Уязвимость библиотеки Libarchive операционной системы Windows, позволяющая нарушителю выполнить произвольный код

Уязвимость библиотеки архивирования libarchive операционных систем Windows, позволяющая нарушителю выполнить произвольный код

Windows libarchive Remote Code Execution Vulnerability

Libarchive Remote Code Execution Vulnerability

Центр управления Active Directory не отображает полностью информацию о домене

Странно отображаются параметры настройки firefox (admx-firefox)

Неправильно сохраняет / отображает значение комментария

Неправильно сохраняет / отображает значение комментария

Управление файлами - кнопка выбора файла, очистка поля

Неправильно работают опции политики "Служба поиска файлов"

Служба поиска файлов: неверно задаётся параметр Включить индексацию содержимого файлов

Групповая политика для Mozilla - Firefox - Домашняя страница: название поля URL отображается под полем для ввода

FR | Добавить пункт Изменить в контекстное меню предпочтений

Одинаковое описание в окне настройки скриптов

Некорректно сохраняется список URL в политике Яндекс.Браузера для клиентов windows

Квадратные скобки в редактируемых полях приводят к сбросу всех произведенных настроек во всей политике.

GPT.INI поле Version не соответствует версии политики

Windows-клиент не обрабатывает GPT.INI, сформированный GPUI (лишние символы при отображении заголовка DisplayName / в окне настройки скриптов)

Не работает политики Установка политиков / Удаление пакетов

Не выводит значения списков

Искажение цвета в hasher при преобразовании svg в png

Уязвимость системы управления базами данных (СУБД) Redis, связанная с переполнением буфера в стеке, позволяющая нарушителю выполнить произвольный код

Redis is an open source, in-memory database that persists on disk. Authenticated users can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST` and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crash. This problem has been fixed in Redis versions 6.2.16, 7.2.6, and 7.4.1. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. The problem exists in all versions of Redis with Lua scripting. This problem has been fixed in Redis versions 6.2.16, 7.2.6, and 7.4.1. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Не правильная обработка сочетания "\U"

Перестали работать ярлыки, которые формируются через ГП

Картинка фона рабочего стола: не копирует картинку с sysvol для MATE

excessive dependency on python3(plugin)

Postgrey "падает" после его запуска

не работоспособный пакет postgrey

Уязвимость компонента анализа pdf-файлов пакета антивирусных программ ClamAV, позволяющая нарушителю вызвать отказ в обслуживании

Уязвимость службы ClamD пакета антивирусных программ ClamAV, позволяющая нарушителю нарушить целостность системных файлов или вызвать отказ в обслуживании

A vulnerability in the PDF parsing module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to an out of bounds read. An attacker could exploit this vulnerability by submitting a crafted PDF file to be scanned by ClamAV on an affected device. An exploit could allow the attacker to terminate the scanning process.

A vulnerability in the ClamD service module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an authenticated, local attacker to corrupt critical system files. The vulnerability is due to allowing the ClamD process to write to its log file while privileged without checking if the logfile has been replaced with a symbolic link. An attacker could exploit this vulnerability if they replace the ClamD log file with a symlink to a critical system file and then find a way to restart the ClamD process. An exploit could allow the attacker to corrupt a critical system file by appending ClamD log messages after restart.

Уязвимость функции api_plugin_hook() программного средства мониторинга сети Cacti, позволяющая нарушителю выполнить произвольный код

Уязвимость функции form_save() программного средства мониторинга сети Cacti, позволяющая нарушителю выполнять произвольные SQL-запросы

Уязвимость функции automation_get_new_graphs_sql программного средства мониторинга сети Cacti, позволяющая нарушителю выполнять произвольные SQL-запросы

Уязвимость функции create_all_header_nodes() программного средства мониторинга сети Cacti, позволяющая нарушителю выполнять произвольные SQL-запросы

Уязвимость функции import_package() (lib/import.php) программного средства мониторинга сети Cacti, позволяющая нарушителю выполнить произвольный PHP-код

Уязвимость программного средства мониторинга сети Cacti, существующая из-за непринятия мер по защите структуры веб-страницы, позволяющая нарушителю выполнить межсайтовый скриптинг

Уязвимость функции automation_tree_rules_form_save() (automation_tree_rules.php) программного средства мониторинга сети Cacti, позволяющая нарушителю провести атаку межстайтового скриптинга (XSS)

Уязвимость функции form_save() (data_queries.php) программного средства мониторинга сети Cacti, позволяющая нарушителю выполнить межсайтовый скриптинг

Уязвимость программного средства мониторинга сети Cacti, связанная с неверным управлением генерацией кода, позволяющая нарушителю выполнить произвольный код

Уязвимость сценария links.php программного средства мониторинга сети Cacti, позволяющая нарушителю проводить межсайтовые сценарные атаки

