Red Hat Security Advisory 2024-1706-03

Red Hat Security Advisory 2024-1706-03 - An update for Red Hat Build of Apache Camel 4.0 for Quarkus 3.2 is now available. Red Hat Product Security has rated this update as having a security impact of Important. The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products. Issues addressed include denial of service and memory leak vulnerabilities.

Red Hat Security Advisory 2024-1700-03

Red Hat Security Advisory 2024-1700-03 - An update is now available for Red Hat OpenShift GitOps v1.10.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section. Issues addressed include bypass and denial of service vulnerabilities.

Ubuntu Security Notice USN-6723-1

Ubuntu Security Notice 6723-1 - Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered that Bind incorrectly handled validating DNSSEC messages. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. It was discovered that Bind incorrectly handled preparing an NSEC3 closest encloser proof. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service.

Red Hat Security Advisory 2024-1697-03

Red Hat Security Advisory 2024-1697-03 - An update is now available for Red Hat OpenShift GitOps v1.11.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section. Issues addressed include bypass and denial of service vulnerabilities.

[webapps] Wordpress Theme Travelscape v1.0.3 - Arbitrary File Upload

Wordpress Theme Travelscape v1.0.3 - Arbitrary File Upload

[webapps] Daily Expense Manager 1.0 - 'term' SQLi

Daily Expense Manager 1.0 - 'term' SQLi

[webapps] Human Resource Management System v1.0 - Multiple SQLi

Human Resource Management System v1.0 - Multiple SQLi

[webapps] Best Student Result Management System v1.0 - Multiple SQLi

Best Student Result Management System v1.0 - Multiple SQLi

[remote] Positron Broadcast Signal Processor TRA7005 v1.20 - Authentication Bypass

Positron Broadcast Signal Processor TRA7005 v1.20 - Authentication Bypass

[webapps] Open Source Medicine Ordering System v1.0 - SQLi

Open Source Medicine Ordering System v1.0 - SQLi

[local] AnyDesk 7.0.15 - Unquoted Service Path

AnyDesk 7.0.15 - Unquoted Service Path

Red Hat Security Advisory 2024-1692-03

Red Hat Security Advisory 2024-1692-03 - An update for less is now available for Red Hat Enterprise Linux 9.

Red Hat Security Advisory 2024-1691-03

Red Hat Security Advisory 2024-1691-03 - An update for varnish is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2024-1687-03

Red Hat Security Advisory 2024-1687-03 - An update for the nodejs:20 module is now available for Red Hat Enterprise Linux 8. Issues addressed include bypass, denial of service, privilege escalation, and traversal vulnerabilities.

Red Hat Security Advisory 2024-1688-03

Red Hat Security Advisory 2024-1688-03 - An update for the nodejs:20 module is now available for Red Hat Enterprise Linux 9. Issues addressed include bypass, denial of service, privilege escalation, and traversal vulnerabilities.

Red Hat Security Advisory 2024-1689-03

Red Hat Security Advisory 2024-1689-03 - An update for rh-varnish6-varnish is now available for Red Hat Software Collections. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2024-1690-03

Red Hat Security Advisory 2024-1690-03 - An update for varnish is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2024-1679-03

Red Hat Security Advisory 2024-1679-03 - Red Hat OpenShift Container Platform release 4.12.55 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2024-1681-03

Red Hat Security Advisory 2024-1681-03 - Red Hat OpenShift Container Platform release 4.14.20 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2024-1683-03

Red Hat Security Advisory 2024-1683-03 - Red Hat OpenShift Container Platform release 4.13.39 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2024-1668-03

Red Hat Security Advisory 2024-1668-03 - Red Hat OpenShift Container Platform release 4.15.8 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.

Ubuntu Security Notice USN-6721-1

Ubuntu Security Notice 6721-1 - It was discovered that X.Org X Server incorrectly handled certain data. An attacker could possibly use this issue to expose sensitive information. It was discovered that X.Org X Server incorrectly handled certain glyphs. An attacker could possibly use this issue to cause a crash or expose sensitive information.

Debian Security Advisory 5655-1

Debian Linux Security Advisory 5655-1 - It was discovered that Cockpit, a web console for Linux servers, was susceptible to arbitrary command execution if an administrative user was tricked into opening an sosreport file with a malformed filename.

