KDDI CORPORATION, NTT DOCOMO, INC., And SoftBank Corp. Security Vulnerabilities

Driving licences and other official documents leaked by authentication service used by Uber, TikTok, X, and more

A company that helps to authenticate users for big brands had a set of administration credentials exposed online for over a year, potentially allowing access to user identity documents such as driving licenses. As more and more legislation emerges requiring websites and platforms—like gambling...

Memory exhaustion in multipart form parsing in net/textproto and net/http

When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a...

skopeo security and bug fix update

[2:1.14.3-2] - update to the latest content of https://github.com/containers/skopeo/tree/release-1.14 (https://github.com/containers/skopeo/commit/5f2b9af) - Resolves: RHEL-28736 [2:1.14.3-1] - update to the latest content of https://github.com/containers/skopeo/tree/release-1.14 ...

Panic in certificate parsing in crypto/x509 and golang.org/x/crypto/cryptobyte

On 32-bit architectures, a malformed input to crypto/x509 or the ASN.1 parsing functions of golang.org/x/crypto/cryptobyte can lead to a panic. The malformed certificate can be delivered via a crypto/tls connection to a client, or to a server that accepts client certificates. net/http clients can.....

Panic on unconsidered isindex and template combination in golang.org/x/net/html

The Parse function can panic on some invalid inputs. For example, the Parse function panics on the input "This is a searchable index. Enter search keywords:...

Security Bulletin: Multiple vulnerabilities present in IBM Answer Retrieval for Watson Discovery versions 2.16 and earlier

Summary This fix upgrades to Node.js 18.20.3 and Websphere Liberty 24.0.0.5. Node.js is used by all IBM Answer Retrieval for Watson Discovery user interfaces. Websphere Liberty is used by the IBM Answer Retrieval for Watson Discovery swagger microservice. There are two categories of...

Supreme Modules Lite – Divi Theme, Extra Theme and Divi Builder < 2.5.52 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The Supreme Modules Lite – Divi Theme, Extra Theme and Divi Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘button_one_id’ parameter in all versions up to, and including, 2.5.51 due to insufficient input sanitization and output escaping. This makes it....

Security Bulletin: A vulnerability in IBM Java affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary A vulnerability in IBM® Runtime Environment Java™ Technology Edition affects the product's management GUI. The Command Line Interface is unaffected. Vulnerability Details ** CVEID: CVE-2023-30441 DESCRIPTION: **IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE 8.0.7.0...

cockpit-session-recording bug fix and enhancement update

An update is available for cockpit-session-recording. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see...

gcc-toolset-13 bug fix and enhancement update

An update is available for gcc-toolset-13. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

python-virt-firmware bug fix and enhancement update

An update is available for python-virt-firmware. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the...

Weights and Biases (wandb) has a Server-Side Request Forgery (SSRF) vulnerability

A Server-Side Request Forgery (SSRF) vulnerability exists in the wandb/wandb repository due to improper handling of HTTP 302 redirects. This issue allows team members with access to the 'User settings -&gt; Webhooks' function to exploit this vulnerability to access internal HTTP(s) servers. In seve...

Gum Elementor Addon < 1.3.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Price Table and Post Slider Widgets

Description The Gum Elementor Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Price Table and Post Slider widgets in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

K000139691: Python vulnerabilities CVE-2022-48565, CVE-2018-1000802 and CVE-2016-9063

Security Advisory Description CVE-2022-48565 An XML External Entity (XXE) issue was discovered in Python through 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities. CVE-2018-1000802 Python Software Foundation Python (CPython)...

Security Bulletin: Vulnerabilities in Node.js and packages affect IBM Voice Gateway

Summary Security Vulnerabilities in Node.js and packages affect IBM Voice Gateway. The vulnerabilities have been addressed. Vulnerability Details ** CVEID: CVE-2024-31206 DESCRIPTION: **Node.js dectalk-tts module could allow a remote attacker to obtain sensitive information, caused by the use of...

(RHSA-2024:2821) Important: bind and dhcp security update

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. The...

Exponent CMS < 2.4.0 Multiple SQLi and RCE Vulnerabilities

Exponent CMS is prone to multiple SQL injection (SQLi) and remote code execution (RCE)...

TP-Link TD-W8951ND XSS and CSRF Vulnerabilities

TP-Link TD-W8951ND is prone to cross-site scripting (XSS) and cross-site request forgery (CSRF)...

Malicious code in forenith (PyPI)

-= Per source details. Do not edit below this...

WP Dark Mode – WordPress Dark Mode Plugin for Improved Accessibility, Dark Theme, Night Mode, and Social Sharing < 5.0.5 - Missing Authorization

Description The WP Dark Mode – WordPress Dark Mode Plugin for Improved Accessibility, Dark Theme, Night Mode, and Social Sharing plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpdm_social_share_save_options function in all versions.....

Integration for Contact Form 7 and Salesforce <= <=1.3.9 - Cross-Site Request Forgery

Description The Integration for Contact Form 7 and Salesforce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, &lt;=1.3.9. This is due to missing or incorrect nonce validation on the settings_page function. This makes it possible for unauthenticated...

RCE (Remote Code Execution) in Confluence Data Center and Server

This High severity RCE (Remote Code Execution) vulnerability was introduced in version of Confluence Data Center and Server. This RCE (Remote Code Execution) vulnerability, with a CVSS Score of , allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality,...

Microsoft Windows Help and Support Center RCE Vulnerability

Microsoft Windows is prone to a remote code execution (RCE) vulnerability. This VT has been replaced...

