Procps-ng, Procps Security Vulnerabilities

[SECURITY] Fedora 39 Update: espeak-ng-1.51.1-6.fc39

The eSpeak NG (Next Generation) Text-to-Speech program is an open source spee ch synthesizer that supports over 70 languages. It is based on the eSpeak engine created by Jonathan Duddington. It uses spectral formant synthesis by default which sounds robotic, but can be configured to use Klatt...

Log Injection

pyload-ng is vulnerable to Log Injection. The vulnerability is caused due to a lack of validation while logging an error in api_blueprint.py and app_blueprint.py. An attacker can corrupt log files exploiting this...

Information Disclosure

pyload-ng is vulnerable to Unauthenticated Information Disclosure. The vulnerability is due to improper authorization and authentication checks. This issue can be exploited by an attacker to disclose sensitive information such as Flask configurations, which includes the SECRET_KEY...

Fedora 39 : espeak-ng (2024-5661c87b25)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-5661c87b25 advisory. Espeak-ng 1.52-dev was discovered to contain a buffer-overflow via the function SetUpPhonemeTable at synthdata.c. (CVE-2023-49990) Espeak-ng...

pyload Unauthenticated Flask Configuration Leakage vulnerability

Summary Any unauthenticated user can browse to a specific URL to expose the Flask config, including the SECRET_KEY variable. Details Any unauthenticated user can browse to a specific URL to expose the Flask config, including the SECRET_KEY variable. PoC Run pyload in the default configuration by...

pyload Unauthenticated Flask Configuration Leakage vulnerability

Summary Any unauthenticated user can browse to a specific URL to expose the Flask config, including the SECRET_KEY variable. Details Any unauthenticated user can browse to a specific URL to expose the Flask config, including the SECRET_KEY variable. PoC Run pyload in the default configuration by...

pyload Log Injection vulnerability

Summary A log injection vulnerability was identified in pyload. This vulnerability allows any unauthenticated actor to inject arbitrary messages into the logs gathered by pyload. Details pyload will generate a log entry when attempting to sign in with faulty credentials. This entry will be in the.....

pyload Log Injection vulnerability

Summary A log injection vulnerability was identified in pyload. This vulnerability allows any unauthenticated actor to inject arbitrary messages into the logs gathered by pyload. Details pyload will generate a log entry when attempting to sign in with faulty credentials. This entry will be in the.....

Huawei EulerOS: Security Advisory for procps-ng (EulerOS-SA-2024-1026)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for procps-ng (EulerOS-SA-2024-1052)

The remote host is missing an update for the Huawei...

CVE-2023-3726

OCSInventory allow stored email template with special characters that lead to a Stored cross-site...

CVE-2023-3726

OCSInventory allow stored email template with special characters that lead to a Stored cross-site...

Genie Aladdin Connect Retrofit Garage Door Opener: Multiple Vulnerabilities

Rapid7, Inc. (Rapid7) discovered vulnerabilities in Aladdin Connect retrofit kit garage door opener and Android mobile application produced by Genie. The affected products are: Aladdin Garage door smart retrofit kit, Model ALDCM Android Mobile application ALADDIN Connect, Version 5.65 Build 2075 .....

Metasploit 2023 Annual Wrap-Up: Dec. 29, 2023

As 2023 winds down, we’re taking another look back at all the changes and improvements to the Metasploit Framework. This year marked the 20th anniversary since Metasploit version 1.0 was committed and the project is still actively maintained and improved thanks to a thriving community. Version 6.3....

Fedora: Security Advisory for minizip-ng (FEDORA-2023-2ca76c3aae)

The remote host is missing an update for...

[SECURITY] Fedora 38 Update: minizip-ng-3.0.7-4.fc38

Minizip-ng zlib-ng contribution that includes: * AES encryption * I/O buffering * PKWARE disk splitting It also has the latest bug fixes that having been found all over the...

[SECURITY] Fedora 39 Update: minizip-ng-3.0.7-5.fc39

Minizip-ng zlib-ng contribution that includes: * AES encryption * I/O buffering * PKWARE disk splitting It also has the latest bug fixes that having been found all over the...

Fedora: Security Advisory for minizip-ng (FEDORA-2023-5aa1ebc5e9)

The remote host is missing an update for...

Fedora 39 : minizip-ng (2023-5aa1ebc5e9)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-5aa1ebc5e9 advisory. Buffer Overflow vulnerability in zlib-ng minizip-ng v.4.0.2 allows an attacker to execute arbitrary code via a crafted file to the mz_path_has_slash...

Fedora 38 : minizip-ng (2023-2ca76c3aae)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-2ca76c3aae advisory. Buffer Overflow vulnerability in zlib-ng minizip-ng v.4.0.2 allows an attacker to execute arbitrary code via a crafted file to the mz_path_has_slash...

Huawei EulerOS: Security Advisory for procps-ng (EulerOS-SA-2023-3488)

The remote host is missing an update for the Huawei...

Hospital Management System 4.0 XSS / Shell Upload / SQL Injection

...

GilaCMS 1.15.4 SQL Injection

...

