I-O DATA DEVICE, INC. Security Vulnerabilities

device-mapper-persistent-data bug fix and enhancement update

An update is available for device-mapper-persistent-data. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release,...

CVE-2023-4925

The Easy Forms for Mailchimp WordPress plugin through 6.8.10 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is...

CVE-2021-4244

A vulnerability classified as problematic has been found in yikes-inc-easy-mailchimp-extender Plugin up to 6.8.5. This affects an unknown part of the file admin/partials/ajax/add_field_to_form.php. The manipulation of the argument field_name/merge_tag/field_type/list_id leads to cross site...

CVE-2023-2518

The Easy Forms for Mailchimp WordPress plugin before 6.8.9 does not sanitise and escape a parameter before outputting it back in the page when the debug option is enabled, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as...

CVE-2023-23900

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in YIKES, Inc. Easy Forms for Mailchimp plugin <= 6.8.8...

CVE-2023-1323

The Easy Forms for Mailchimp WordPress plugin before 6.8.9 does not sanitise and escape some of its from parameters, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite.....

CVE-2023-1324

The Easy Forms for Mailchimp WordPress plugin before 6.8.8 does not sanitise and escape some parameters before outputting them back in the response, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as...

CVE-2023-1325

The Easy Forms for Mailchimp WordPress plugin before 6.8.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting...

Arbitrary Systemd Property Injection

github.com/cri-o/cri-o is vulnerable to Arbitrary Systemd Property Injection. The vulnerability is due to improper filtering of systemd property within a Pod annotation, allowing an attacker with the ability to create a pod with arbitrary annotations to perform unauthorized actions on the host...

CVE-2023-48700

The Nautobot Device Onboarding plugin uses the netmiko and NAPALM libraries to simplify the onboarding process of a new device into Nautobot down to, in many cases, an IP Address and a Location. Starting in version 2.0.0 and prior to version 3.0.0, credentials provided to onboarding task are...

CVE-2024-0354

A vulnerability, which was classified as critical, has been found in unknown-o download-station up to 1.1.8. This issue affects some unknown processing of the file index.php. The manipulation of the argument f leads to path traversal: '../filedir'. The attack may be initiated remotely. The exploit....

Security Bulletin: AIX is vulnerable to a denial of service due to libxml2 (CVE-2024-25062)

Summary Vulnerability in libxml2 could allow a remote attacker to cause a denial of service (CVE-2024-25062). AIX uses libxml2 as part of its XML parsing functions. Vulnerability Details ** CVEID: CVE-2024-25062 DESCRIPTION: **GNOME libxml2 is vulnerable to a denial of service, caused by a...

Security Bulletin: AIX is vulnerable to arbitrary command execution due to invscout (CVE-2024-27260)

Summary A vulnerability in the AIX invscout command could allow a non-privileged local user to execute arbitrary commands (CVE-2024-27260). Vulnerability Details ** CVEID: CVE-2024-27260 DESCRIPTION: **IBM AIX could allow a non-privileged local user to exploit a vulnerability in the invscout...

lvm2 bug fix and enhancement update

An update is available for lvm2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 9.4...

CRI-O vulnerable to an arbitrary systemd property injection

Impact On CRI-O, it looks like an arbitrary systemd property can be injected via a Pod annotation: ``` apiVersion: v1 kind: Pod metadata: name: poc-arbitrary-systemd-property-injection annotations: # I believe that ExecStart with an arbitrary command works here too, # but I haven't...

CRI-O vulnerable to an arbitrary systemd property injection

Impact On CRI-O, it looks like an arbitrary systemd property can be injected via a Pod annotation: ``` apiVersion: v1 kind: Pod metadata: name: poc-arbitrary-systemd-property-injection annotations: # I believe that ExecStart with an arbitrary command works here too, # but I haven't...

CRI-O vulnerable to /etc/passwd tampering resulting in Privilege Escalation

Impact It is possible to craft an environment variable with newlines to add entries to a container's /etc/passwd. It is possible to circumvent admission validation of username/UID by adding such an entry. Note: because the pod author is in control of the container's /etc/passwd, this is not...

CVE-2022-41973 affecting package device-mapper-multipath 0.8.6-1

CVE-2022-41973 affecting package device-mapper-multipath 0.8.6-1. No patch is available...

CVE-2022-41974 affecting package device-mapper-multipath 0.8.6-1

CVE-2022-41974 affecting package device-mapper-multipath 0.8.6-1. No patch is available...

Security Bulletin: AIX is vulnerable to privilege escalation (CVE-2024-27273)

Summary Vulnerability in the AIX kernel may lead to privilege escalation (CVE-2024-27273). Vulnerability Details ** CVEID: CVE-2024-27273 DESCRIPTION: **IBM AIX's Unix domain datagram socket implementation could potentially expose applications using Unix domain datagram sockets with SO_PEERID...

