AVEVA Software, LLC. Security Vulnerabilities

Exploit for Improper Privilege Management in Sudo Project Sudo

CVE-2023-22809 CVE-2023-22809 is a critical...

Exploit for Expression Language Injection in Atlassian Confluence Data Center

Exploit for CVE-2022-26134: Confluence Pre-Auth Remote Code...

Mitsubishi Electric Automation MC-WorX Suite Detection

Mitsubishi Electric Automation MC-WorX, a suite of software modules for data visualization and SCADA applications, is installed on the remote Windows...

Zimbra Collaboration Server Web Detection

The web interface for Zimbra Collaboration Server, an open source messaging and collaboration solution, was detected on the remote host. Note the plugin attempts to retrieve the version information without credentials. However, if HTTP Basic credentials are supplied then an attempt to retrieve the....

CVE-2021-47617

In the Linux kernel, the following vulnerability has been resolved: PCI: pciehp: Fix infinite loop in IRQ handler upon power fault The Power Fault Detected bit in the Slot Status register differs from all other hotplug events in that it is sticky: It can only be cleared after turning off slot...

Zimbra Collaboration Server Installed (Linux / Unix)

Zimbra Collaboration Server, an open source messaging and collaboration application is installed on the remote Linux / Unix...

[SECURITY] Fedora 40 Update: tomcat-9.0.89-1.fc40

Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and...

Exploit for Unprotected Alternate Channel in Cisco Ios Xe

CVE-2023-20198 Exploit PoC for CVE-2023-20198 Description...

Cisco Firepower Threat Defense Software Web Services DoS Vulnerability (cisco-sa-asaftd-websrvs-dos-X8gNucD2)

According to its self-reported version, the remote Cisco Firepower Threat Defense Software is affected by a denial of service (DoS) vulnerability, due to incomplete error checking when parsing HTTP headers. An unauthenticated, remote attacker can exploit this issue, via specially crafted HTTP...

Cisco Adaptive Security Appliance Software Web Services DoS Vulnerability (cisco-sa-asaftd-websrvs-dos-X8gNucD2)

According to its self-reported version, the remote Cisco ASA Software is affected by a denial of service (DoS) vulnerability, due to incomplete error checking when parsing HTTP headers. An unauthenticated, remote attacker can exploit this issue, via specially crafted HTTP request, to cause the...

CVE-2023-25196

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Software Foundation Apache Fineract. Authorized users may be able to change or add data in certain components. This issue affects Apache Fineract: from 1.4 through...

CVE-2023-25197

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Software Foundation apache fineract. Authorized users may be able to exploit this for limited impact on components. This issue affects apache fineract: from 1.4 through...

CVE-2022-40743

Improper Input Validation vulnerability for the xdebug plugin in Apache Software Foundation Apache Traffic Server can lead to cross site scripting and cache poisoning attacks.This issue affects Apache Traffic Server: 9.0.0 to 9.1.3. Users should upgrade to 9.1.4 or later...

CVE-2022-2963

A vulnerability found in jasper. This security vulnerability happens because of a memory leak bug in function cmdopts_parse that can cause a crash or segmentation...

Microsoft SharePoint - Remote Code Execution

Microsoft SharePoint is vulnerable to a remote code execution when the software fails to check the source markup of an application...

Exploit for CVE-2022-41099

I take no Liability & Warranty on this script please fully test...

CVE-2024-36928

In the Linux kernel, the following vulnerability has been resolved: s390/qeth: Fix kernel panic after setting hsuid Symptom: When the hsuid attribute is set for the first time on an IQD Layer3 device while the corresponding network interface is already UP, the kernel will try to execute a napi...

CVE-2021-47617

In the Linux kernel, the following vulnerability has been resolved: PCI: pciehp: Fix infinite loop in IRQ handler upon power fault The Power Fault Detected bit in the Slot Status register differs from all other hotplug events in that it is sticky: It can only be cleared after turning off slot...

