#rce

This Metasploit module chains a server side request forgery (SSRF) vulnerability (CVE-2024-21893) and a command injection vulnerability (CVE-2024-21887) to exploit vulnerable instances of either Ivanti Connect Secure or Ivanti Policy Secure, to achieve unauthenticated remote code execution. All currently supported versions 9.x and 22.x are vulnerable, prior to the vendor patch released on Feb 1, 2024. It is unknown if unsupported versions 8.x and below are also vulnerable.

Red Hat Security Advisory 2024-0845-03 - Red Hat OpenShift Container Platform release 4.13.34 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include denial of service and traversal vulnerabilities.

Red Hat Security Advisory 2024-0832-03 - Red Hat OpenShift Container Platform release 4.12.50 is now available with updates to packages and images that fix several bugs. Issues addressed include denial of service and traversal vulnerabilities.

While distilling risk down to a simple numerical score is helpful for many in the security space, it is also an imperfect system that can often leave out important context.

The `rquickjs` crate used by SurrealDB implements Rust bindings to the QuickJS C library and is used to execute SurrealDB scripting functions. The `rquickjs` function `Exception::throw_type` takes a string and returns an error object. Prior to version `0.4.2` of the crate, this string would be fed directly into `printf`, which will receive the error string as a format string with no additional arguments, leading to undefined behavior. This issue triggers when a SurrealDB scripting function returns an error and its input contains a format string such as `%s` or `%d`. This vulnerability can only affect SurrealDB servers explicitly enabling the scripting capability with `--allow-scripting` or `--allow-all` and equivalent environment variables `SURREAL_CAPS_ALLOW_SCRIPT=true` and `SURREAL_CAPS_ALLOW_ALL=true`. ### Impact An attacker with privileges to execute scripting functions with arbitrary inputs may be able to exploit this format string vulnerability in order read arbitrary memory...

Petrol Pump Management Software version 1.0 suffers from a remote shell upload vulnerability.

Red Hat Security Advisory 2024-0880-03 - Red Hat OpenShift Serverless 1.31.1 is now available. Issues addressed include denial of service and traversal vulnerabilities.

Red Hat Security Advisory 2024-0863-03 - An update for the gimp:2.8 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a buffer overflow vulnerability.

Red Hat Security Advisory 2024-0862-03 - An update for the gimp:2.8 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a buffer overflow vulnerability.

Red Hat Security Advisory 2024-0861-03 - An update for the gimp:2.8 module is now available for Red Hat Enterprise Linux 8. Issues addressed include a buffer overflow vulnerability.