Red Hat Security Advisory 2024-1677-03

Red Hat Security Advisory 2024-1677-03 - An update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Issues addressed include memory exhaustion and spoofing vulnerabilities.

Red Hat Security Advisory 2024-1678-03

Red Hat Security Advisory 2024-1678-03 - An update for nodejs is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2024-1686-03

Red Hat Security Advisory 2024-1686-03 - A new image is available for Red Hat Single Sign-On 7.6.7, running on OpenShift Container Platform 3.10 and 3.11, and 4.3. Issues addressed include an information leakage vulnerability.

CVE-2024-30922: SQL Injection in DerbyNet v9.0 via print/render/award.inc

Posted by Valentin Lobstein via Fulldisclosure on Apr 05

CVE ID: CVE-2024-30922

Description:
A SQL Injection vulnerability has been identified in DerbyNet version 9.0, specifically affecting the 'where' clause in
Award Document Rendering through the component `print/render/award.inc`. This vulnerability allows remote attackers to
execute arbitrary code and disclose sensitive information without requiring authentication.

Vulnerability Type: SQL Injection

Vendor of Product: DerbyNet -...

CVE-2024-30923: SQL Injection in DerbyNet v9.0 via print/render/racer.inc

Posted by Valentin Lobstein via Fulldisclosure on Apr 05

CVE ID: CVE-2024-30923

Description:
An SQL Injection vulnerability has been discovered in DerbyNet version 9.0, specifically within the
`print/render/racer.inc` component. This vulnerability allows remote attackers to execute arbitrary code and disclose
sensitive information by exploiting improper sanitization of the `where` clause in Racer Document Rendering.

Vulnerability Type: SQL Injection

Vendor of Product: DerbyNet - Available on...

CVE-2024-30924: XSS Vulnerability in DerbyNet v9.0 via checkin.php

Posted by Valentin Lobstein via Fulldisclosure on Apr 05

CVE ID: CVE-2024-30924

Description:
A Cross Site Scripting (XSS) vulnerability has been identified in DerbyNet version 9.0, specifically within the
`checkin.php` component. This vulnerability allows remote attackers to execute arbitrary code due to improper handling
of the `order` URL parameter. The flaw lies in the way the `order` parameter is embedded directly into a JavaScript
variable assignment without adequate sanitization or encoding,...

CVE-2024-30925: XSS Vulnerability in DerbyNet v9.0 via photo-thumbs.php

Posted by Valentin Lobstein via Fulldisclosure on Apr 05

CVE ID: CVE-2024-30925

Description:
A Cross-Site Scripting (XSS) vulnerability exists in DerbyNet version 9.0, specifically within the `photo-thumbs.php`
component. This issue enables a remote attacker to execute arbitrary code through the improper handling of the
`racerid` and `back` parameters. The vulnerability arises because the application dynamically generates URLs for
navigation without adequately sanitizing these parameters, thus...

CVE-2024-30926: XSS Vulnerability in DerbyNet v9.0 via ./inc/kiosks.inc

Posted by Valentin Lobstein via Fulldisclosure on Apr 05

CVE ID: CVE-2024-30926

Description:
A Cross-Site Scripting (XSS) vulnerability has been identified in DerbyNet version 9.0, affecting the
`./inc/kiosks.inc` component. This vulnerability permits remote attackers to execute arbitrary code by exploiting the
`address_for_current_kiosk()` function. The issue stems from the improper sanitization of user-supplied input via the
URL parameters `id` and `address`, which are directly utilized without...

CVE-2024-30927: XSS Vulnerability in DerbyNet v9.0 via racer-results.php

Posted by Valentin Lobstein via Fulldisclosure on Apr 05

CVE ID: CVE-2024-30927

Description:
A Cross-Site Scripting (XSS) vulnerability is present in DerbyNet version 9.0, specifically within the
`racer-results.php` component. This issue allows remote attackers to execute arbitrary code through the improper
handling of the `racerid` parameter. The vulnerability is notably present within the HTML `<title>` tag, where the
`racerid` parameter value is dynamically inserted directly into the page...

