Tomas | Docs | FAQ | Premium Support Security Vulnerabilities

wpDataTables - Tables & Table Charts (Premium) < 6.4 - Missing Authorization to DataTable Access & Modification

Description The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions in the wdt_ajax_actions.php file in all versions up to, and including, 6.3.2. This makes it...

(RHSA-2024:3426) Important: varnish:6 security update

Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up. Security Fix(es): varnish:6: HTTP/2 Broken Window Attack may result in denial of service...

new module: postgresql:16

An update is available for module.pgaudit, postgresql, pgaudit, module.pg_repack, module.postgres-decoderbufs, pg_repack, module.postgresql, postgres-decoderbufs. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is.....

go-toolset:rhel8 security update

An update is available for module.golang, go-toolset, delve, module.go-toolset, module.delve, golang. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Go Toolset....

Veeam Cloud Connect - Compiling Provider/Tenant Logs for Support Cases

Veeam Cloud Connect - Compiling Provider/Tenant Logs for Support...

tomcat security and bug fix update

An update is available for tomcat. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Apache Tomcat is a servlet container for the Java Servlet and JavaServer...

tomcat security and bug fix update

[1:9.0.87-1.el8_10.1] - Resolves: RHEL-38548 - Amend tomcat package's changelog so that fixed CVEs are mentioned explicitly - Resolves: RHEL-35813 - Rebase tomcat to version 9.0.87 - Resolves: RHEL-29255 tomcat: Apache Tomcat: WebSocket DoS with incomplete closing handshake (CVE-2024-23672) -...

Important: tomcat8

Issue Overview: Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through...

Veeam Agent for Linux - veeamsnap and blksnap Extended Linux Distribution Support

This article describesVeeam Agent for Linux support for distribution versions released after the latest release of Veeam Agent for...

go-toolset:ol8 security update

delve golang [1.21.9-1] - Fix CVE-2023-45288 - Resolves: RHEL-31915 go-toolset [1.21.9-1] - Fix CVE-2023-45288 - Resolves:...

Important: tomcat security and bug fix update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. Security Fix(es): Apache Tomcat: HTTP/2 header handling DoS (CVE-2024-24549) Apache Tomcat: WebSocket DoS with incomplete closing handshake (CVE-2024-23672) Bug Fix(es): Rebase tomcat to version...

nodejs security update

[1:16.20.2-8.0.1] - Fix CVE-2024-28182, CVE-2024-22025, CVE-2024-25629, CVE-2024-27982,...

polkit bug fix update

An update is available for polkit. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The polkit packages provide a component for controlling system-wide...

Joli FAQ SEO – WordPress FAQ Plugin < 1.3.3 - Cross-Site Request Forgery

Description The Joli FAQ SEO – WordPress FAQ Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.2. This is due to missing or incorrect nonce validation when saving settings. This makes it possible for unauthenticated attackers to...

(RHSA-2024:3305) Important: varnish:6 security update

Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up. Security Fix(es): varnish:6: HTTP/2 Broken Window Attack may result in denial of service...

golang bug fix update

An update is available for golang. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The golang packages provide the Go programming language compiler. Bug...

Important Photon OS Security Update - PHSA-2024-5.0-0274

Updates of ['linux-secure', 'linux', 'linux-rt'] packages of Photon OS have been...

CVE-2023-3535

A vulnerability was found in SimplePHPscripts FAQ Script PHP 2.3. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. The attack can be...

Premium Addons for Elementor < 4.10.32 - Contributor+ DOM-Based Stored Cross-Site Scripting via Global Tooltip

Description The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Global Tooltip widget in all versions up to, and including, 4.10.31 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it.....

Premium Addons for Elementor < 4.10.32 - Authenticated (Contributor+) Stored Cross-Site Scripting via Fancy Text Widget

Description The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Fancy Text widget in all versions up to, and including, 4.10.31 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

Thunderbird vulnerabilities

Releases Ubuntu 23.10 Ubuntu 22.04 LTS Ubuntu 20.04 LTS Packages thunderbird - Mozilla Open Source mail and newsgroup client Details Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker...

(RHSA-2024:3553) Important: nodejs : security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix(es): nodejs/16: CONTINUATION frames DoS (CVE-2024-27983) For more details about the security issue(s), including the impact, a CVSS score,...

Important: postgresql

Issue Overview: 2024-05-23: CVE-2021-32027 was added to this advisory. 2024-05-23: CVE-2023-5869 was added to this advisory. A flaw was found in postgresql. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of...

BIT-nginx-2024-24989

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed requests can cause NGINX worker processes to terminate.Note: The HTTP/3 QUIC module is not enabled by default and is considered experimental. For more information, refer to Support for QUIC and HTTP/3...

CVE-2021-23840

Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating...

(RHSA-2024:2938) Important: varnish:6 security update

Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up. Security Fix(es): varnish:6: HTTP/2 Broken Window Attack may result in denial of service...

Gravity Forms plugin leak hashed passwords

common.php in the Gravity Forms plugin before 2.4.9 for WordPress can leak hashed passwords because user_pass is not considered a special case for a $current_user-&gt;get($property)...

BIT-node-2021-23840

Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating...

