Tomas | Docs | FAQ | Premium Support Security Vulnerabilities

INE Security Enables CISOs to Secure Board Support for Cybersecurity Training

By Cyber Newswire Cary, United States, 28th May 2024, CyberNewsWire This is a post from HackRead.com Read the original post: INE Security Enables CISOs to Secure Board Support for Cybersecurity...

INE Security Enables CISOs to Secure Board Support for Cybersecurity Training

By Cyber Newswire Cary, United States, 28th May 2024, CyberNewsWire This is a post from HackRead.com Read the original post: INE Security Enables CISOs to Secure Board Support for Cybersecurity...

Security Bulletin: Vulnerabilities in Apache Tomcat affect IBM SAN Volume Controller, IBM Storwize, IBM Storage Virtualize and IBM FlashSystem products

Summary Vulnerabilities in Apache Tomcat affect the product's management GUI, potentially allowing denial of service. The Command Line Interface is unaffected. CVE-2024-23672, CVE-2024-24549. Vulnerability Details ** CVEID: CVE-2024-23672 DESCRIPTION: **Apache Tomcat is vulnerable to a denial of...

Friday Squid Blogging: Emotional Support Squid

When asked what makes this an "emotional support squid" and not just another stuffed animal, its creator says: They're emotional support squid because they're large, and cuddly, but also cheerfully bright and derpy. They make great neck pillows (and you can fidget with the arms and tentacles) for.....

K000139611: NGINX HTTP/3 QUIC vulnerability CVE-2024-31079

Security Advisory Description When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate or cause other potential impact. This attack requires that a request be specifically timed during the connection...

Security Bulletin: IBM DataPower Gateway is vulnerable to denial of service due to Golang Go

Summary IBM DataPower Gateway is vulnerable to denial of service due to use of Golang Go in DataPower Operator and Prometheus Metrics . (CVE-2024-24783) Vulnerability Details ** CVEID: CVE-2024-24783 DESCRIPTION: **Golang Go is vulnerable to a denial of service, caused by a flaw in the...

CVE-2024-26992 KVM: x86/pmu: Disable support for adaptive PEBS

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/pmu: Disable support for adaptive PEBS Drop support for virtualizing adaptive PEBS, as KVM's implementation is architecturally broken without an obvious/easy path forward, and because exposing adaptive PEBS can leak host.....

python-jinja2 security update

[2.10.1-4] - Security fix for CVE-2024-22195 Resolves: RHEL-21347 [2.10.1-3] - Fix CVE-2020-28493: ReDOS vulnerability due to the sub-pattern Resolves: rhbz#1928707 [2.10.1-2] - Rebuild of package to go through gating - Resolves: rhbz#1701301 [2.10.1-1] - Rebase to 2.10.1 (security update) to fix.....

CVE-2024-0326

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Link Wrapper functionality in all versions up to, and including, 4.10.17 due to insufficient input sanitization and output escaping on user supplied links. This makes it possible for....

CVE-2023-51401 WordPress Ultimate Addons for Beaver Builder Premium plugin <= 1.35.13 - Limited Arbitrary File Download vulnerability

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Brainstorm Force Ultimate Addons for Beaver Builder allows Relative Path Traversal.This issue affects Ultimate Addons for Beaver Builder: from n/a through...

(RHSA-2024:2778) Important: nodejs:20 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix(es): c-ares: Out of bounds read in ares__read_line() (CVE-2024-25629) nghttp2: CONTINUATION frames DoS (CVE-2024-28182) nodejs: using the...

Security Bulletin: Vulnerabilities in Linux components affect IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary Vulnerabilities in libssh, nginx and nghttp2 affect IBM Storage Virtualize products and could cause denial of service and bypassing of authentication. CVE-2023-44487, CVE-2023-1667, CVE-2023-2283. Vulnerability Details ** CVEID: CVE-2023-44487 DESCRIPTION: **Multiple vendors are...