CVE-2024-30928: SQL Injection Vulnerability in DerbyNet v9.0 via 'classids' Parameter

Posted by Valentin Lobstein via Fulldisclosure on Apr 05

CVE ID: CVE-2024-30928

Description:
An SQL Injection vulnerability has been discovered in DerbyNet version 9.0, particularly within the
`ajax/query.slide.next.inc` file. This vulnerability allows remote attackers to execute arbitrary code and disclose
sensitive information by exploiting the unvalidated `classids` parameter used in constructing SQL queries. This
parameter is not properly sanitized before being included in the SQL statement,...

CVE-2024-30929: XSS Vulnerability in DerbyNet v9.0 via 'back' Parameter in playlist.php

Posted by Valentin Lobstein via Fulldisclosure on Apr 05

CVE ID: CVE-2024-30929

Description:
A Cross-Site Scripting (XSS) vulnerability has been found in DerbyNet version 9.0, affecting the `playlist.php`
component. This issue allows remote attackers to execute arbitrary code by exploiting the `back` parameter. The
application does not properly sanitize the `back` parameter before it is rendered on the page, thereby allowing the
injection and execution of arbitrary JavaScript code.

Vulnerability...

[CFP] IEEE CSR Workshop on Cyber Forensics& Advanced Threat Investigations in Emerging Technologies 2024

Posted by Andrew Zayine on Apr 05

Dear Colleagues,

IEEE CSR Workshop on Cyber Forensics and Advanced Threat Investigations in
Emerging Technologies organizing committee is inviting you to submit your
research papers. The workshop will be held in Hybrid mode. The in-person
mode will held at Hilton London Tower Bridge, London from 2 to 4 September
2024

Topics include (but not limited to):
-Forensics and threat investigations in P2P, cloud/edge, SDN/NFV, VPN, and
social networks...

Backdoor.Win32.Agent.ju (PSYRAT) / Authentication Bypass RCE

Posted by malvuln on Apr 05

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/0e6e40aad3e8d46e3c0c26ccc6ab94b3.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Agent.ju (PSYRAT)
Vulnerability: Authentication Bypass RCE
Family: PSYRAT
Type: PE32
MD5: 0e6e40aad3e8d46e3c0c26ccc6ab94b3
Vuln ID: MVID-2024-0677
Disclosure: 04/01/2024

Description: The PsyRAT 0.01 malware listens on...

CVE-2024-30921: Unauthenticated XSS Vulnerability in DerbyNet v9.0 via photo.php

Posted by Valentin Lobstein via Fulldisclosure on Apr 05

CVE ID: CVE-2024-30921

Description:
A Cross-Site Scripting (XSS) vulnerability has been identified in DerbyNet version 9.0, specifically affecting the
photo.php component. This vulnerability allows remote attackers to execute arbitrary code via crafted URLs, without
requiring authentication.

Vulnerability Type: Cross-Site Scripting (XSS)

Vendor of Product: DerbyNet - Available on GitHub: https://github.com/jeffpiazza/derbynet

Affected...

SCHUTZWERK-SA-2023-006: Arbitrary File Read via XML External Entities in Visual Planning

Posted by Lennert Preuth via Fulldisclosure on Apr 05

Title
=====

SCHUTZWERK-SA-2023-006: Arbitrary File Read via XML External Entities in
Visual Planning

Status
======

PUBLISHED

Version
=======

1.0

CVE reference
=============

CVE-2023-49234

Link
====

https://www.schutzwerk.com/advisories/schutzwerk-sa-2023-006/

Text-only version:
https://www.schutzwerk.com/advisories/SCHUTZWERK-SA-2023-006.txt

Affected products/vendor
========================

All versions prior to Visual Planning 8...

SCHUTZWERK-SA-2023-004: Authentication Bypass via Password Reset Functionality in Visual Planning

Posted by Lennert Preuth via Fulldisclosure on Apr 05

Title
=====

SCHUTZWERK-SA-2023-004: Authentication Bypass via Password Reset
Functionality in Visual Planning

Status
======

PUBLISHED

Version
=======

1.0

CVE reference
=============

CVE-2023-49232

Link
====

https://www.schutzwerk.com/advisories/schutzwerk-sa-2023-004/

Text-only version:
https://www.schutzwerk.com/advisories/SCHUTZWERK-SA-2023-004.txt

Affected products/vendor
========================

All versions prior to Visual...