CVE-2018-25086

A vulnerability was found in sea75300 FanPress CM up to 3.6.3. It has been classified as problematic. This affects the function getArticlesPreview of the file inc/controller/action/system/templatepreview.php of the component Template Preview. The manipulation leads to cross site scripting. It is...

DoS (Denial of Service) org.apache.struts:struts2-core Dependency in Crowd Data Center and Server

This High severity org.apache.struts:struts2-core Dependency vulnerability was introduced in versions 5.0.0, 5.1.0, and 5.2.0 of Crowd Data Center and Server. This org.apache.struts:struts2-core Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

pcp security, bug fix, and enhancement update

[6.2.0-2.0.1] - Fixed libpcp derived metric issue for ol9 [Orabug: 36538820] [6.2.0-2] - Disable RESP proxying by default in pmproxy...

K000139682: Speculative race conditions vulnerabilities CVE-2024-2193 and CVE-2024-26602

Security Advisory Description CVE-2024-2193 A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data...

CVE-2023-5706

The VK Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'vk-blocks/ancestor-page-list' block in all versions up to, and including, 1.63.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

rhel-system-roles bug fix and enhancement update

An update is available for rhel-system-roles. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky....

K000139668: MySQL Server vulnerabilities CVE-2024-21000 and CVE-2024-21008

Security Advisory Description CVE-2024-21000 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with...

Security Bulletin: Multiple vulnerabilities in IBM WebSphere Application Server Liberty and Apache Xerces C++ XML parser may affect IBM Storage Protect for Space Management

Summary IBM Storage Protect for Space Management can be affected by security flaws in IBM WebSphere Application Server Liberty and Apache Xerces C++ XML parser. The flaws can lead to server-side request forgery,, denial of service, and arbitrary code execution, as described in the "Vulnerability...

Moderate: flatpak security, bug fix, and enhancement update

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. The following packages have been upgraded to a later upstream version: flatpak (1.12.8). (BZ#2221792) Security Fix(es): flatpak: TIOCLINUX can send commands outside sandbox if running on a...

OpenStack Glance Bypass the storage quota and Denial of service

OpenStack Glance 2014.2.x through 2014.2.1, 2014.1.3, and earlier allows remote authenticated users to bypass the storage quota and cause a denial of service (disk consumption) by deleting an image in the saving...

octo-sts vulnerable to unauthenticated attacker causing unbounded CPU and memory usage

Impact This vulnerability can spike the resource utilization of the STS service, and combined with a significant traffic volume could potentially lead to a denial of service. Patches This vulnerability existed in the repository at HEAD, we will cut a 0.1.0 release with the fix. Workarounds None...

Moderate: skopeo security and bug fix update

The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fix(es): golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain...

(RHSA-2024:2945) Important: Red Hat AMQ Broker 7.12.0 release and security update

AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. This release of Red Hat AMQ Broker 7.12.0 includes security and bug fixes, and enhancements.....

Apache OpenOffice 'Unquoted Search Path' and RCE Vulnerabilities

Apache OpenOffice is prone to an unquoted windows search path and remote code execution (RCE)...

Apache Archiva Cross Site Scripting And CSRF Vulnerabilities

Apache Archiva is prone to cross-site request forgery (CSRF) and cross-site scripting...

Malicious code in forenitz (PyPI)

-= Per source details. Do not edit below this...

CVE-2024-37131

SCG Policy Manager, all versions, contains an overly permissive Cross-Origin Resource Policy (CORP) vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of malicious actions on the application in the context of the authenticated...

User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin < 3.2.1 - Missing Authorization to Privilege Escalation

Description The User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'import_form_action' function in versions up to, and including, 3.2.0.1. This....

libreoffice security fix update

[1:5.3.6.1-26.0.1] - adjust color palette to match Redwood style. - Replaced RedHat colors with Oracle colors, and the filename redhat.soc with oracle.soc in specfile - Build with --with-vendor='Oracle America, Inc.' [1:5.3.6.1-26] - Fix CVE-2022-38745 Empty entry in Java class path - Fix...

(RHSA-2024:2845) Moderate: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: untrusted VMM can trigger int80 syscall handling (CVE-2024-25744) kernel: netfilter: nftables: exthdr: fix 4-byte stack OOB write (CVE-2023-52628) Bug Fix(es): kernel: untrusted...

(RHSA-2024:2865) Important: OpenShift Container Platform 4.15.14 bug fix and security update

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.15.14. See the following advisory for the RPM...

CVE-2022-45962

Open Solutions for Education, Inc openSIS Community Edition v8.0 and earlier is vulnerable to SQL Injection via...

Datto RMM (Remote Monitoring and Management) Installed (Windows)

Datto RMM (Remote Monitoring and Management) is installed on the remote Windows...

Important: pcp security, bug fix, and enhancement update

Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance measurements. Its light-weight distributed architecture makes it particularly well-suited to centralized analysis of complex systems. Security Fix(es): pcp:.....

Security Bulletin: Vulnerabilities in JAR files affect Transparent Cloud Tiering in IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary Vulnerabilities in multiple JAR files affect Transparent Cloud Tiering in IBM SAN Volume Controller, IBM Storwize, IBM Storage Virtualize and IBM FlashSystem products. The vulnerabilities are not thought to be exploitable but IBM recommends upgrade for users of Transparent Cloud Tiering...

CVE-2024-32547

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Max Bond Code Insert Manager (Q2W3 Inc Manager) allows Reflected XSS.This issue affects Code Insert Manager (Q2W3 Inc Manager): from n/a through...

Session Fixation

@workos-inc/authkit-nextjs vulnerable to Session Fixation. This vulnerability is due to the improper handling of expired sessions within session.ts. This allowing an attacker to reuse an expired session by controlling the x-workos-session...