Security Bulletin: Vulnerabilities in Transparent Cloud Tiering affect IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary Vulnerabilities in netty-codec-http2 and commons-compress affect the Transparent Cloud Tiering function in IBM Storage Virtualize products. CVE-2023-44487, CVE-2024-25710, CVE-2024-26308. Most systems do not have Transparent Cloud Tiering configured. You can confirm by running the...

Exploit for Code Injection in Apache Airflow

Apache Airflow &lt; 2.4.0 RCE (CVE-2022-40127) **PoC for...

Medium: openssl11

Issue Overview: Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem.....

CVE-2023-22500

GLPI is a Free Asset and IT Management Software package. Versions 10.0.0 and above, prior to 10.0.6 are vulnerable to Incorrect Authorization. This vulnerability allow unauthorized access to inventory files. Thus, if anonymous access to FAQ is allowed, inventory files are accessbile by...

CVE-2024-37150 Private npm registry support used scope auth token for downloading tarballs

An issue in .npmrc support in Deno 1.44.0 was discovered where Deno would send .npmrc credentials for the scope to the tarball URL when the registry provided URLs for a tarball on a different domain. All users relying on .npmrc are potentially affected by this vulnerability if their private...

Important Photon OS Security Update - PHSA-2024-3.0-0753

Updates of ['linux-secure', 'linux-esx', 'sssd', 'linux-aws', 'linux', 'linux-rt'] packages of Photon OS have been...

CVE-2024-37150 Private npm registry support used scope auth token for downloading tarballs

An issue in .npmrc support in Deno 1.44.0 was discovered where Deno would send .npmrc credentials for the scope to the tarball URL when the registry provided URLs for a tarball on a different domain. All users relying on .npmrc are potentially affected by this vulnerability if their private...

CVE-2021-23840 Integer overflow in CipherUpdate

Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating...

Security Bulletin: IBM App Connect Enterprise Certified Container is vulnerable to an authenticated user accessing sensitive information [CVE-2024-31893 CVE-2024-31894 CVE-2024-31895]

Summary IBM App Connect Enterprise Certified Container Designer flows that use the calendly, square or docusign connector are vulnerable to loss of confidentiality when an access token expires and is refreshed. This bulletin provides patch information to address the reported vulnerability in the...

Exploit for Code Injection in Apache Airflow

Apache Airflow &lt; 2.4.0 RCE (CVE-2022-40127) **PoC for...

libvirt bug fix update

An update is available for libvirt. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libvirt library contains a C API for managing and interacting with the...

BIT-grafana-2022-35957

Grafana is an open-source platform for monitoring and observability. Versions prior to 9.1.6 and 8.5.13 are vulnerable to an escalation from admin to server admin when auth proxy is used, allowing an admin to take over the server admin account and gain full control of the grafana instance. All...

CVE-2021-23840

Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating...

CVE-2023-42503

Improper Input Validation, Uncontrolled Resource Consumption vulnerability in Apache Commons Compress in TAR parsing.This issue affects Apache Commons Compress: from 1.22 before 1.24.0. Users are recommended to upgrade to version 1.24.0, which fixes the issue. A third party can create a malformed.....

CVE-2023-41805

Missing Authorization vulnerability in Brainstorm Force Premium Starter Templates, Brainstorm Force Starter Templates astra-sites.This issue affects Premium Starter Templates: from n/a through 3.2.5; Starter Templates: from n/a through...

CVE-2023-41805 Broken Access Control vulnerability in multiple Brainstorm Force plugins

Missing Authorization vulnerability in Brainstorm Force Premium Starter Templates, Brainstorm Force Starter Templates astra-sites.This issue affects Premium Starter Templates: from n/a through 3.2.5; Starter Templates: from n/a through...

CVE-2022-35957

Grafana is an open-source platform for monitoring and observability. Versions prior to 9.1.6 and 8.5.13 are vulnerable to an escalation from admin to server admin when auth proxy is used, allowing an admin to take over the server admin account and gain full control of the grafana instance. All...

