Rory McNamara discovered that when starting the cupsd server with a
Listen configuration item, the cupsd process fails to validate if
bind call passed. An attacker could possibly trick cupsd to perform
an arbitrary chmod of the provided argument, providing world-writable
access to the target.
It was discovered that Hibernate incorrectly handled certain inputs with
unsanitized literals. If a user or an automated system were tricked into
opening a specially crafted input file, a remote attacker could possibly use
this issue to obtain sensitive information.
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Jun 23
SEC Consult Vulnerability Lab Security Advisory < 20240620-0 >
=======================================================================
title: Arbitrary File Upload
product: edu-sharing (metaVentis GmbH)
vulnerable versions: <8.0.8-RC2, <8.1.4-RC0, <9.0.0-RC19
fixed versions: >=8.0.8-RC2, >=8.1.4-RC0, >=9.0.0-RC19
CVE number: CVE-2024-28147
impact: high…
Posted by Egidio Romano on Jun 23
Hello list,
Just wanted to share with you my latest blog post:
https://karmainsecurity.com/zip-slip-meets-artifactory-a-bug-bounty-story
Enjoy it!
Posted by malvuln on Jun 23
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/eeb631127f1b9fb3d13d209d8e675634.txt
Contact: malvuln13 () gmail com
Media: x.com/malvuln
Threat: Backdoor.Win32.Plugx
Vulnerability: Insecure Permissions
Family: Plugx
Type: PE32
MD5: eeb631127f1b9fb3d13d209d8e675634
SHA256: c2804080c3f45e8232b3e955611f56c9ba513a7845ddad56a588c4191d139990
Vuln ID: MVID-2024-0686
Disclosure: 06/17/2024…
Posted by SBA Research Security Advisory via Fulldisclosure on Jun 23
# Paradox IP150 Internet Module Cross-Site Request Forgery #
## Vulnerability Overview ##
The Paradox IP150 Internet Module in version 1.40.00 is vulnerable to
Cross-Site Request Forgery (CSRF) attacks due to
a lack of countermeasures and the use of the HTTP method `GET` to introduce
changes in the system.
* **Identifier**…
The update for composer released as DSA 5715 introduced a regression
in the handling of git feature branches. Updated composer packages
are now available to address this issue.
python-PyMySQL-0.9.3-2.el7
Security fix for CVE-2024-36039
libreswan-4.15-1.fc39
Update to 4.15 for CVE-2024-3652
mingw-gstreamer1-1.22.9-1.fc39
mingw-gstreamer1-plugins-bad-free-1.22.9-1.fc39
mingw-gstreamer1-plugins-base-1.22.9-2.fc39
mingw-gstreamer1-plugins-good-1.22.9-1.fc39
Update to gstreamer-1.22.9.
Backport fix for CVE-2024-0444.
