Security
Headlines
HeadlinesLatestCVEs

Tag

#ssh

CVE-2023-47174: Java Deserialization RCE · SFTP Gateway Support

Thorn SFTP gateway 3.4.x before 3.4.4 uses Pivotal Spring Framework for Java deserialization of untrusted data, which is not supported by Pivotal, a related issue to CVE-2016-1000027. Also, within the specific context of Thorn SFTP gateway, this leads to remote code execution.

CVE
Open in Source
#vulnerability#web#java#rce#ssh
CVE-2023-46864: Path Traversal - Arbitrary File Download · Issue #171 · Peppermint-Lab/peppermint

Peppermint Ticket Management through 0.2.4 allows remote attackers to read arbitrary files via a /api/v1/ticket/1/file/download?filepath=../ POST request.

CVE-2021-33638: add bind mount file lock · Pull Request !627 · src-openEuler/iSulad - Gitee.com

When the isula cp command is used to copy files from a container to a host machine and the container is controlled by an attacker, the attacker can escape the container.

CVE-2021-33634: set env to avoid invoke lxc binary directly · Pull Request !251 · src-openEuler/lcr - Gitee.com

iSulad uses the lcr+lxc runtime (default) to run malicious images, which can cause DOS.

CVE-2023-35794: GitHub - Dodge-MPTC/CVE-2023-35794-WebSSH-Hijacking: Repository contains description for CVE-2023-35794 discovered by Dodge Industrial Team for Dodge OPTIFY platfrom.

An issue was discovered in Cassia Access Controller 2.1.1.2303271039. The Web SSH terminal endpoint (spawned console) can be accessed without authentication. Specifically, there is no session cookie validation on the Access Controller; instead, there is only Basic Authentication to the SSH console.

Gentoo Linux Security Advisory 202310-15

Gentoo Linux Security Advisory 202310-15 - A vulnerability has been discovered in usbview where certain users can trigger a privilege escalation. Versions greater than or equal to 2.2 are affected.

Complex Spy Platform StripedFly Bites 1M Victims

Sophisticated Windows and Linux malware for stealing data and conducting cyber espionage has flown under the radar, disguised as a cryptominer.

GHSA-35j5-m29r-xfq5: XWiki Rendering's footnote macro vulnerable to privilege escalation via the footnote macro

### Impact The footnote macro executed its content in a potentially different context than the one in which it was defined. In particular in combination with the include macro, this allows privilege escalation from a simple user account in XWiki to programming rights and thus remote code execution, impacting the confidentiality, integrity and availability of the whole XWiki installation. To reproduce, perform the following steps: 1. Edit your user profile with the object editor and add an object of type DocumentSheetBinding with value XWiki.ClassSheet 2. Edit your user profile with the wiki editor and add the syntax `{{footnote}}{{groovy}}println("Hello " + "from groovy!"){{/groovy}}{{/footnote}}` When the text "Hello from groovy!" is displayed at the bottom of the document, the installation is vulnerable. Instead, an error should be displayed. ### Patches This vulnerability has been patched in XWiki 14.10.6 and 15.1-rc-1. ### Workarounds There is no workaround apart from upgradi...