Security
Headlines
HeadlinesLatestCVEs

Tag

#rce

GHSA-9895-26wr-4fgv: EZsystems Remote code execution in file uploads

This Security Advisory is about a vulnerability in the way eZ Platform and eZ Publish Legacy handles file uploads, which can in the worst case lead to remote code execution (RCE), a very serious threat. An attacker would need access to uploading files to be able to exploit the vulnerability, so if you have strict controls on this and trust all who have this permission, you're not affected. On the basis of the tests we have made, we also believe the vulnerability cannot be exploited as long as our recommended vhost configuration is used. Here is the v2.5 recommendation for Nginx, as an example: https://github.com/ezsystems/ezplatform/blob/2.5/doc/nginx/vhost.template#L31 This vhost template specifies that only the file app.php in the web root is executed, while vulnerable configurations allow execution of any php file. Apache is affected in the same way as Nginx, and is also protected by using the recommended configuration. The build-in webserver in PHP stays vulnerable, as it doesn't...

ghsa
#vulnerability#web#apache#git#php#rce#nginx
GHSA-64vj-933f-6pm3: eZ Platform Object Injection in SiteAccessMatchListener

This Security Advisory is about an object injection vulnerability in the SiteAccessMatchListener of eZ Platform, which could lead to remote code execution (RCE), a very serious threat. All sites may be affected. Update: There are bugs introduced by this fix, particularly but not limited to compound siteaccess matchers. These have been fixed in ezsystems/ezplatform-kernel v1.0.3, and in ezsystems/ezpublish-kernel v7.5.8, v6.13.6.4, and v5.4.15.

GHSA-3vwr-jj4f-h98x: eZ Publish Remote code execution in file uploads

This Security Advisory is about a vulnerability in the way eZ Platform and eZ Publish Legacy handles file uploads, which can in the worst case lead to remote code execution (RCE), a very serious threat. An attacker would need access to uploading files to be able to exploit the vulnerability, so if you have strict controls on this and trust all who have this permission, you're not affected. On the basis of the tests we have made, we also believe the vulnerability cannot be exploited as long as our recommended vhost configuration is used. Here is the v2.5 recommendation for Nginx, as an example: https://github.com/ezsystems/ezplatform/blob/2.5/doc/nginx/vhost.template#L31 This vhost template specifies that only the file app.php in the web root is executed, while vulnerable configurations allow execution of any php file. Apache is affected in the same way as Nginx, and is also protected by using the recommended configuration. The build-in webserver in PHP stays vulnerable, as it doesn't...

GHSA-2w9p-xxqr-h253: eZ Platform Object Injection in SiteAccessMatchListener

This Security Advisory is about an object injection vulnerability in the SiteAccessMatchListener of eZ Platform, which could lead to remote code execution (RCE), a very serious threat. All sites may be affected. Update: There are bugs introduced by this fix, particularly but not limited to compound siteaccess matchers. These have been fixed in ezsystems/ezplatform-kernel v1.0.3, and in ezsystems/ezpublish-kernel v7.5.8, v6.13.6.4, and v5.4.15.

GHSA-pgj4-g5j4-cmfx: cart2quote/module-quotation-encoded Remote Code Execution via downloadCustomOptionAction

cart2quote/module-quotation-encoded extension may expose a critical security vulnerability by utilizing the unserialize function when processing data from a GET request. This flaw, present in the app/code/community/Ophirah/Qquoteadv/controllers/DownloadController.php and app/code/community/Ophirah/Qquoteadv/Helper/Data.php files, poses a significant risk of Remote Code Execution, especially when custom file options are employed on a product. Attackers exploiting this vulnerability could execute arbitrary code remotely, leading to unauthorized access and potential compromise of sensitive data.

GHSA-77mv-mp2j-gxxh: pygmentize Remote Code Execution

pygmentize is prone to remote code execution due to an unsafe sanitazation of user input when passed to the `highlight` function.

Cacti 1.2.26 Remote Code Execution

Cacti versions 1.2.26 and below suffer from a remote code execution execution vulnerability in import.php.

Zope 5.9 Command Injection

Zope version 5.9 suffers from a command injection vulnerability in /utilities/mkwsgiinstance.py.

GHSA-7fcr-8qw6-92fr: Microsoft Security Advisory CVE-2024-30045 | .NET Remote code Execution Vulnerability

# Microsoft Security Advisory CVE-2024-30045 | .NET Remote code Execution Vulnerability ## <a name="executive-summary"></a>Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A Remote Code Execution vulnerability exists in .NET 7.0 and .NET 8.0 where a stack buffer overrun occurs in .NET Double Parse routine. ## Discussion Discussion for this issue can be found at https://github.com/dotnet/runtime/issues/102206 ## <a name="mitigation-factors"></a>Mitigation factors Microsoft has not identified any mitigating factors for this vulnerability. ## <a name="affected-software"></a>Affected software * Any .NET 7.0 application running on .NET 7.0.18 or earlier. * Any .NET 8.0 application running on .NET 8.0.4 or earlier. ## <a name="affected-packages"></a>Affected Packages The vulnerability affects...