Tag
#vulnerability
Red Hat Security Advisory 2024-9689-03 - An update for binutils is now available for Red Hat Enterprise Linux 8. Issues addressed include a buffer overflow vulnerability.
Red Hat Security Advisory 2024-9679-03 - An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include code execution, out of bounds read, and use-after-free vulnerabilities.
Red Hat Security Advisory 2024-9678-03 - An update for squid is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Issues addressed include a denial of service vulnerability.
Apple Security Advisory 11-19-2024-3 - iOS 18.1.1 and iPadOS 18.1.1 addresses code execution vulnerabilities.
Building on its broad security portfolio, Microsoft's new exposure management is now available in the Microsoft Defender portal, with third-party-connectors on the way.
In a first, Russia's APT28 hacking group appears to have remotely breached the Wi-Fi of an espionage target by hijacking a laptop in another building across the street.
Malware bypasses Microsoft Defender and 2FA, stealing $24K in cryptocurrency via a fake NFT game app. Learn how…
MITRE and CISA's 2024 list of the 25 most dangerous software weaknesses exposes the need for organizations to continue to invest in secure code.
### Summary A server side request forgery vuln was found within geonode when testing on a bug bounty program. Server side request forgery allows a user to request information on the internal service/services. ### Details The endpoint /proxy/?url= does not properly protect against SSRF. when using the following format you can request internal hosts and display data. /proxy/?url=http://169.254.169.254\@whitelistedIPhere. This will state wether the AWS internal IP is alive. If you get a 404, the host is alive. A non alive host will not display a response. To display metadata, use a hashfrag on the url /proxy/?url=http://169.254.169.254\@#whitelisteddomain.com or try /proxy/?url=http://169.254.169.254\@%23whitelisteddomain.com ### Impact Port scan internal hosts, and request information from internal hosts.
### Impact Flowise allows developers to inject configuration into the Chainflow during execution through the `overrideConfig` option. This is supported in both the frontend web integration and the backend Prediction API. This has a range of fundamental issues that are a **major** security vulnerability. While this feature is intentional, it should have strong protections added and be disabled by default. These issues include: 1. Remote code execution. While inside a sandbox this allows for 1. Sandbox escape 2. DoS by crashing the server 3. SSRF 2. Prompt Injection, both System and User 1. Full control over LLM prompts 2. Server variable and data exfiltration And many many more such as altering the flow of a conversation, prompt exfiltration via LLM proxying etc. These issues are self-targeted and do not persist to other users but do leave the server and business exposed. All issues are shown with the API but also work with the web embed. ### Workarounds - `overrideC...