CVE-2024-4376 Premium Addons for Elementor <= 4.10.31 - Authenticated (Contributor+) Stored Cross-Site Scripting via Fancy Text Widget

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Fancy Text widget in all versions up to, and including, 4.10.31 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

Horde/Horde Groupware - Local File Inclusion

Horde before 3.2.4 and 3.3.3 and Horde Groupware before 1.1.5 are susceptible to local file inclusion in framework/Image/Image.php because it allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the Horde_Image driver...

CVE-2024-32136

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Xenioushk BWL Advanced FAQ Manager.This issue affects BWL Advanced FAQ Manager: from n/a through...

CVE-2024-24989

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed requests can cause NGINX worker processes to terminate. Note: The HTTP/3 QUIC module is not enabled by default and is considered experimental. For more information, refer to Support for QUIC and HTTP/3...

CVE-2024-24989

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed requests can cause NGINX worker processes to terminate. Note: The HTTP/3 QUIC module is not enabled by default and is considered experimental. For more information, refer to Support for QUIC and HTTP/3...

CVE-2024-24990

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed requests can cause NGINX worker processes to terminate. Note: The HTTP/3 QUIC module is not enabled by default and is considered experimental. For more information, refer to Support for QUIC and HTTP/3...

nodejs:18 security update

An update is available for nodejs-packaging, module.nodejs-nodemon, module.nodejs-packaging, nodejs-nodemon. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list...

Virtuozzo 6 : libssh2 / libssh2-devel / libssh2-docs (VZLSA-2019-1652)

An update for libssh2 is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from.....

CVE-2024-2399

The Premium Addons PRO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 4.10.23 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers....

Security Bulletin: IBM OpenPages is affected by multiple security vulnerabilities of DB2 Database Server (April 2024)

Summary IBM® Db2® Database Server is shipped as a supporting program of IBM OpenPages. Information about security vulnerabilities affecting IBM Db2 Database Server has been published in multiple security bulletins. Vulnerability Details Refer to the security bulletin(s) listed in the...

CVE-2024-24990

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed requests can cause NGINX worker processes to terminate. Note: The HTTP/3 QUIC module is not enabled by default and is considered experimental. For more information, refer to Support for QUIC and HTTP/3...

CVE-2023-28775

Missing Authorization vulnerability in Yoast Yoast SEO Premium.This issue affects Yoast SEO Premium: from n/a through...

[SECURITY] [DSA 5690-1] libreoffice security update

Debian Security Advisory DSA-5690-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 15, 2024 https://www.debian.org/security/faq Package : libreoffice CVE ID : CVE-2024-3044 Amel...

OpenSSL 1.0.2 < 1.0.2y Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 1.0.2y. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.0.2y advisory. The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and...

Security Bulletin: Spring vulnerability in embedded components may affect IBM Business Automation Workflow - CVE-2024-22243

Summary IBM Business Automation Workflow is vulnerable to a open redirect attack. Vulnerability Details ** CVEID: CVE-2024-22243 DESCRIPTION: **VMware Tanzu Spring Framework could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability when using...

gcc bug fix and enhancement update

An update is available for gcc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 9.4...

EmbedPress Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor < 3.9.17 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter

Description The EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 3.9.16 due to...

Exploit for Code Injection in Apache Commons Text

CVE-2022-42889-PoC Proof of Concept for CVE-2022-42889...

CVE-2024-4379 Premium Addons for Elementor <= 4.10.31 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Global Tooltip

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Global Tooltip widget in all versions up to, and including, 4.10.31 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for....

Security Bulletin: Vulnerabilities in IBM Java affect IBM SAN Volume Controller, IBM Storwize, IBM Storage Virtualize and IBM FlashSystem products

Summary Vulnerabilities in IBM® Runtime Environment Java™ Technology Edition affects the product's management GUI. The Command Line Interface is unaffected. CVE-2024-20952, CVE-2024-20918, CVE-2024-20921, CVE-2024-20919, CVE-2024-20926, CVE-2024-20945, CVE-2023-33850. Vulnerability Details **...

Dokan Pro <= 3.10.3 - SQL Injection

The Dokan Pro plugin for WordPress is vulnerable to SQL Injection via the 'code' parameter in all versions up to, and including, 3.10.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...