CVE-2024-30920: XSS Vulnerability in DerbyNet v9.0 via render-document.php

Posted by Valentin Lobstein via Fulldisclosure on Apr 05

CVE ID: CVE-2024-30920

Description:
A Cross Site Scripting (XSS) vulnerability has been identified in DerbyNet v9.0, specifically within the
`render-document.php` component. This vulnerability allows a remote attacker to execute arbitrary code via crafted
URLs. The root cause of the vulnerability is the application's failure to properly sanitize user input in document
rendering paths, which permits the injection of malicious scripts....

SCHUTZWERK-SA-2023-003: Authentication Bypass in Visual Planning REST API

Posted by Lennert Preuth via Fulldisclosure on Apr 05

Title
=====

SCHUTZWERK-SA-2023-003: Authentication Bypass in Visual Planning REST API

Status
======

PUBLISHED

Version
=======

1.0

CVE reference
=============

CVE-2023-49231

Link
====

https://www.schutzwerk.com/advisories/schutzwerk-sa-2023-003/

Text-only version:
https://www.schutzwerk.com/advisories/SCHUTZWERK-SA-2023-003.txt

Affected products/vendor
========================

All versions prior to Visual Planning 8 (Build 240207) by...

Debian Security Advisory 5654-1

Debian Linux Security Advisory 5654-1 - Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Ubuntu Security Notice USN-6710-2

Ubuntu Security Notice 6710-2 - USN-6710-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Manfred Paul discovered that Firefox did not properly perform bounds checking during range analysis, leading to an out-of-bounds write vulnerability. A attacker could use this to cause a denial of service, or execute arbitrary code. Manfred Paul discovered that Firefox incorrectly handled MessageManager listeners under certain circumstances. An attacker who was able to inject an event handler into a privileged object may have been able to execute arbitrary code.

Red Hat Security Advisory 2024-1649-03

Red Hat Security Advisory 2024-1649-03 - An update for postgresql-jdbc is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

Red Hat Security Advisory 2024-1653-03

Red Hat Security Advisory 2024-1653-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2024-1662-03

Red Hat Security Advisory 2024-1662-03 - An update is now available for Red Hat build of Quarkus. Issues addressed include denial of service, information leakage, and memory leak vulnerabilities.

Red Hat Security Advisory 2024-1648-03

Red Hat Security Advisory 2024-1648-03 - An update for bind9.16 is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.

Red Hat Security Advisory 2024-1644-03

Red Hat Security Advisory 2024-1644-03 - An update for grafana-pcp is now available for Red Hat Enterprise Linux 8. Issues addressed include a memory leak vulnerability.

Red Hat Security Advisory 2024-1646-03

Red Hat Security Advisory 2024-1646-03 - An update for grafana is now available for Red Hat Enterprise Linux 8. Issues addressed include a memory leak vulnerability.

Red Hat Security Advisory 2024-1647-03

Red Hat Security Advisory 2024-1647-03 - An update for bind9.16 is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.

Red Hat Security Advisory 2024-1643-03

Red Hat Security Advisory 2024-1643-03 - An update for.NET 7.0 is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2024-1641-03

Red Hat Security Advisory 2024-1641-03 - An update for.NET 7.0 is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2024-1572-03

Red Hat Security Advisory 2024-1572-03 - Red Hat OpenShift Container Platform release 4.12.54 is now available with updates to packages and images that fix several bugs and add enhancements.

Red Hat Security Advisory 2024-1574-03

Red Hat Security Advisory 2024-1574-03 - Red Hat OpenShift Container Platform release 4.12.54 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a memory leak vulnerability.

Red Hat Security Advisory 2024-1614-03

Red Hat Security Advisory 2024-1614-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Issues addressed include code execution, null pointer, privilege escalation, and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-1615-03

Red Hat Security Advisory 2024-1615-03 - An update for expat is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2024-1640-03

Red Hat Security Advisory 2024-1640-03 - An update is now available for Red Hat Ansible Automation Platform 2.4. Issues addressed include HTTP request smuggling, denial of service, local file inclusion, memory leak, and traversal vulnerabilities.

Red Hat Security Advisory 2024-1563-03

Red Hat Security Advisory 2024-1563-03 - Red Hat OpenShift Container Platform release 4.15.6 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a memory leak vulnerability.

Red Hat Security Advisory 2024-1495-03

Red Hat Security Advisory 2024-1495-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-1498-03

Red Hat Security Advisory 2024-1498-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 7. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.