ROS-20240522-01

A vulnerability in the CRI-O container mechanism is related to the injection of an arbitrary property via the Pod annotation. systemd. Exploitation of the vulnerability could allow an attacker acting remotely to perform an an arbitrary action on the host...

CVE-2023-44487 affecting package sriov-network-device-plugin for versions less than 3.5.1-2

CVE-2023-44487 affecting package sriov-network-device-plugin for versions less than 3.5.1-2. A patched version of the package is...

[SECURITY] Fedora 40 Update: rust-vhost-device-scmi-0.1.0-6.fc40

Vhost-user SCMI backend...

[SECURITY] Fedora 40 Update: rust-vhost-device-sound-0.1.0-2.fc40

A virtio-sound device using the vhost-user...

CVE-2022-47578

An issue was discovered in the endpoint protection agent in Zoho ManageEngine Device Control Plus 10.1.2228.15. Despite configuring complete restrictions on USB pendrives, USB HDD devices, memory cards, USB connections to mobile devices, etc., it is still possible to bypass the USB restrictions by....

CVE-2022-47577

An issue was discovered in the endpoint protection agent in Zoho ManageEngine Device Control Plus 10.1.2228.15. Despite configuring complete restrictions on USB pendrives, USB HDD devices, memory cards, USB connections to mobile devices, etc., it is still possible to bypass the USB restrictions by....

(RHSA-2024:2672) Important: OpenShift Container Platform 4.14.24 packages and security update

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.14.24. See the following advisory for the container...

(RHSA-2024:2877) Important: OpenShift Container Platform 4.13.42 packages and security update

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.42. See the following advisory for the container...

(RHSA-2024:2669) Important: OpenShift Container Platform 4.15.12 security update

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.15.12. See the following advisory for the container...

Moderate: qemu-kvm security update

Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix(es): QEMU: e1000e: heap use-after-free in e1000e_write_packet_to_guest()...

GHSA-679V-HH23-H5JH vulnerabilities

Vulnerabilities for packages: kind, smarter-device-manager-fips, falco, configmap-reload-fips,...

CVE-2023-39323 vulnerabilities

Vulnerabilities for packages: kind, smarter-device-manager-fips, falco, configmap-reload-fips,...

CVE-2017-17688

The OpenPGP specification allows a Cipher Feedback Mode (CFB) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. NOTE: third parties report that this is a problem in applications that mishandle the Modification Detection Code (MDC) feature or accept an...

qemu-kvm security update

An update is available for qemu-kvm. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Kernel-based Virtual Machine (KVM) is a full virtualization solution for...

GHSA-XR7R-F8XQ-VFVV vulnerabilities

Vulnerabilities for packages: kots, datadog-agent, zarf, nerdctl, kubescape, ingress-nginx-controller, datadog-agent-fips, runc, ctop, newrelic-infrastructure-agent, telegraf, docker, k3d, wolfictl, skaffold, k3s, buildkitd, kubernetes, nvidia-device-plugin-fips, k9s,...

CVE-2024-21626 vulnerabilities

Vulnerabilities for packages: kots, datadog-agent, zarf, nerdctl, kubescape, ingress-nginx-controller, datadog-agent-fips, runc, ctop, newrelic-infrastructure-agent, telegraf, docker, k3d, wolfictl, skaffold, k3s, buildkitd, kubernetes, nvidia-device-plugin-fips, k9s,...

SSRF (Server-Side Request Forgery) org.springframework:spring-web Dependency in Bitbucket Data Center and Server

This High severity org.springframework:spring-web Dependency vulnerability was introduced in versions 8.0.0, 8.1.0, 8.2.0, 8.3.0, 8.4.0, 8.5.0, 8.6.0, 8.7.0, 8.8.0, 8.9.0, 8.10.0, 8.11.0, 8.12.0, 8.13.0, 8.14.0-eap01, 8.15.0, 8.16.0, 8.17.0, 8.18.0, and 8.19.0 of Bitbucket Data Center and Server......

Improper Authorization org.springframework.security:spring-security-core Dependency in Bitbucket Data Center and Server

This High severity org.springframework.security:spring-security-core Dependency vulnerability was introduced in versions 8.0.0, 8.1.0, 8.2.0, 8.3.0, 8.4.0, 8.5.0, 8.6.0, 8.7.0, 8.8.0, 8.9.0, 8.10.0, 8.11.0, 8.12.0, 8.13.0, 8.14.0-eap01, 8.15.0, 8.16.0, 8.17.0, 8.18.0, and 8.19.0 of Bitbucket Data.....

