Soar Cloud System Co., Ltd. Security Vulnerabilities

CVE-2024-36779

Sourcecodester Stock Management System v1.0 is vulnerable to SQL Injection via...

Online Birth Certificate System 1.2 - Stored Cross-Site Scripting

Online Birth Certificate System 1.2 contains multiple stored cross-site scripting vulnerabilities in the component /obcs/user/profile.php, which allows an attacker to execute arbitrary web script or HTML via a crafted payload injected into the fname or lname...

Sourcecodester Online Event Booking and Reservation System 2.3.0 - Cross-Site Scripting

Sourcecodester Online Event Booking and Reservation System 2.3.0 contains a cross-site scripting vulnerability in PHP/MySQL via the msg parameter to /event-management/index.php. An attacker can leverage this vulnerability in order to change the visibility of the website. Once the target user...

Linux kernel vulnerabilities

Releases Ubuntu 22.04 LTS Ubuntu 20.04 LTS Packages linux-hwe-5.15 - Linux hardware enablement (HWE) kernel linux-raspi - Linux kernel for Raspberry Pi systems Details It was discovered that the Open vSwitch implementation in the Linux kernel could overflow its stack during recursive action...

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to unspecified vulnerability in Java SE ( CVE-2024-20926)

Summary Potential unspecified vulnerability in Java SE related to the VM component (CVE-2024-20926) has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details **...

RestroPress – Online Food Ordering System < 3.1.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The RestroPress – Online Food Ordering System plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 3.1.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated....

CVE-2024-24774

Mattermost Jira Plugin handling subscriptions fails to check the security level of an incoming issue or limit it based on the user who created the subscription resulting in registered users on Jira being able to create webhooks that give them access to all Jira...

CVE-2023-48732

Mattermost fails to scope the WebSocket response around notified users to a each user separately resulting in the WebSocket broadcasting the information about who was notified about a post to everyone else in the...

Vehicle Service Management System 1.0 - Stored Cross Site Scripting

Vehicle Service Management System 1.0 contains a stored cross-site scripting vulnerability via the Mechanic List section in login...

Linux kernel vulnerabilities

Releases Ubuntu 18.04 ESM Ubuntu 16.04 ESM Packages linux - Linux kernel linux-aws - Linux kernel for Amazon Web Services (AWS) systems linux-azure-4.15 - Linux kernel for Microsoft Azure Cloud systems linux-gcp-4.15 - Linux kernel for Google Cloud Platform (GCP) systems linux-hwe - Linux...

Sourcecodester Hotel and Lodge Management System 2.0 - SQL Injection

Sourcecodester Hotel and Lodge Management System 2.0 contains a SQL injection vulnerability via the email parameter to the edit page for Customer, Room, Currency, Room Booking Details, or Tax Details. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized...

Use sha256 for hashing Microdroid system/vendor image (for vbmeta descriptor) | Currently using sha1

In buildPropFile of filesystem.go, there is a possible insecure hash due to an improperly used crypto. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for...

Prison Management System Using PHP SQL Injection

...

Exploit for SQL Injection in Progress Moveit Cloud

CVE-2023-34362: MOVEit Transfer Unauthenticated RCE For a...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Operator package issues

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Operator package issues. We have performed updates to the Operators used by our Speech Services. The following vulnerabilities have been addressed in this update. Please read the details for...

USN-6737-1: GNU C Library vulnerability | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description Charles Fol discovered that the GNU C Library iconv feature incorrectly handled certain input sequences. An attacker could use this issue to cause the GNU C Library to crash, resulting in a denial of...

HP PC BIOS May 2024 Security Updates for Potential Stack Buffer Overflows

Potential vulnerabilities have been identified in the system BIOS for certain HP PC products, which might allow escalation of privileges and code execution. HP is releasing firmware updates to mitigate the potential vulnerabilities. HP has identified affected platforms and corresponding SoftPaqs...

Security Bulletin: This Power System update is being released to address CVE-2024-31916

Summary This affects the BMC's HTTPS-based Redfish interface. Note the BMC's web-based ASMI interface uses the Redfish interface. Vulnerability Details ** CVEID: CVE-2024-31916 DESCRIPTION: **IBM OpenBMC's BMCWeb HTTPS server component could disclose sensitive URI content to an unauthorized actor.....

CVE-2024-5635

A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file index.php. The manipulation of the argument txtsearch leads to sql injection. The attack can be launched remotely....

ROS-20240627-06

A vulnerability in the Calendar component of cloud storage creation and utilization software Nextcloud Server is related to improper access control. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive information Vulnerability in the 2FA component.....

[ADP Grant] System Tracing can be used even if DISALLOW_DEBUGGING_FEATURES has been applied (MainTvActivity)

In various functions of various files, there is a possible way to bypass the DISALLOW_DEBUGGING_FEATURES restriction for tracing due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

CVE-2023-50333

Mattermost fails to update the permissions of the current session for a user who was just demoted to guest, allowing freshly demoted guests to change group...

CloudBrute - Awesome Cloud Enumerator

A tool to find a company (target) infrastructure, files, and apps on the top cloud providers (Amazon, Google, Microsoft, DigitalOcean, Alibaba, Vultr, Linode). The outcome is useful for bug bounty hunters, red teamers, and penetration testers alike. The complete writeup is available. here...