DameWare Remote Support Detection

DameWare Remote Support, formerly DameWare NT Utilities, is installed on the remote Windows...

HP Support Assistant Installed

HP Support Assistant, a technical support assistance application, is installed on the remote Windows...

Authentication Bypass

ghost is vulnerable Authentication Bypass. The vulnerability is caused due to the misuse of multiple X-Forwarded-For headers with different values, which allows remote attackers to bypass the rate-limit protection mechanism. Note that the project recommends a reverse proxy to prevent this...

Gravity Forms stored Cross-Site Scripting (XSS) vulnerability

A stored Cross-Site Scripting (XSS) vulnerability in forms import feature in Rocketgenius Gravity Forms before 2.4.21 allows remote attackers to inject arbitrary web script or HTML via the import of a GF form. This code is interpreted by users in a privileged role (Administrator, Editor,...

BIT-nginx-2024-24990

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed requests can cause NGINX worker processes to terminate.Note: The HTTP/3 QUIC module is not enabled by default and is considered experimental. For more information, refer to Support for QUIC and HTTP/3...

Gravity Forms stored HTML injection vulnerability

Multiple stored HTML injection vulnerabilities in the "poll" and "quiz" features in an additional paid add-on of Rocketgenius Gravity Forms before 2.4.21 allows remote attackers to inject arbitrary HTML code via poll or quiz answers. This code is interpreted by users in a privileged role...

Gravity Forms stored Cross-Site Scripting (XSS) vulnerability in the survey feature

A stored Cross-Site Scripting (XSS) vulnerability in the survey feature in Rocketgenius Gravity Forms before 2.4.21 allows remote attackers to inject arbitrary web script or HTML via a textarea field. This code is interpreted by users in a privileged role (Administrator, Editor,...

Weaver Xtreme Theme Support < 6.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via div Shortcode

Description The Weaver Xtreme Theme Support plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's div shortcode in all versions up to, and including, 6.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for.....

CVE-2024-24990

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed requests can cause NGINX worker processes to terminate. Note: The HTTP/3 QUIC module is not enabled by default and is considered experimental. For more information, refer to Support for QUIC and HTTP/3...

TinyMCE Cross-Site Scripting (XSS) vulnerability using noscript elements

Impact A cross-site scripting (XSS) vulnerability was discovered in TinyMCE’s content parsing code. This allowed specially crafted noscript elements containing malicious code to be executed when that content was loaded into the editor. Patches This vulnerability has been patched in TinyMCE 7.2.0,.....

CVE-2024-24989

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed requests can cause NGINX worker processes to terminate. Note: The HTTP/3 QUIC module is not enabled by default and is considered experimental. For more information, refer to Support for QUIC and HTTP/3...

TinyMCE Cross-Site Scripting (XSS) vulnerability using noneditable_regexp option

Impact A cross-site scripting (XSS) vulnerability was discovered in TinyMCE’s content extraction code. When using the noneditable_regexp option, specially crafted HTML attributes containing malicious code were able to be executed when content was extracted from the editor. Patches This...

Medium: golang

Issue Overview: An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed...

TinyMCE Cross-Site Scripting (XSS) vulnerability using noscript elements

Impact A cross-site scripting (XSS) vulnerability was discovered in TinyMCE’s content parsing code. This allowed specially crafted noscript elements containing malicious code to be executed when that content was loaded into the editor. Patches This vulnerability has been patched in TinyMCE 7.2.0,.....

nodejs:20 security update

An update is available for nodejs-nodemon, module.nodejs, nodejs, module.nodejs-nodemon, module.nodejs-packaging, nodejs-packaging. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each...

TinyMCE Cross-Site Scripting (XSS) vulnerability using noneditable_regexp option

Impact A cross-site scripting (XSS) vulnerability was discovered in TinyMCE’s content extraction code. When using the noneditable_regexp option, specially crafted HTML attributes containing malicious code were able to be executed when content was extracted from the editor. Patches This...

CVE-2021-23841

The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if.....

CVE-2024-4082 Joli FAQ SEO – WordPress FAQ Plugin <= 1.3.2 - Cross-Site Request Forgery

The Joli FAQ SEO – WordPress FAQ Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.2. This is due to missing or incorrect nonce validation when saving settings. This makes it possible for unauthenticated attackers to change the...

fence-agents security update

An update is available for fence-agents. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The fence-agents packages provide a collection of scripts for handling.....

Important: tomcat security and bug fix update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. Security Fix(es): Apache Tomcat: HTTP/2 header handling DoS (CVE-2024-24549) Apache Tomcat: WebSocket DoS with incomplete closing handshake (CVE-2024-23672) Bug Fix(es) and Enhancement(s): Rebase...

varnish security update

An update is available for varnish. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Varnish Cache is a high-performance HTTP accelerator. It stores web pages in....

Rancher's Failure to delete orphaned role bindings does not revoke project level access from group based authentication

Impact This vulnerability only affects customers using group based authentication in Rancher versions up to and including 2.4.17, 2.5.11 and 2.6.2. When removing a Project Role associated to a group from a project, the bindings that grant access to cluster scoped resources for those subjects do...