Apache OFBiz < 18.12.11 - Server Side Request Forgery

Arbitrary file properties reading vulnerability in Apache Software Foundation Apache OFBiz when user operates an uri call without authorizations. The same uri can be operated to realize a SSRF attack also without authorizations. Users are recommended to upgrade to version 18.12.11, which fixes...

CVE-2023-25195

Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache Fineract. Authorized users with limited permissions can gain access to server and may be able to use server for any outbound traffic. This issue affects Apache Fineract: from 1.4 through...

Intel PROSet/Wireless WiFi and Bluetooth May 2024 Security Update

Intel has informed HP of potential security vulnerabilities in some Intel® PROSet/Wireless WiFi and Bluetooth® products, which might allow denial of service. Intel is releasing firmware and software updates to mitigate these potential vulnerabilities. Intel has released updates to mitigate the...

CVE-2024-36898

In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: fix uninitialised kfifo If a line is requested with debounce, and that results in debouncing in software, and the line is subsequently reconfigured to enable edge detection then the allocation of the kfifo to...

GlobalProtect - OS Command Injection

A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall.Cloud NGFW, Panorama...

Webmin <1.997 - Authenticated Remote Code Execution

Webmin before 1.997 is susceptible to authenticated remote code execution via software/apt-lib.pl, which lacks HTML escaping for a UI command. An attacker can perform command injection attacks and thereby execute malware, obtain sensitive information, modify data, and/or gain full control over a...

CVE-2023-33933

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: from 8.0.0 through 9.2.0. 8.x users should upgrade to 8.1.7 or later versions 9.x users should upgrade to 9.2.1 or later...

Jellyfin 10.7.2 - Server Side Request Forgery

Jellyfin is a free software media system. Versions 10.7.2 and below are vulnerable to unauthenticated Server-Side Request Forgery (SSRF) attacks via the imageUrl...

CVE-2023-1370

Json-smart is a performance focused, JSON processor lib. When reaching a ‘[‘ or ‘{‘ character in the JSON input, the code parses an array or an object respectively. It was discovered that the code does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays.....

CVE-2024-36928

In the Linux kernel, the following vulnerability has been resolved: s390/qeth: Fix kernel panic after setting hsuid Symptom: When the hsuid attribute is set for the first time on an IQD Layer3 device while the corresponding network interface is already UP, the kernel will try to execute a napi...

CVE-2022-30535

In versions 2.x before 2.3.0 and all versions of 1.x, An attacker authorized to create or update ingress objects can obtain the secrets available to the NGINX Ingress Controller. Note: Software versions which have reached End of Technical Support (EoTS) are not...

Malicious code in @elza/auto-route-plugin (npm)

-= Per source details. Do not edit below this line.=- Source: ghsa-malware (c0394416e392791c5f23be36b82f8800fa29bfd1381f8be67c7362338279c0d2) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Cisco IOS XE Software Internet Key Exchange Version 1 Fragmentation DoS (cisco-sa-ikev1-NO2ccFWz)

According to its self-reported version, Cisco IOS-XE Software is affected by multiple vulnerabilities. A vulnerability in the IKEv1 fragmentation code of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a heap overflow, resulting in an...

CVE-2024-0093

NVIDIA GPU software for Linux contains a vulnerability where it can expose sensitive information to an actor that is not explicitly authorized to have access to that information. A successful exploit of this vulnerability might lead to information disclosure. Notes Author| Note ---|--- mdeslaur |.....

[SECURITY] Fedora 40 Update: ghostscript-10.02.1-9.fc40

This package provides useful conversion utilities based on Ghostscript soft ware, for converting PS, PDF and other document formats between each other. Ghostscript is a suite of software providing an interpreter for Adobe Syste ms' PostScript (PS) and Portable Document Format (PDF) page...

Silverstripe XSS In FormAction

A cross-site scripting vulnerability has been discovered in the FormAction field where a user-specified title may be...

