Security
Headlines
HeadlinesLatestCVEs

Tag

#vulnerability

GHSA-4rmg-292m-wg3w: Smarty vulnerable to PHP Code Injection by malicious attribute in extends-tag

### Impact Template authors could inject php code by choosing a malicous file name for an extends-tag. Users that cannot fully trust template authors should update asap. ### Patches Please upgrade to the most recent version of Smarty v4 or v5. There is no patch for v3.

ghsa
#vulnerability#git#php#auth#sap
GHSA-qmjf-wc2h-6x3q: Nautobot dynamic-group-members doesn't enforce permission restrictions on member objects

### Impact _What kind of vulnerability is it? Who is impacted?_ A user with permissions to view Dynamic Group records (`extras.view_dynamicgroup` permission) can use the Dynamic Group detail UI view (`/extras/dynamic-groups/<uuid>/`) and/or the members REST API view (`/api/extras/dynamic-groups/<uuid>/members/`) to list the objects that are members of a given Dynamic Group. In versions of Nautobot between 1.3.0 (where the Dynamic Groups feature was added) and 1.6.22 inclusive, and 2.0.0 through 2.2.4 inclusive, Nautobot fails to restrict these listings based on the member object permissions - for example a Dynamic Group of Device objects will list all Devices that it contains, regardless of the user's `dcim.view_device` permissions or lack thereof. ### Patches _Has the problem been patched? What versions should users upgrade to?_ Fixed in Nautobot 1.6.23 and 2.2.5. ### Workarounds _Is there a way for users to fix or remediate the vulnerability without upgrading?_ This vulnerabil...

GHSA-95fr-cm4m-q5p9: MinIO information disclosure vulnerability

### Impact [If-Modified-Since](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/If-Modified-Since) [If-Unmodified-Since](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/If-Unmodified-Since) Headers when used with anonymous requests by sending a random object name requests you can figure out if the object exists or not on the server on a specific bucket and also gain access to some amount of information such as ``` Last-Modified (of the latest version) Etag (of the latest version) x-amz-version-id (of the latest version) Expires (metadata value of the latest version) Cache-Control (metadata value of the latest version) ``` This conditional check was being honored before validating if the anonymous access is indeed allowed on the metadata of an object. ### Patches Yes this issue has been already fixed in ``` commit e0fe7cc391724fc5baa85b45508f425020fe4272 (HEAD -> master, origin/master) Author: Harshavardhana <[email protected]> Date: Mon May 27 12:17:46 2024...

Out-of-bounds reads in Adobe Acrobat; Foxit PDF Reader contains vulnerability that could lead to SYSTEM-level privileges

Acrobat, one of the most popular PDF readers currently available, contains two out-of-bounds read vulnerabilities that could lead to the exposure of sensitive contents of arbitrary memory in the application.

Surge in Discord Malware Attacks as 50,000 Malicious Links Uncovered

By Waqas Cybersecurity researchers at Bitdefender have found a surge in malware and phishing attacks on Discord, noting 50,000 malicious… This is a post from HackRead.com Read the original post: Surge in Discord Malware Attacks as 50,000 Malicious Links Uncovered

Surge in Discord Malware Attacks as 50,000 Malicious Links Uncovered

By Waqas Cybersecurity researchers at Bitdefender have found a surge in malware and phishing attacks on Discord, noting 50,000 malicious… This is a post from HackRead.com Read the original post: Surge in Discord Malware Attacks as 50,000 Malicious Links Uncovered

GHSA-8cm5-jfj2-26q7: Fides Webserver Logs Hosted Database Password Partial Exposure Vulnerability

The Fides webserver requires a connection to a hosted PostgreSQL database for persistent storage of application data. If the password used by the webserver for this database connection includes special characters such as `@` and `$`, webserver startup fails and the part of the password following the special character is exposed in webserver error logs. This is caused by improper escaping of the SQLAlchemy password string, see [here](https://docs.sqlalchemy.org/en/14/core/engines.html#escaping-special-characters-such-as-signs-in-passwords) and [here](https://github.com/sqlalchemy/sqlalchemy/discussions/6615) for more info. ### Impact Partial exposure of hosted database password in webserver logs ### Patches The vulnerability has been patched in Fides version `2.37.0`. Users are advised to upgrade to this version or later to secure their systems against this threat. ### Workarounds There are no workarounds. ### Proof of Concept 1. Create a hosted PostgreSQL database for Fides with a...

Check Point Warns of Zero-Day Attacks on its VPN Gateway Products

Check Point is warning of a zero-day vulnerability in its Network Security gateway products that threat actors have exploited in the wild. Tracked as CVE-2024-24919, the issue impacts CloudGuard Network, Quantum Maestro, Quantum Scalable Chassis, Quantum Security Gateways, and Quantum Spark appliances. "The vulnerability potentially allows an attacker to read certain information on

GHSA-xjm6-jfmg-qc6p: Aimeos denial of service vulnerability in SaaS and marketplace setups

### Impact All SaaS and marketplace setups using Aimeos version from 2022/2023/2024 are affected by a potential denial of service attack ### Patches Upgrade to the latest 2022.10 LTS, 2023.10 LTS and 2024.04.7 version of the aimeos/aimeos-core package

Flowmon Unauthenticated Command Injection

This Metasploit module exploits an unauthenticated command injection vulnerability in Progress Flowmon versions before v12.03.02.