Security
Headlines
HeadlinesLatestCVEs

Tag

#rce

Red Hat Security Advisory 2024-3354-03

Red Hat Security Advisory 2024-3354-03 - Red Hat Fuse 7.13.0 release is now available. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Issues addressed include HTTP request smuggling, bypass, denial of service, deserialization, and traversal vulnerabilities.

Packet Storm
#vulnerability#red_hat#dos#apache#js#java#rce#auth
AutomationDirect Productivity PLCs

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: AutomationDirect Equipment: Productivity PLCs Vulnerabilities: Buffer Access with Incorrect Length Value, Out-of-bounds Write, Stack-based Buffer Overflow, Improper Access Control, Active Debug Code, Insufficient Verification of Data Authenticity 2. RISK EVALUATION Successful exploitation of these vulnerabilities could lead to remote code execution and denial of service. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS AutomationDirect reports the following versions of Productivity PLCs are affected: Productivity 3000 P3-550E CPU: FW 1.2.10.9 Productivity 3000 P3-550E CPU: SW 4.1.1.10 Productivity 3000 P3-550 CPU: FW 1.2.10.9 Productivity 3000 P3-550 CPU: SW 4.1.1.10 Productivity 3000 P3-530 CPU: FW 1.2.10.9 Productivity 3000 P3-530 CPU: SW 4.1.1.10 Productivity 2000 P2-550 CPU: FW 1.2.10.10 Productivity 2000 P2-550 CPU: SW 4.1.1.10 Productivity 1000 P1-550 CPU: FW 1.2.10.10 Productivity ...

Ivanti Patches Critical Remote Code Execution Flaws in Endpoint Manager

Ivanti on Tuesday rolled out fixes to address multiple critical security flaws in Endpoint Manager (EPM) that could be exploited to achieve remote code execution under certain circumstances. Six of the 10 vulnerabilities – from CVE-2024-29822 through CVE-2024-29827 (CVSS scores: 9.6) – relate to SQL injection flaws that allow an unauthenticated attacker within the same network to

GHSA-wx24-vqrg-m6m5: VuFind Server-Side Request Forgery (SSRF) vulnerability

A Server-Side Request Forgery (SSRF) vulnerability in the /Upgrade/FixConfig route in Open Library Foundation VuFind 2.0 through 9.1 before 9.1.1 allows a remote attacker to overwrite local configuration files to gain access to the administrator panel and achieve Remote Code Execution. A mitigating factor is that it requires the allow_url_include PHP runtime setting to be on, which is off in default installations. It also requires the /Upgrade route to be exposed, which is exposed by default after installing VuFind, and is recommended to be disabled by setting autoConfigure to false in config.ini.

AVideo WWBNIndex Plugin Unauthenticated Remote Code Execution

This Metasploit module exploits an unauthenticated remote code execution vulnerability in the WWBNIndex plugin of the AVideo platform. The vulnerability exists within the submitIndex.php file, where user-supplied input is passed directly to the require() function without proper sanitization. By exploiting this, an attacker can leverage the PHP filter chaining technique to execute arbitrary PHP code on the server. This allows for the execution of commands and control over the affected system. The exploit is particularly dangerous because it does not require authentication, making it possible for any remote attacker to exploit this vulnerability.

GHSA-jqff-8g2v-642h: NASA AIT-Core vulnerable to remote code execution

An issue in the Pickle Python library of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary commands.

GHSA-83jv-4prm-34g7: Shopware Remote Code Execution Vulnerability

Under certain circumstances it is possible to execute an authorized foreign code in Shopware version prior to 5.2.25.

GHSA-7336-ghhp-f2qj: Shopware Remote Code Execution Vulnerability

Under certain circumstances, it’s possible to execute an unauthorized foreign code in Shopware in versions prior to 5.2.16. One possible threat is if a template that doesn’t derive from the Shopware standard has been completely copied. Themes or plugins that execute or overwrite the following template code are vulnerable. - Affected file: emotion.tpl Path template file "Emotion template": templates / _default / frontend / forms / elements.tpl Path template file "Responsive template": themes/Frontend/Bare/frontend/forms/elements.tpl The complete line beginning with: `{eval var=$sSupport.sFields[$sKey]...` should be exchanged with the following: ``` {$sSupport.sFields[$sKey]|replace:'{literal}':''|replace:'{/literal}':''|replace:'%*%':"{s name='RequiredField' namespace='frontend/register/index'}{/s}"} ```

GHSA-q3g4-2vw9-xv27: Shopware Remote Code Execution Vulnerability

Under certain circumstances, it’s possible to execute an unauthorized foreign code in Shopware. This is a critical security vulnerability that could affect the entire system. All Shopware versions including Shopware 5.2.14 are affected.

NextGen Healthcare Mirth Connect Under Attack - CISA Issues Urgent Warning

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a security flaw impacting NextGen Healthcare Mirth Connect to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The flaw, tracked as CVE-2023-43208 (CVSS score: N/A), concerns a case of unauthenticated remote code execution arising from an incomplete