Weekly Vulnerabilities Reports > March 18 to 24, 2024

A vulnerability was found in Tenda AC15 15.03.05.18/15.03.20_multi.

A vulnerability was found in Tenda AC15 15.03.05.18/15.03.20_multi.

SQL injection vulnerability exists in the script DIAE_tagHandler.ashx.

Grav is an open-source, flat-file content management system.

Privileges are not fully verified server-side, which can be abused by a user with limited privileges to bypass authorization and access privileged functionality.

Grav is an open-source, flat-file content management system.

Grav is an open-source, flat-file content management system.

Grav is an open-source, flat-file content management system.

Grav is an open-source, flat-file content management system.

A vulnerability, which was classified as critical, has been found in Tenda AC10U 15.03.06.48.

A vulnerability, which was classified as critical, was found in Tenda AC10U 15.03.06.48.

Grav is a content management system (CMS).

Deno is a JavaScript, TypeScript, and WebAssembly runtime.

Deno is a JavaScript, TypeScript, and WebAssembly runtime.

A vulnerability was found in Tenda AC10U 15.03.06.49 and classified as critical.

A vulnerability was found in Tenda AC10U 15.03.06.49.

A vulnerability was found in Tenda AC10U 15.03.06.49.

A vulnerability was found in Tenda AC10U 15.03.06.48.

Use after free in Canvas in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

A vulnerability, which was classified as critical, has been found in Tenda AC10U 1.0/15.03.06.49.

A vulnerability, which was classified as critical, was found in Tenda AC10U 15.03.06.49.

A vulnerability has been found in Tenda AC10U 15.03.06.49 and classified as critical.

A vulnerability classified as critical has been found in Tenda AC10U 15.03.06.49.

A vulnerability classified as critical was found in Tenda AC10U 15.03.06.49.

In Progress® Telerik® Report Server versions prior to 2024 Q1 (10.0.24.130), a remote code execution attack is possible through an insecure deserialization vulnerability.

In Progress® Telerik® Reporting versions prior to 2024 Q1 (18.0.24.130), a code execution attack is possible by a remote threat actor through an insecure deserialization vulnerability.

A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical.

Deno is a JavaScript, TypeScript, and WebAssembly runtime.

FreeScout is a self-hosted help desk and shared mailbox.

Least privilege violation and reliance on untrusted inputs in the mk_informix Checkmk agent plugin before Checkmk 2.3.0b4 (beta), 2.2.0p24, 2.1.0p41 and 2.0.0 (EOL) allows local users to escalate privileges.

In JetBrains TeamCity before 2023.11 users with access to the agent machine might obtain permissions of the user running the agent process

In Progress® Telerik® Reporting versions prior to 2024 Q1 (18.0.24.130), a code execution attack is possible by a local threat actor through an insecure deserialization vulnerability.

Claris International has fixed a dylib hijacking vulnerability in the FileMaker Pro.app and Claris Pro.app versions on macOS.

Lightroom Desktop versions 7.1.2 and earlier are affected by an Untrusted Search Path vulnerability that could result in arbitrary code execution in the context of the current user.

In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Fix buffer overflow in trans_stat_show Fix buffer overflow in trans_stat_show(). Convert simple snprintf to the more secure scnprintf with size of PAGE_SIZE. Add condition checking if we are exceeding PAGE_SIZE and exit early from loop.

paddlepaddle/paddle 2.6.0 allows arbitrary file read via paddle.vision.ops.read_file.

Missing Authorization vulnerability in Metagauss EventPrime.This issue affects EventPrime: from n/a through 3.3.9.

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes.

Siklu TG Terragraph devices before 2.1.1 allow attackers to discover valid, randomly generated credentials via GetCredentials.

ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary file system read.

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data.

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data.

Cilium is a networking, observability, and security solution with an eBPF-based dataplane.

Dell PowerEdge Server BIOS contains an Improper SMM communication buffer verification vulnerability.

Least privilege violation in the Checkmk agent plugins mk_oracle, mk_oracle.ps1, and mk_oracle_crs before Checkmk 2.3.0b4 (beta), 2.2.0p24, 2.1.0p41 and 2.0.0 (EOL) allows local users to escalate privileges.

IBM Security Verify Directory 10.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

A vulnerability classified as problematic was found in Tenda AC15 15.03.05.18.

A vulnerability, which was classified as problematic, has been found in Tenda AC15 15.03.05.18.

Deno is a JavaScript, TypeScript, and WebAssembly runtime with secure defaults.

Out of bounds read in Swiftshader in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page.

An issue discovered in SELESTA Visual Access Manager 4.38.6 allows attackers to modify the “computer” POST parameter related to the ID of a specific reception by POST HTTP request interception.

GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing.

GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing.

Cross-Site Scripting (XSS) vulnerability in Sentrifugo 3.2, through  /sentrifugo/index.php/expenses/expensecategories/edit, 'expense_category_name' parameter.

Cross-Site Scripting (XSS) vulnerability in Sentrifugo 3.2, through  /sentrifugo/index.php/sitepreference/add, 'description' parameter.

