Tag
#vulnerability
Ubuntu Security Notice 6746-1 - It was discovered that Google Guest Agent and Google OS Config Agent incorrectly handled certain JSON files. An attacker could possibly use this issue to cause a denial of service.
A remote SQL injection vulnerability exists in FortiNet FortiClient EMS (Endpoint Management Server) versions 7.2.0 through 7.2.2 and 7.0.1 through 7.0.10. FortiClient EMS serves as an endpoint management solution tailored for enterprises, offering a centralized platform for overseeing enrolled endpoints. The SQL injection vulnerability is due to user controller strings which can be sent directly into database queries. FcmDaemon.exe is the main service responsible for communicating with enrolled clients. By default it listens on port 8013 and communicates with FCTDas.exe which is responsible for translating requests and sending them to the database. In the message header of a specific request sent between the two services, the FCTUID parameter is vulnerable to SQL injection. It can be used to enable the xp_cmdshell which can then be used to obtain unauthenticated remote code execution in the context of NT AUTHORITY\SYSTEM. Upgrading to either 7.2.3, 7.0.11 or above is recommended by Fo...
Debian Linux Security Advisory 5672-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service or information disclosure.
GitKraken GitLens versions prior to 14.0.0 allow an untrusted workspace to execute git commands. A repo may include its own .git folder including a malicious config file to execute arbitrary code. Tested against VSCode 1.87.2 with GitLens 13.6.0 on Ubuntu 22.04 and Windows 10.
Ubuntu Security Notice 6728-3 - USN-6728-1 fixed vulnerabilities in Squid. The fix for CVE-2023-5824 caused Squid to crash in certain environments on Ubuntu 20.04 LTS and was disabled in USN-6728-2. The problematic fix for CVE-2023-5824 has now been corrected and reinstated in this update.
Ubuntu Security Notice 6743-2 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
Debian Linux Security Advisory 5671-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service or information disclosure.
A remote code execution vulnerability in Gambio online webshop versions 4.9.2.0 and below allows remote attackers to run arbitrary commands via an unauthenticated HTTP POST request. The identified vulnerability within Gambio pertains to an insecure deserialization flaw, which ultimately allows an attacker to execute remote code on affected systems. The insecure deserialization vulnerability in Gambio poses a significant risk to affected systems. As it allows remote code execution, adversaries could exploit this flaw to execute arbitrary commands, potentially resulting in complete system compromise, data exfiltration, or unauthorized access to sensitive information.
This Metasploit module exploits two vulnerabilities in Palo Alto Networks PAN-OS that allow an unauthenticated attacker to create arbitrarily named files and execute shell commands. Configuration requirements are PAN-OS with GlobalProtect Gateway or GlobalProtect Portal enabled and telemetry collection on (default). Multiple versions are affected. Payloads may take up to one hour to execute, depending on how often the telemetry service is set to run.
Ubuntu Security Notice 6744-2 - USN-6744-1 fixed a vulnerability in Pillow. This update provides the corresponding updates for Pillow in Ubuntu 20.04 LTS. Hugo van Kemenade discovered that Pillow was not properly performing bounds checks when processing an ICC file, which could lead to a buffer overflow. If a user or automated system were tricked into processing a specially crafted ICC file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code.