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to unspecified vulnerability in Java SE ( CVE-2024-20918)

Summary Potential unspecified vulnerability in Java SE related to the VM component (CVE-2024-20918) has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details **...

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to unspecified vulnerability in Java SE ( CVE-2024-20919)

Summary Potential unspecified vulnerability in Java SE related to the VM component (CVE-2024-20919) has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details **...

Chauffeur Taxi Booking System for WordPress < 7.0 - Authentication Bypass

Description The Chauffeur Taxi Booking System for WordPress plugin for WordPress is vulnerable to authenticated bypass in all versions up to, and including, 6.9. This is due to the plugin not properly validating a user's identity. This makes it possible for unauthenticated attackers to perform...

[ADP Grant] System Tracing can be used even if DISALLOW_DEBUGGING_FEATURES has been applied (MainActivity)

In multiple functions of multiple files, there is a possible way to bypass the DISALLOW_DEBUGGING_FEATURES restriction for tracing due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for.....

Sourcecodester Car Rental Management System 1.0 - Stored Cross-Site Scripting

Sourcecodester Car Rental Management System 1.0 is vulnerable to cross-site scripting via the vehicalorcview...

CVE-2023-7113

Mattermost version 8.1.6 and earlier fails to sanitize channel mention data in posts, which allows an attacker to inject markup in the web...

Prison Management System - SQL Injection Authentication Bypass

...

CVE-2024-24776

Mattermost fails to check the required permissions in the POST /api/v4/channels/stats/member_count API resulting in channel member counts being leaked to a user without...

Security Bulletin: This Power System update is being released to address CVE-2023-37453

Summary This affects the BMC's physical USB ports. Vulnerability Details ** CVEID: CVE-2023-37453 DESCRIPTION: **Linux Kernel is vulnerable to a denial of service, caused by an out-of-bounds flaw in the read_descriptors function in drivers/usb/core/sysfs.c in the USB subsystem. By using a...

Security Bulletin: This Power System update is being released to address CVE-2023-48795

Summary This affects the BMC's secure shell (SSH) interfaces which provides service access to the BMC's command shell, access to the host console, and service access to the hypervisor console. The BMC does not have SSH extensions, so a successful attack will not downgrade client connection...

Security Bulletin: This Power System update is being released to address CVE-2023-45857

Summary This affects the BMC's ASMi web application. Vulnerability Details ** CVEID: CVE-2023-45857 DESCRIPTION: **Axios is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By inserting the X-XSRF-TOKEN header using the secret XSRF-TOKEN cookie value.....

CVE-2023-47858

Mattermost fails to properly verify the permissions needed for viewing archived public channels, allowing a member of one team to get details about the archived public channels of another team via the GET /api/v4/teams//channels/deleted...

Adobe Creative Cloud Installed

Adobe Creative Cloud, a digital art management application, is installed on the remote Windows...

Piriform CCleaner Cloud Installed

Piriform CCleaner Cloud, a system maintenance utility, is installed on the remote Windows...

CVE-2023-22934

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘pivot’ search processing language (SPL) command lets a search bypass SPL safeguards for risky commands using a saved search job. The vulnerability requires an authenticated user to craft the saved job and a higher privileged user.....

Important: pcp security update

Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance measurements. Its light-weight distributed architecture makes it particularly well-suited to centralized analysis of complex systems. Security Fix(es): pcp:.....

pcp security update

An update is available for pcp. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for...

Exploit for Path Traversal in Vmware Cloud Foundation

CVE-2021-22005 VMware vCenter Server任意文件上传漏洞 Code...

libvirt vulnerability

Releases Ubuntu 24.04 LTS Packages libvirt - Libvirt virtualization toolkit Details Martin Širokov discovered that libvirt incorrectly handled certain memory operations. A local attacker could possibly use this issue to access virtproxyd without...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Base OS issues

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Base OS issues. We have updated the base image used by our Speech Services and the following vulnerabilities have been addressed. Please read the details for remediation below. Vulnerability Details...

CVE-2024-37677

An issue in Shenzhen Weitillage Industrial Co., Ltd the access management specialist V6.62.51215 allows a remote attacker to obtain sensitive...

CVE-2024-37677

An issue in Shenzhen Weitillage Industrial Co., Ltd the access management specialist V6.62.51215 allows a remote attacker to obtain sensitive...

CVE-2024-37677

An issue in Shenzhen Weitillage Industrial Co., Ltd the access management specialist V6.62.51215 allows a remote attacker to obtain sensitive...

Clinic Queuing System 1.0 - RCE

...

CVE-2024-36673

Sourcecodester Pharmacy/Medical Store Point of Sale System 1.0 is vulnerable SQL Injection via login.php. This vulnerability stems from inadequate validation of user inputs for the email and password parameters, allowing attackers to inject malicious SQL...

CVE-2023-36043

Open Management Infrastructure Information Disclosure...

CVE-2024-37677

An issue in Shenzhen Weitillage Industrial Co., Ltd the access management specialist V6.62.51215 allows a remote attacker to obtain sensitive...