Silverstripe XSS in TreeDropdownField and TreeMultiSelectField

A cross-site scripting vulnerability has been discovered in the TreeDropdownField and TreeMultiSelectField. This vulnerability can only be exploited if a user with CMS access has posted malicious or unescaped HTML into any of the dataobjects used as a data source for either of these fields. This...

CVE-2023-25816

Nextcloud is an Open Source private cloud software. Versions 25.0.0 and above, prior to 25.0.3, are subject to Uncontrolled Resource Consumption. A user can configure a very long password, consuming more resources on password validation than desired. This issue is patched in 25.0.3 No workaround...

Malicious code in @elza/keepalive (npm)

-= Per source details. Do not edit below this line.=- Source: ghsa-malware (36898e173038cb4c2df4e969d539b9594821fc6f2c6b1c8750d717d5f637eea4) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in logoo (npm)

-= Per source details. Do not edit below this line.=- Source: ghsa-malware (f27363cd295f9de7f2296d9c6b6d0f18222d76ff8947d98657340216d7c80efb) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in nodem0m (npm)

-= Per source details. Do not edit below this line.=- Source: ghsa-malware (ae93a7345bbc51bd2c0a267dc582cf90302284606b0f569ae06f4dc6a26f801a) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2024-5184

The EmailGPT service contains a prompt injection vulnerability. The service uses an API service that allows a malicious user to inject a direct prompt and take over the service logic. Attackers can exploit the issue by forcing the AI service to leak the standard hard-coded system prompts and/or...

Malicious code in desain (npm)

-= Per source details. Do not edit below this line.=- Source: ghsa-malware (13494704f154bacb5f2fc638287da1fe39acad551f086f8b5957f633ab310553) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2023-35940

GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to version 10.0.8, an incorrect rights check on a file allows an unauthenticated user to be able to access dashboards data. Version 10.0.8 contains a patch for this...

Malicious code in dsain (npm)

-= Per source details. Do not edit below this line.=- Source: ghsa-malware (5c297dbb19c09d8f71ccdbc712626dbf279bb972fe57afe0c04dc8e27f723a9b) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2024-5184

The EmailGPT service contains a prompt injection vulnerability. The service uses an API service that allows a malicious user to inject a direct prompt and take over the service logic. Attackers can exploit the issue by forcing the AI service to leak the standard hard-coded system prompts and/or...

Malicious code in nt4padyp (npm)

-= Per source details. Do not edit below this line.=- Source: ghsa-malware (813b8cef8cb7a828bbbf2b8edb29b1bbba72c65e7654fe80f07a80398a9e5133) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Exploit for Missing Authentication for Critical Function in Zohocorp Manageengine Servicedesk Plus

CVE-2021-44077 Proof of Concept Exploit for CVE-2021-44077:...

NodeBB XML-RPC Request xmlrpc.php - XML Injection

A remote code execution (RCE) vulnerability in the xmlrpc.php endpoint of NodeBB Inc NodeBB forum software prior to v1.18.6 allows attackers to execute arbitrary code via crafted XML-RPC...

Malicious code in mediaa (npm)

-= Per source details. Do not edit below this line.=- Source: ghsa-malware (51b2ce3294e1295bc15a9a9967ceaa66afaddf19884a6ca9ad9fdf2c28bc2526) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Advisory ROSA-SA-2024-2432

Software: man-db 2.7.6.1 OS: ROSA Virtualization 2.1 package_evr_string: man-db-2.7.6.1 CVE-ID: CVE-2018-25078 BDU-ID: None CVE-Crit: N/A CVE-DESC.: man-db in Gentoo allows local users (with access to the man user account) to gain root privileges, because /usr/bin/mandb is executed by the root...

XSRF Security Token Missing when clicking on Contact an administrator

h3. Summary Clicking on the "Contact an administrator to perform this action." results in XSRF Security Token Missing. Tested with : # Chrome Version 54.0.2840.59 (64-bit) # Firefox 49.0 h3. Steps to Reproduce # Configure Outgoing Mail # Enable Contact Administrators Form from General...