JAL Information Technology Co., Ltd. Security Vulnerabilities

Security Bulletin: Multiple vulnerabilities in IBM Java SDK (April 2024) affect IBM InfoSphere Information Server

Summary There are multiple vulnerabilities in the IBM® SDK Java™ Technology Edition, Version 8 that is used by IBM InfoSphere Information Server. These issues were disclosed as part of the IBM Java SDK updates in April 2024. Vulnerability Details ** CVEID: CVE-2024-21085 DESCRIPTION: **An...

Exploit for SQL Injection in Crmeb

CVE-2024-36837 POC write URL in url.txt and run...

Security Bulletin: Multiple vulnerabilities affect IBM® SDK, Java™ Technology Edition

Summary This bulletin for IBM SDK, Java Technology Edition covers all applicable Java SE CVEs published by Oracle as part of their April 2024 Critical Patch Update, plus CVE-2023-38264. For more information please refer to Oracle's April 2024 CPU Advisory and the X-Force database entries...

Security Bulletin: IBM InfoSphere Information Server containers are vulnerable to privilege escalation

Summary A privilege escalation vulnerability was addressed in IBM InfoSphere Information Server. Vulnerability Details CVEID: CVE-2019-4185 DESCRIPTION: IBM InfoSphere Information Server containers are vulnerable to privilege escalation due to an insecurely configured component. CVSS Base Score:...

Malicious code in co-pilot-auth_web (npm)

-= Per source details. Do not edit below this line.=- Source: ghsa-malware (d490be43502540c62a740310c0ab3d38a35220e7b32f029a0c7e79e191104015) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2023-25077

Cross-site scripting vulnerability in Authentication Key Settings of EC-CUBE 4.0.0 to 4.0.6-p2, EC-CUBE 4.1.0 to 4.1.2-p1, and EC-CUBE 4.2.0 allows a remote authenticated attacker to inject an arbitrary...

CVE-2023-22438

Cross-site scripting vulnerability in Contents Management of EC-CUBE 4 series (EC-CUBE 4.0.0 to 4.0.6-p2, EC-CUBE 4.1.0 to 4.1.2-p1, and EC-CUBE 4.2.0), EC-CUBE 3 series (EC-CUBE 3.0.0 to 3.0.18-p5), and EC-CUBE 2 series (EC-CUBE 2.11.0 to 2.11.5, EC-CUBE 2.12.0 to 2.12.6, EC-CUBE 2.13.0 to...

Information Disclosure

typo3/cms is vulnerable to Information Disclosure. The vulnerability is due to improper permission checks, allowing editors to gain knowledge of protected storages and their folders. Attackers can exploit this by using a valid backend user account to include protected files in a collection...

Information Disclosure

SonarQube is vulnerable to exposure of encrypted values in cleartext. The vulnerability is due to encrypted values generated using the Settings Encryption feature being exposed in URL parameters in logs, allowing attackers with access to SonarQube logs or proxy logs to view sensitive...

Information Exposure

Quarkus-core is vulnerable to Information Exposure. The vulnerability is due to the capture of local environment variables from the Quarkus namespace during the build process, leading to applications inheriting potentially sensitive or test-specific settings at...

CVE-2023-46845

EC-CUBE 3 series (3.0.0 to 3.0.18-p6) and 4 series (4.0.0 to 4.0.6-p3, 4.1.0 to 4.1.2-p2, and 4.2.0 to 4.2.2) contain an arbitrary code execution vulnerability due to improper settings of the template engine Twig included in the product. As a result, arbitrary code may be executed on the server...

CVE-2023-22838

Cross-site scripting vulnerability in Product List Screen and Product Detail Screen of EC-CUBE 4.0.0 to 4.0.6-p2, EC-CUBE 4.1.0 to 4.1.2-p1, and EC-CUBE 4.2.0 allows a remote authenticated attacker to inject an arbitrary...

Information Disclosure

moodle/moodle is vulnerable to Information Disclosure. The vulnerability is caused due to the cURL wrapper in Moodle failing to clear HTTP authorization headers when following redirects, potentially exposing sensitive authentication information to unintended...

Information Exposure

Intel(R) Atom(R) Processors are vulnerable to information exposure through microarchitectural state after transient execution. The vulnerability is due to certain register files, which, when accessed by an authenticated user, may potentially enable information disclosure via local...