Cross-Site Scripting (XSS) vulnerability in Sentrifugo 3.2, through  /sentrifugo/index.php/index/getdepartments/format/html, 'business_id' parameter.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Metagauss RegistrationMagic allows Reflected XSS.This issue affects RegistrationMagic: from n/a through 5.2.5.9.

Cilium is a networking, observability, and security solution with an eBPF-based dataplane.

Cilium is a networking, observability, and security solution with an eBPF-based dataplane.

ZITADEL, open source authentication management software, uses Go templates to render the login UI.

GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing.

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data.

Dell PowerEdge Server BIOS contains a heap-based buffer overflow vulnerability.

IBM Security Verify Governance 10.0.2 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security.

IBM InfoSphere Information Server 11.7 stores potentially sensitive information in log files that could be read by a local user.

In the Linux kernel, the following vulnerability has been resolved: hwrng: core - Fix page fault dead lock on mmap-ed hwrng There is a dead-lock in the hwrng device read path.

Missing Authorization vulnerability in BdThemes Element Pack Elementor Addons.This issue affects Element Pack Elementor Addons: from n/a through 5.4.11.

The EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the EmbedPress widget 'embedpress_pro_twitch_theme ' attribute in all versions up to, and including, 3.9.12 due to insufficient input sanitization and output escaping on user supplied attributes.

The EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the EmbedPress document widget in all versions up to, and including, 3.9.12 due to insufficient input sanitization and output escaping on user supplied attributes.

The Move Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's infobox and button widget in all versions up to, and including, 1.2.9 due to insufficient input sanitization and output escaping on user supplied attributes.

The Blocksy Companion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Newsletter widget in all versions up to, and including, 2.0.31 due to insufficient input sanitization and output escaping on user supplied attributes.

The Easy Social Feed – Social Photos Gallery – Post Feed – Like Box plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'efb_likebox' shortcode in all versions up to, and including, 6.5.4 due to insufficient input sanitization and output escaping on user supplied attributes.

The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via HTML Tag attributes in all versions up to, and including, 2.6.2 due to insufficient input sanitization and output escaping.

OneBlog v2.3.4 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Notice Manage module.

OneBlog v2.3.4 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Privilege Management module.

The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 4.5.2 due to insufficient input sanitization and output escaping on user supplied attributes such as listStyle.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jegtheme Jeg Elementor Kit allows Stored XSS.This issue affects Jeg Elementor Kit: from n/a through 2.6.2.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Leap13 Premium Addons for Elementor allows Stored XSS.This issue affects Premium Addons for Elementor: from n/a through 4.10.16.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPVibes Elementor Addon Elements allows Stored XSS.This issue affects Elementor Addon Elements: from n/a through 1.12.10.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Leevio Happy Addons for Elementor allows Stored XSS.This issue affects Happy Addons for Elementor: from n/a through 3.10.1.

Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.

IBM Security Verify Directory 10.0.0 could disclose sensitive server information that could be used in further attacks against the system.

A vulnerability classified as problematic has been found in Netentsec NS-ASG Application Security Gateway 6.3.

A vulnerability, which was classified as problematic, was found in Netentsec NS-ASG Application Security Gateway 6.3.

Adobe Experience Manager versions 6.5.19 and earlier are affected by an Information Exposure vulnerability that could result in a security feature bypass.

A privilege escalation issue existed in FileMaker Server, potentially exposing sensitive information to front-end websites when signed in to the Admin Console with an administrator role.

IBM Security Verify Directory 10.0.0 is vulnerable to cross-site scripting.

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data.

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data.

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data.

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data.

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data.

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data.

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data.

OctoPrint provides a web interface for controlling consumer 3D printers.

Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an admin attacker to inject malicious scripts into vulnerable form fields.

GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing.

Deno is a JavaScript, TypeScript, and WebAssembly runtime.

Microsoft Edge (Chromium-based) Spoofing Vulnerability

A vulnerability has been found in DedeCMS 5.7 and classified as problematic.

A vulnerability classified as problematic was found in DedeCMS 5.7.

IBM Storage Protect Plus Server 10.1.0 through 10.1.16 could allow an authenticated user with read-only permissions to add or delete entries from an existing HyperVisor configuration.

The Easy Social Feed – Social Photos Gallery – Post Feed – Like Box plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.5.4.

The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the tutor_delete_announcement() function in all versions up to, and including, 2.6.1.

In Progress MOVEit Transfer versions released before 2022.0.11 (14.0.11), 2022.1.12 (14.1.12), 2023.0.9 (15.0.9), 2023.1.4 (15.1.4), a logging bypass vulnerability has been discovered.  An authenticated user could manipulate a request to bypass the logging mechanism within the web application which results in user activity not being logged properly.

GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing.

Invocation of the sqlplus command with sensitive information in the command line in the mk_oracle Checkmk agent plugin before Checkmk 2.3.0b4 (beta), 2.2.0p24, 2.1.0p41 and 2.0.0 (EOL) allows the extraction of this information from the process list.

IBM Security Verify Directory 10.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.