SQLi (SQL Injection) org.postgresql:postgresql Dependency in Jira Software Data Center and Server

This Critical severity org.postgresql:postgresql Dependency vulnerability was introduced in versions 9.0.0, 9.1.0, 9.2.0, 9.3.0, 9.4.0, 9.5.0, 9.6.0, 9.7.0, 9.8.0, 9.9.0, 9.10.0, 9.11.0, 9.12.0, 9.13.0, and 9.14.0 of Jira Software Data Center and Server. Jira Software Data Center is unaffected by.....

SQLi (SQL Injection) org.postgresql:postgresql Dependency in Confluence Data Center and Server

This Critical severity org.postgresql:postgresql Dependency vulnerability was introduced in versions 6.0.1 of Confluence Data Center and Server. Confluence Data Center is unaffected by this vulnerability as it does not use the {{PreferQueryMode=SIMPLE}} parameter required for this vulnerability in....

RCE (Remote Code Execution) org.eclipse.jgit:org.eclipse.jgit Dependency in Bamboo Data Center and Server

This High severity org.eclipse.jgit:org.eclipse.jgit Dependency vulnerability was introduced in versions 9.0.0, 9.1.0, 9.2.1, 9.3.0, 9.4.0, and 9.5.0 of Bamboo Data Center and Server. The latest LTS Bamboo 9.6.0 is not impacted by this Vulnerability. This org.eclipse.jgit:org.eclipse.jgit...

Injection com.fasterxml.jackson.core:jackson-databind Dependency in Crowd Data Center and Server

This High severity com.fasterxml.jackson.core:jackson-databind Dependency vulnerability was introduced in versions 5.0.0, 5.1.0, and 5.2.0 of Crowd Data Center and Server. This com.fasterxml.jackson.core:jackson-databind Dependency vulnerability, with a CVSS Score of 8.1 and a CVSS Vector of...

Sensitive data exposure via /secure/QueryComponent!Default.jspa endpoint - CVE-2020-14179

h3. Summary Affected versions of Atlassian Jira Server and Data Center allow remote, unauthenticated attackers to view custom field names and custom SLA names via an Information Disclosure vulnerability in the /secure/QueryComponent!Default.jspa endpoint. h3. Affected versions: * version < 8.5.8...

Improper Authorization org.springframework.security:spring-security-core Dependency in Crowd Data Center and Server

This High severity org.springframework.security:spring-security-core Dependency vulnerability was introduced in versions 5.0.0, 5.1.0, and 5.2.0 of Crowd Data Center and Server. This org.springframework.security:spring-security-core Dependency vulnerability, with a CVSS Score of 8.2 and a CVSS...

DoS (Denial of Service) org.apache.struts:struts2-core Dependency in Crowd Data Center and Server

This High severity org.apache.struts:struts2-core Dependency vulnerability was introduced in versions 5.0.0, 5.1.0, and 5.2.0 of Crowd Data Center and Server. This org.apache.struts:struts2-core Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

CVE-2024-23687

Hard-coded credentials in FOLIO mod-data-export-spring versions before 1.5.4 and from 2.0.0 to 2.0.2 allows unauthenticated users to access critical APIs, modify user data, modify configurations including single-sign-on, and manipulate...

Ability to have the Websudo functionality working with SAML / SSO

h3. Problem Definition When implementing SAML either through JDC or through a vendor plugin, the net result is you have to turn off websudo because you can't get websudo and SAML to work. The effect is you can go straight into administration functions without confirmation that you should. This...

Regression - "Browse Project" permission for "Reporter" grants users to see projects they are not permitted to.

{panel:bgColor=#e7f4fa} NOTE: This bug report is for JIRA Server. Using JIRA Cloud? [See the corresponding bug report|http://jira.atlassian.com/browse/JRACLOUD-34389]. {panel} Regression of JRA-4935 When i add the "Reporter" to the "Browse Project" Permission of one project. This project instantly....

Injection com.fasterxml.jackson.core:jackson-databind Dependency in Crowd Data Center and Server

This High severity com.fasterxml.jackson.core:jackson-databind Dependency vulnerability was introduced in versions 5.0.0, 5.1.0, and 5.2.0 of Crowd Data Center and Server. This com.fasterxml.jackson.core:jackson-databind Dependency vulnerability, with a CVSS Score of 8.8 and a CVSS Vector of...

Injection com.fasterxml.jackson.core:jackson-databind Dependency in Crowd Data Center and Server

This High severity com.fasterxml.jackson.core:jackson-databind Dependency vulnerability was introduced in versions 5.0.0, 5.1.0, and 5.2.0 of Crowd Data Center and Server. This com.fasterxml.jackson.core:jackson-databind Dependency vulnerability, with a CVSS Score of 8.8 and a CVSS Vector of...