PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. This allows the attacker to gain remote access to the device and can make their persistence permanent by modifying the filesystem. The injected commands only get executed during start up or when unsafe calls regarding the hostname are used. An attacker with this level of access on the device can monitor all communications sent to and from this device, modify onboard relays, change configuration files, or cause the device to become unstable. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior to 1.302 for the LP series and 1.296 for the EP series. ![]() In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks.Īn unauthenticated attacker can update the hostname with a specially crafted name that will allow for shell commands to be executed during the core collection process. Remote Procedure Call Runtime Remote Code Execution Vulnerability Windows Network File System Remote Code Execution Vulnerability Whale Bridge, a default extension in Whale browser before 3.12.129.18, allowed to receive any SendMessage request from the content script itself that could lead to controlling Whale Bridge if the rendering process compromises. Users unable to upgrade need to check that the hashed digest data length must be equal to `PJSIP_MD5STRLEN` before passing to PJSIP. This issue has been patched in the master branch of the PJSIP repository and will be included with the next release. In versions prior to and including 2.12 PJSIP there is a stack-buffer overflow vulnerability which only impacts PJSIP users who accept hashed digest credentials (credentials with data_type `PJSIP_CRED_DATA_DIGEST`). PJSIP is a free and open source multimedia communication library written in C language. The public API error causes for the attacker to be able to bypass API access control. As a workaround, users who process based on user input should always sanitize the user input by allowing only a constrained set of operations. ![]() The vulnerability has been fixed in version 1.12.2 of image_processing. This method is called internally by Active Storage variants, so Active Storage is vulnerable as well. Prior to version 1.12.2, using the `#apply` method from image_processing to apply a series of operations that are coming from unsanitized user input allows the attacker to execute shell commands. Image_processing is an image processing wrapper for libvips and ImageMagick/GraphicsMagick. CVE-2021-20325 was assigned to that Red Hat specific security regression and it does not affect the upstream versions of httpd. A user who installs or updates to Red Hat Enterprise Linux 8.5.0 would be vulnerable to the mentioned CVEs, even if they were properly fixed in Red Hat Enterprise Linux 8.4. Missing fixes for CVE-2021-40438 and CVE-2021-26691 in the versions of httpd, as shipped in Red Hat Enterprise Linux 8.5.0, causes a security regression compared to the versions shipped in Red Hat Enterprise Linux 8.4. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request. This is vulnerability is fixed in version 1.15.0 of TL-WR940N V4 was discovered to contain a buffer overflow via the ipStart parameter at /userRpm/WanDynamicIpV6CfgRpm. This was only exploitable in the template YAML definition itself and not by user input data. A malicious actor with write access to a registered scaffolder template could manipulate the template in a way that allows for remote code execution on the scaffolder-backend instance. The library used for this sandbox so far has been `vm2`, but in light of several past vulnerabilities and existing vulnerabilities that may not have a fix, the plugin has switched to using a different sandbox library. The Backstage scaffolder-backend plugin uses a templating library that requires sandbox, as it by design allows for code injection. ![]() Server-Side Request Forgery (SSRF) in GitHub repository plantuml/plantuml prior to 1.2023.9.īackstage is an open platform for building developer portals. All users are recommended to upgrade to 1.20.3 immediately. The vulnerability has been patched in Deno 1.20.3. This vulnerability does not affect users of Deno Deploy. ![]() The versions of Deno between release 1.18.0 and 1.20.2 (inclusive) are vulnerable to an attack where a malicious actor controlling the code executed in a Deno runtime could bypass all permission checks and execute arbitrary shell code. Deno is a runtime for JavaScript and TypeScript.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |