use, it could be use to run arbitrary code on the server. Steps to Reproduce Setup Download WAMP with the following...

Duplicator < 1.3.0 - Unauthenticated RCE

Description The plugin does not properly escape values when its installer script replaces values in WordPress configuration files. If this installer script is left on the site after use, it could be use to run arbitrary code on the server. PoC Steps to Reproduce Setup Download WAMP with the...

Microsoft patches 34 vulnerabilities, including one zero-day

December’s Patch Tuesday is a relatively quiet one on the Microsoft front. Redmond has patched 34 vulnerabilities with only four rated as critical. One vulnerability, a previously disclosed unpatched vulnerability in AMD central processing units CPUs, was shifted by AMD to software developers. Th...

CVE-2023-6710

A flaw was found in the modproxycluster in the Apache server. This issue may allow a malicious user to add a script in the 'alias' parameter in the URL to trigger the stored cross-site scripting XSS vulnerability. By adding a script on the alias parameter on the URL, it adds a new virtual host an...