Information Disclosure

org.elasticsearch.plugin: x-pack-security is vulnerable to Information Disclosure. The vulnerability arises from the failure to enforce search restrictions during cross-cluster searches when an API key grants both search and replication rights to an index, which allows an attacker to access...

Information Disclosure

github.com/cilium/cilium is vulnerable to Information Disclosure. The vulnerability is due to the output of cilium-bugtool containing sensitive data when the tool is run with the --envoy-dump flag in deployments where the Envoy proxy is enabled. Attackers who gain access to this output could...

Information Exposure

Firefox is vulnerable to Information Exposure. The vulnerability is caused due to IndexedDB files are not properly deleted when the window was closed when browser.privatebrowsing.autostart preference is enabled. This preference is disabled by default in...

Information Exposure

zsa is vulnerable to Information Exposure Through Error Message. The vulnerability is due to the application transferring the parse error stack from the server to the client in production build mode, potentially revealing sensitive server...

Information Disclosure

xen is vulnerable to Information Disclosure. The vulnerability exists due to a division-by-zero error on some AMD processors which allows an attacker to gain access to speculative...

CVE-2022-38975

DOM-based cross-site scripting vulnerability in EC-CUBE 4 series (EC-CUBE 4.0.0 to 4.1.2) allows a remote attacker to inject an arbitrary script by having an administrative user of the product to visit a specially crafted...

Information Exposure

sanitize-html is vulnerable to Information Exposure. The vulnerability is due to the parsing of CSS through the style attribute without disabling source maps, which can allow attackers to infer the file system structure and dependencies of the...

Sensitive Information Disclosure

urllib3 is vulnerable to Sensitive Information Disclosure. The vulnerability is due to improper handling of the Proxy-Authorization header, which is not removed on cross-origin redirects, which could allow an attacker to expose sensntive authentication material to unintended hosts. Note that this.....

Sensitive Information Disclosure

github.com/rancher/rke is vulnerable to Sensitive Information Disclosure. The vulnerability exists due to insecure cluster state storage in a publicly accessible configmap called full-cluster-state inside the kube-system namespace, which allows an attacker without administrative privileges to...

Information Disclosure

xen is vulnerable to Information Disclosure. Under specific micro architectural circumstances, an attacker is able to potentially access sensitive user...

Information Disclosure

xen is vulnerable to Information Disclosure. This vulnerability occurs when an attacker can influence the return address prediction of a victim's process which could allow the attacker to gain access to sensitive information in the victim's...

Information Exposure

Firefox is vulnerable to Information Exposure. The vulnerability is due to error messages generated during importing resources using Web Workers, distinguish the difference between application/javascript responses and non-script responses. This can be abused to learn information...

KeyCloak - Information Exposure

A flaw was found in keycloak in versions prior to 13.0.0. The client registration endpoint allows fetching information about PUBLIC clients (like client secret) without authentication which could be an issue if the same PUBLIC client changed to CONFIDENTIAL later. The highest threat from this...

Sensitive Information Disclosure

github.com/rancher/rancher is vulnerable to Sensitive Information Disclosure. The vulnerability is due to constantly reconciling clusters when secrets encryption configuration is enabled, causing Kube API secret values to be written in plaintext on the AppliedSpec. An attacker can gain access to...

Sensitive Information Disclosure

@lobehub/chat is vulnerable to Sensitive Information Disclosure. The vulnerability is due to insecure handling of the base URL in the frontend, allowing an attacker to modify it to their own attack URL. The attacker can then set up a server-side request to obtain the real backend API...

Sensitive Information Exposure

h2o is vulnerable to Sensitive Information Exposure. The vulnerability is due the Typeahead API call which allows an attacker to lookup arbitrary system paths in the entire file system where h2o-3 is...

Information Disclosure

TYPO3/CMS is vulnerable to Information Disclosure. This vulnerability arises from insufficient validation and handling of uploaded files within forms. It may result in arbitrary file disclosure or unauthorized access to sensitive system...

Information Disclosure

typo3/cms-core is vulnerable to Information Disclosure The vulnerability is due to improper session termination, where session data of authenticated users is transformed into an anonymous user session during the logout process, allowing subsequent users of the same client application to access...

