Ivanti Connect Secure Unauthenticated Remote Code Execution

This module chains a server side request forgery SSRF vulnerability CVE-2024-21893 and a command injection vulnerability CVE-2024-21887 to exploit vulnerable instances of either Ivanti Connect Secure or Ivanti Policy Secure, to achieve unauthenticated remote code execution. All currently supporte...

GHSA-F3QR-QR4X-J273 php-svg-lib lacks path validation on font through SVG inline styles

Summary php-svg-lib fails to validate that font-family doesn't contain a PHAR url, which might leads to RCE on PHP href, 0, 7 === "phar://" || $this-document-allowExternalReferences === false && \strtolower\substr$this-href, 0, 5 !== "data:" unset$style"font-family"; PoC Parsing the following SVG...

php-svg-lib lacks path validation on font through SVG inline styles

Summary php-svg-lib fails to validate that font-family doesn't contain a PHAR url, which might leads to RCE on PHP href, 0, 7 === "phar://" || $this-document-allowExternalReferences === false && \strtolower\substr$this-href, 0, 5 !== "data:" unset$style"font-family"; PoC Parsing the following SVG...

CVE-2024-25117

php-svg-lib is a scalable vector graphics SVG file parsing/rendering library. Prior to version 0.5.2, php-svg-lib fails to validate that font-family doesn't contain a PHAR url, which might leads to RCE on PHP 8.0, and doesn't validate if external references are allowed. This might leads to bypass...

Design/Logic Flaw

php-svg-lib is a scalable vector graphics SVG file parsing/rendering library. Prior to version 0.5.2, php-svg-lib fails to validate that font-family doesn't contain a PHAR url, which might leads to RCE on PHP 8.0, and doesn't validate if external references are allowed. This might leads to bypass...

CVE-2024-25117 php-svg-lib lacks path validation on font through SVG inline styles

php-svg-lib is a scalable vector graphics SVG file parsing/rendering library. Prior to version 0.5.2, php-svg-lib fails to validate that font-family doesn't contain a PHAR url, which might leads to RCE on PHP 8.0, and doesn't validate if external references are allowed. This might leads to bypass...

CVE-2024-25117 php-svg-lib lacks path validation on font through SVG inline styles

php-svg-lib is a scalable vector graphics SVG file parsing/rendering library. Prior to version 0.5.2, php-svg-lib fails to validate that font-family doesn't contain a PHAR url, which might leads to RCE on PHP 8.0, and doesn't validate if external references are allowed. This might leads to bypass...

CVE-2024-25117

Summary: CVE-2024-25117 affects php-svg-lib prior to 0.5.2. The library does not validate that font-family values are not PHAR URLs in SVG font rendering, which can lead to unsafe fontName values being passed to downstream libraries and, in PHP

CVE-2024-25117 php-svg-lib lacks path validation on font through SVG inline styles

php-svg-lib is a scalable vector graphics SVG file parsing/rendering library. Prior to version 0.5.2, php-svg-lib fails to validate that font-family doesn't contain a PHAR url, which might leads to RCE on PHP 8.0, and doesn't validate if external references are allowed. This might leads to bypass...

CVE-2024-25117

php-svg-lib is a scalable vector graphics SVG file parsing/rendering library. Prior to version 0.5.2, php-svg-lib fails to validate that font-family doesn't contain a PHAR url, which might leads to RCE on PHP 8.0, and doesn't validate if external references are allowed. This might leads to bypass...

Exploit for Authentication Bypass Using an Alternate Path or Channel in Connectwise Screenconnect

How to use I'm using Python3.9 pip install requests...

Attackers Quick to Weaponize CVE-2023-22527 for Malware Delivery

On January 16, 2024, Atlassian disclosed a critical vulnerability affecting Confluence Data Center and Confluence Server, tracked as CVE-2023-22527. The vulnerability is an unauthenticated OGNL injection bug, allowing unauthenticated attackers to execute Java expressions, invoke methods, navigate...

Critical: Red Hat Security Advisory: OpenShift Container Platform 4.13.34 security update

Red Hat OpenShift Container Platform release 4.13.34 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a...

CVE-2024-1709

ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel vulnerability, which may allow an attacker direct access to confidential information or critical systems. Recent assessments: sfewer-r7 at February 22, 2024 4:54pm UTC reported:...

Critical: Red Hat Security Advisory: Release of OpenShift Serverless Client kn 1.31.1 security update

Red Hat OpenShift Serverless 1.31.1 is now available. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in th...

Petrol Pump Management Software 1.0 Shell Upload Vulnerability

Exploit Title: Petrol pump management software - File Upload Remote Code Execution RCE unauthenticated Application: Petrol pump management software Date: 20.02.2024 Bugs: File Upload Remote Code Execution RCE unauthenticated Exploit Author: SoSPiro Vendor Homepage: https://www.sourcecodester.com/...

CVE-2024-1644 Suite CRM v7.14.2 - RCE via Local File Inclusion

Suite CRM version 7.14.2 allows including local php files. This is possible because the application is vulnerable to LFI...

CVE-2024-1651 Torrentpier 2.4.1 - RCE

Torrentpier version 2.4.1 allows executing arbitrary commands on the server. This is possible because the application is vulnerable to insecure deserialization...

CVE-2024-25626 Yocto Project Security Advisory - BitBake/Toaster

Yocto Project is an open source collaboration project that helps developers create custom Linux-based systems regardless of the hardware architecture. In Yocto Projects Bitbake before 2.6.2 before and included Yocto Project 4.3.1, with the Toaster server included in bitbake running, missing input...

Important: Red Hat Security Advisory: gimp:2.8 security update

An update for the gimp:2.8 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...