FreeBSD-SA-24:14.umtx

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-24:14.umtx Security Advisory The FreeBSD Project Topic: umtx Kernel panic or Use-After-Free Category: core Module: kern Announced: 2024-09-04 Credits: Synacktiv...

Faculty Evaluation System 1.0 Cross Site Request Forgery

============================================================================================================================================= | Title : Faculty Evaluation System 1.0 CSRF Add Admin Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...

Nginx Source Code Disclosure/Download

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nginx Source Code Disclosure/Download', 'Description' = %q This module exploits a source code disclosure/download vulnerability in versions 0.7 a...

LiteSpeed Source Code Disclosure/Download

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LiteSpeed Source Code Disclosure/Download', 'Description' = %q This module exploits a source code disclosure/download vulnerability in versions...

BIND TKEY Query Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'BIND TKEY Query Denial of Service', 'Description' = %q This module sends a malformed TKEY query, which exploits an error in handling TKEY queries...

SUSE SLES12 Security Update : apache2 (SUSE-SU-2024:3061-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:3061-1 advisory. - CVE-2024-39884: Fixed source code disclosure with handlers configured via AddType bsc1227353 Tenable has extracted the preceding descripti...

SUSE-SU-2024:3061-1 Security update for apache2

This update for apache2 fixes the following issues: - CVE-2024-39884: Fixed source code disclosure with handlers configured via AddType bsc1227353...

Task Management System 1.0 Cross Site Request Forgery

============================================================================================================================================= | Title : Task Management System 1.0 CSRF add staff Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0...

MSMS-PHP 1.0 Insecure Settings

============================================================================================================================================= | Title : MSMS-PHP v1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64 bits...

CLSA-2024-1724788546 Fix of 5 CVEs

SECURITY UPDATE: http server use exploitable/malicious backend application - debian/patches/CVE-2024-38476.patch: prevent server usage of exploitable/malicious backend application output to run local handlers via internal redirect - CVE-2024-38476 SECURITY UPDATE: modules regression introduced by...

CLSA-2024-1724706840 httpd: Fix of 8 CVEs

CVE-2024-38474: modrewrite: server weakness with encoded question marks in backreferences - CVE-2024-38475: modrewrite: server weakness in modrewrite when first segment of substitution matches filesystem path - CVE-2024-38477: modproxy: crash resulting in Denial of Service in modproxy via a...

FreeBSD : Gitlab -- vulnerabilities (49ef501c-62b6-11ef-bba5-2cf05da270f3)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 49ef501c-62b6-11ef-bba5-2cf05da270f3 advisory. Gitlab reports: The GitLab Web Interface Does Not Guarantee Information Integrity When...

CLSA-2024-1724351427 httpd: Fix of 9 CVEs

CVE-2024-38474: modrewrite: server weakness with encoded question marks in backreferences - CVE-2024-38475: modrewrite: server weakness in modrewrite when first segment of substitution matches filesystem path - CVE-2024-38477: modproxy: crash resulting in Denial of Service in modproxy via a...

Gitlab -- vulnerabilities

Gitlab reports: The GitLab Web Interface Does Not Guarantee Information Integrity When Downloading Source Code from Releases Denial of Service by importing maliciously crafted GitHub repository Prompt injection in "Resolve Vulnerabilty" results in arbitrary command execution in victim's pipeline ...

Driver Disk for Qlogic qla2xxx 10.02.12.01_k - For Citrix Hypervisor 8.2 Cumulative Update 1 LTSR

Who should install this driver disk? Customers running the Citrix Hypervisor 8.2 Cumulative Update 1 LTSR release who use Qlogic's qla2xxx driver and wish to use the latest version of the following: Driver Module| Driver Type| Version ---|---|--- qla2xxx| Fibre Channel HBA/Storage Controller|...

Mobile Security Framework (MobSF) has a Zip Slip Vulnerability in .a Static Library Files

Summary Upon reviewing the MobSF source code, I identified a flaw in the Static Libraries analysis section. Specifically, during the extraction of .a extension files, the measure intended to prevent Zip Slip attacks is improperly implemented. Since the implemented measure can be bypassed, the...

PT-2024-9089

Name of the Vulnerable Software and Affected Versions GNU Emacs versions through 30.0.92 Description The issue is related to the elisp-completion-at-point function in GNU Emacs, which can trigger unsafe Lisp macro expansion when used on untrusted Emacs Lisp source code. This allows attackers to...

Important: httpd

Issue Overview: A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosu...

Hotel Management System 1.0 Arbitrary File Upload

============================================================================================================================================= | Title : Hotel Management System 1.0 Remote File Upload Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...

httpd: Improper escaping of output in mod_rewrite

A flaw was found in the modrewrite module of httpd. Improper escaping of output allows an attacker to map URLs to filesystem locations permitted to be served by the server but are not intentionally or directly reachable by any URL. This issue results in code execution or source code disclosure...