GilaCMS 1.15.4 SQL Injection Vulnerability

...

Huawei EulerOS: Security Advisory for procps-ng (EulerOS-SA-2023-3516)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for procps-ng (EulerOS-SA-2023-3508)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for procps-ng (EulerOS-SA-2023-3480)

The remote host is missing an update for the Huawei...

Hospital Management System 4.0 XSS / Shell Upload / SQL Injection Vulnerabilities

Hospital Management System versions 4.0 and below suffer from cross site scripting, remote shell upload, and remote SQL injection...

Buffer Overflow

Espeak-ng is vulnerable to Buffer Overflow. The vulnerability is caused due to missing validation for word length in the RemoveEnding function within dictionary.c., which can result in Denial of...

Stack Buffer Underflow

libespeak-ng.so is vulnerable to Stack Buffer Underflow. The vulnerability is caused by a lack of validation for the length parameter before its passed to malloc. An attacker can exploit this by providing an excessively small or manipulated value that could potentially lead to a buffer...

Denial Of Service (DOS)

libespeak-ng.so is vulnerable to Denial Of Service through Floating Point Exception. The vulnerability is due to the PeaksToHarmspect function within wavegen.c failing to check the wdata.pitch_env pointer before it is used. The function AdvanceParameters directly uses wdata.pitch_env without...

Buffer Overflow

Espeak-ng is vulnerable to Buffer Overflow. The vulnerability is due to the SetUpPhonemeTable function within synthdata.c. This issue can be exploited by an attacker to cause denial of...

2023 Threat Landscape Year in Review: If Everything Is Critical, Nothing Is

As 2023 nears its end, it's time to pause and reflect. It’s time to assess what worked and what didn't, what caught our attention and caused disruption, and what went unnoticed. More importantly, we need to know what lessons we learned from 2023 so that we can do a better job of managing risk in...

Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from shadow-utils, procps-ng, containerd, urllib3, nghttp2 and Golang

Summary Multiple issues were identified in Red Hat UBI packages, go-toolset and OSE are fixed and shipped with IBM MQ Operator and IBM supplied MQ Advanced container images. Vulnerability Details ** CVEID: CVE-2023-25153 DESCRIPTION: **containerd is vulnerable to a denial of service, caused by a...

Huawei EulerOS: Security Advisory for procps-ng (EulerOS-SA-2023-3446)

The remote host is missing an update for the Huawei...

RTPEngine mr11.5.1.6 Denial Of Service

...

PaperCut NG Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of PaperCut NG. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the pc-pdl-to-image...

Buffer Overflow

libespeak-ng.so is vulnerable to Buffer Overflow. The vulnerability is caused by the ReadClause function in readclause.c due to not having a bounds check when writing data to buffer. This allows an attacker to craft an input to trigger the overflow, potentially leads to code execution or Denial of....

Huawei EulerOS: Security Advisory for procps-ng (EulerOS-SA-2023-3384)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for procps-ng (EulerOS-SA-2023-3366)

The remote host is missing an update for the Huawei...

Unbreakable Enterprise kernel security update

[5.15.0-201.135.6] - Revert ncsi: Propagate carrier gain/loss events to the NCSI controller (Johnathan Mantey) - netfilter: nf_tables: split async and sync catchall in two functions (Pablo Neira Ayuso) - netfilter: nf_tables: remove catchall element in GC sync path (Pablo Neira Ayuso) - scsi:...

CVE-2023-49994

A flaw was found in the espeak-ng package. A local attacker can use a specially crafted payload to trigger a floating point exception error, which may lead to a denial of service. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red...

CVE-2023-49993

A flaw was found in the espeak-ng package. A local attacker can use a specially crafted payload to trigger a buffer overflow condition, which may lead to an application crash or allow for arbitrary code execution. Mitigation Mitigation for this issue is either not available or the currently...

CVE-2023-49992

A flaw was found in the espeak-ng package. A local attacker can use a specially crafted payload to trigger a buffer overflow condition, which may lead to an application crash or allow for arbitrary code execution. Mitigation Mitigation for this issue is either not available or the currently...

CVE-2023-49991

A flaw was found in the espeak-ng package. A local attacker can use a specially crafted payload to trigger a buffer underflow condition, which may lead to an application crash or allow for arbitrary code execution. Mitigation Mitigation for this issue is either not available or the currently...

CVE-2023-49990

A flaw was found in the espeak-ng package. A local attacker can use a specially-crafted payload to trigger a buffer overflow condition, which can lead to an application crash or allow for arbitrary code execution. Mitigation Mitigation for this issue is either not available or the currently...

CVE-2023-49990

Espeak-ng 1.52-dev was discovered to contain a buffer-overflow via the function SetUpPhonemeTable at...

CVE-2023-49991

Espeak-ng 1.52-dev was discovered to contain a Stack Buffer Underflow via the function CountVowelPosition at...

CVE-2023-49994

Espeak-ng 1.52-dev was discovered to contain a Floating Point Exception via the function PeaksToHarmspect at...

CVE-2023-49992

Espeak-ng 1.52-dev was discovered to contain a Stack Buffer Overflow via the function RemoveEnding at...