#java

Cinema Booking System version 1.0 suffers from remote SQL injection and cross site request forgery vulnerabilities.

The malware known as GootLoader continues to be in active use by threat actors looking to deliver additional payloads to compromised hosts. "Updates to the GootLoader payload have resulted in several versions of GootLoader, with GootLoader 3 currently in active use," cybersecurity firm Cybereason said in an analysis published last week. "While some of the particulars of GootLoader payloads have

The supply chain attack targeting widely-used Polyfill[.]io JavaScript library is wider in scope than previously thought, with new findings from Censys showing that over 380,000 hosts are embedding a polyfill script linking to the malicious domain as of July 2, 2024. This includes references to "https://cdn.polyfill[.]io" or "https://cdn.polyfill[.]com" in their HTTP responses, the attack

308 different models of Sharp Multi-Function Printers (MFP) are vulnerable to 18 different vulnerabilities including remote code execution, local file inclusion, credential disclosure, and more.

Improper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apache Tomcat. When processing an HTTP/2 stream, Tomcat did not handle some cases of excessive HTTP headers correctly. This led to a miscounting of active HTTP/2 streams which in turn led to the use of an incorrect infinite timeout which allowed connections to remain open which should have been closed. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M20, from 10.1.0-M1 through 10.1.24, from 9.0.0-M1 through 9.0.89. Users are recommended to upgrade to version 11.0.0-M21, 10.1.25 or 9.0.90, which fixes the issue.

Ubuntu Security Notice 6862-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Lukas Bernhard discovered that Firefox did not properly manage memory during garbage collection. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code.

Red Hat Security Advisory 2024-4271-03 - Red Hat AMQ Broker 7.12.1 is now available from the Red Hat Customer Portal. Issues addressed include a denial of service vulnerability.

An unnamed South Korean enterprise resource planning (ERP) vendor's product update server has been found to be compromised to deliver a Go-based backdoor dubbed Xctdoor. The AhnLab Security Intelligence Center (ASEC), which identified the attack in May 2024, did not attribute it to a known threat actor or group, but noted that the tactics overlap with that of Andariel, a sub-cluster within the

GeoServer's Server Status page and REST API (at `/geoserver/rest/about/status`) lists *all* environment variables and Java properties to *any* GeoServer user with administrative rights as part of those modules' status message. These variables/properties can also contain sensitive information, such as database passwords or API keys/tokens, for example: * Data stores defined with [parameterized catalog settings][catalog] (`-DALLOW_ENV_PARAMETRIZATION=true`) which need a password or access key. * GeoServer's official Docker image [uses environment variables to configure PostgreSQL JNDI resources, including credentials][docker-jndi] (`POSTGRES_HOST`, `POSTGRES_USERNAME`, `POSTGRES_PASSWORD`) Additionally, many community-developed GeoServer container images `export` other credentials from their start-up scripts as environment variables to the GeoServer (`java`) process, such as: * GeoServer `admin` and master (`root`) passwords * Tomcat management application password * HTTPS/TLS cer...

A reflected Cross-Site Scripting (XSS) vulnerability was identified in zenml-io/zenml version 0.57.1. The vulnerability exists due to improper neutralization of input during web page generation, specifically within the survey redirect parameter. This flaw allows an attacker to redirect users to a specified URL after completing a survey, without proper validation of the 'redirect' parameter. Consequently, an attacker can execute arbitrary JavaScript code in the context of the user's browser session. This vulnerability could be exploited to steal cookies, potentially leading to account takeover.