Information Disclosure

typo3/cms-core is vulnerable to Information Disclosure. The vulnerability is due to Inline JavaScript settings within the RequireJS package, which allows an attacker to retrieve additional information about the installed system and third-party...

Information Disclosure

typo3/cms-core is vulnerable to Information Disclosure. The vulnerability is due to login failures being logged at the "warning" level instead of the "debug" level, which exposes plain text credential...

Sensitive Information Disclosure

keycloak-services is vulnerable to Sensitive Information Disclosure. The vulnerability is due to client-provided parameters included in plain text within the KC_RESTART cookie returned by the authorization server's HTTP response to a request_uri authorization...

Sensitive Information Disclosure

apache-airflow is vulnerable to Sensitive Information Disclosure. The vulnerability is due to the absence of a "Cache-Control" header in the response headers for dynamic content, which could lead to the unintended caching of sensitive information in the local cache of web...

Sensitive Information Disclosure

topthink/framework is vulnerable to Sensitive Information Disclosure. The vulnerability is due to improper handling of error messages, which can reveal the PHPSESSION cookie through debug error output source code when a crafted URI is used in a GET...

Information Disclosure

typo3/cms-core is vulnerable to Information Disclosure. The vulnerability is due to improper permission checks on the element information component, which displays properties of a certain record without verifying the backend user’s...

Sensitive Information Disclosure

github.com/kubernetes-sigs/azurefile-csi-driver is vulnerable to Sensitive Information Disclosure. This vulnerability is due to tokens being logged when TokenRequests is configured in the CSIDriver object and the driver is set to run at log level 2 or greater via the -v flag, which allows an...

Sensitive Information Disclosure

jupyter_server is vulnerable to Sensitive Information Disclosure. The vulnerability is due to improper path validation, which allows unauthenticated attackers to leak the NTLMv2 password hash of the Windows user running the...

SonarQube logs sensitive information

In SonarQube before 10.4 and 9.9.4 LTA, encrypted values generated using the Settings Encryption feature are potentially exposed in cleartext as part of the URL parameters in the logs (such as SonarQube Access Logs, Proxy Logs,...

Information Disclosure

typo3/cms-core is vulnerable to Information Disclosure. The vulnerability is due to backend users without read access being able to see specific pages in the page...

Sensitive Information Disclosure

netty-incubator-codec-ohttp is vulnerable to Sensitive Information Disclosure. The vulnerability due to an error in the BoringSSLAEADContext which results the encryption nonce overflowing. An attacker can manipulate the nonce repetition by causing the sequence number to overflow, which decreases...

Microweber Information Disclosure

Microweber contains a vulnerability that allows exposure of sensitive information to an unauthorized actor in Packagist microweber/microweber prior to...

Exploit for Insertion of Sensitive Information into Log File in Milesight Ur5X Firmware

CVE-2023-43261 - PoC Critical Vulnerability Exposes...

SonarQube logs sensitive information

In SonarQube before 10.4 and 9.9.4 LTA, encrypted values generated using the Settings Encryption feature are potentially exposed in cleartext as part of the URL parameters in the logs (such as SonarQube Access Logs, Proxy Logs,...

Sensitive Information Disclosure

GnuTLS is vulnerable to Sensitive Information Disclosure. The vulnerability is due to exploiting deterministic behavior in systems like GnuTLS, particularly when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, which can lead to a noticeable step in nonce size from 513 to 512 bits, exposing a...

XWiki < 4.10.15 - Information Disclosure

The Solr-based search suggestion provider that also duplicates as generic JavaScript API for search results in XWiki exposes the content of all documents of all wikis to anybody who has access to it, by default it is public. This exposes all information stored in the wiki (but not some protected...

Sensitive Information Disclosure

ethyca_fides is vulnerable to Information Disclosure. The vulnerability is due to improper masking of nested sensitive fields such as private_key in the BigQuery connection configuration, which allows an attacker to expose the sensitive fields in plaintext via certain API...

Sensitive Information Exposure

chainguard.dev/apko is vulnerable to Sensitive Information Exposure. The vulnerability is due to improper redaction of sensitive information within error log output, where HTTP basic auth credentials from repository and keyring URLs are exposed, which allows an attacker with access to logs to...