Уязвимость сценария links.php программного средства мониторинга сети Cacti, позволяющая нарушителю проводить межсайтовые сценарные атаки

Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, an arbitrary file write vulnerability, exploitable through the "Package Import" feature, allows authenticated users having the "Import Templates" permission to execute arbitrary PHP code on the web server. The vulnerability is located within the `import_package()` function defined into the `/lib/import.php` script. The function blindly trusts the filename and file content provided within the XML data, and writes such files into the Cacti base path (or even outside, since path traversal sequences are not filtered). This can be exploited to write or overwrite arbitrary files on the web server, leading to execution of arbitrary PHP code or other security impacts. Version 1.2.27 contains a patch for this issue.

Cacti provides an operational monitoring and fault management framework. Versions of Cacti prior to 1.2.27 are vulnerable to stored cross-site scripting, a type of cross-site scripting where malicious scripts are permanently stored on a target server and served to users who access a particular page. Version 1.2.27 contains a patch for the issue.

Cacti provides an operational monitoring and fault management framework. Versions of Cacti prior to 1.2.27 contain a residual cross-site scripting vulnerability caused by an incomplete fix for CVE-2023-50250. `raise_message_javascript` from `lib/functions.php` now uses purify.js to fix CVE-2023-50250 (among others). However, it still generates the code out of unescaped PHP variables `$title` and `$header`. If those variables contain single quotes, they can be used to inject JavaScript code. An attacker exploiting this vulnerability could execute actions on behalf of other users. This ability to impersonate users could lead to unauthorized changes to settings. Version 1.2.27 fixes this issue.

Cacti provides an operational monitoring and fault management framework. Prior to 1.2.27, some of the data stored in `form_save()` function in `data_queries.php` is not thoroughly checked and is used to concatenate the HTML statement in `grow_right_pane_tree()` function from `lib/html.php` , finally resulting in cross-site scripting. Version 1.2.27 contains a patch for the issue.

Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in `automation_tree_rules_form_save()` function in `automation_tree_rules.php` is not thoroughly checked and is used to concatenate the HTML statement in `form_confirm()` function from `lib/html.php` , finally resulting in cross-site scripting. Version 1.2.27 contains a patch for the issue.

Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, a SQL injection vulnerability in `automation_get_new_graphs_sql` function of `api_automation.php` allows authenticated users to exploit these SQL injection vulnerabilities to perform privilege escalation and remote code execution. In `api_automation.php` line 856, the `get_request_var('filter')` is being concatenated into the SQL statement without any sanitization. In `api_automation.php` line 717, The filter of `'filter'` is `FILTER_DEFAULT`, which means there is no filter for it. Version 1.2.27 contains a patch for the issue.

Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in `form_save()` function in `graph_template_inputs.php` is not thoroughly checked and is used to concatenate the SQL statement in `draw_nontemplated_fields_graph_item()` function from `lib/html_form_templates.php` , finally resulting in SQL injection. Version 1.2.27 contains a patch for the issue.

Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, there is a file inclusion issue in the `lib/plugin.php` file. Combined with SQL injection vulnerabilities, remote code execution can be implemented. There is a file inclusion issue with the `api_plugin_hook()` function in the `lib/plugin.php` file, which reads the plugin_hooks and plugin_config tables in database. The read data is directly used to concatenate the file path which is used for file inclusion. Version 1.2.27 contains a patch for the issue.

Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in `automation_tree_rules.php` is not thoroughly checked and is used to concatenate the SQL statement in `create_all_header_nodes()` function from `lib/api_automation.php` , finally resulting in SQL injection. Using SQL based secondary injection technology, attackers can modify the contents of the Cacti database, and based on the modified content, it may be possible to achieve further impact, such as arbitrary file reading, and even remote code execution through arbitrary file writing. Version 1.2.27 contains a patch for the issue.

Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, Cacti calls `compat_password_hash` when users set their password. `compat_password_hash` use `password_hash` if there is it, else use `md5`. When verifying password, it calls `compat_password_verify`. In `compat_password_verify`, `password_verify` is called if there is it, else use `md5`. `password_verify` and `password_hash` are supported on PHP < 5.5.0, following PHP manual. The vulnerability is in `compat_password_verify`. Md5-hashed user input is compared with correct password in database by `$md5 == $hash`. It is a loose comparison, not `===`. It is a type juggling vulnerability. Version 1.2.27 contains a patch for the issue.

Cacti is an open source performance and fault management framework. The `fileurl` parameter is not properly sanitized when saving external links in `links.php` . Morever, the said fileurl is placed in some html code which is passed to the `print` function in `link.php` and `index.php`, finally leading to stored XSS. Users with the privilege to create external links can manipulate the `fileurl` parameter in the http post request while creating external links to perform stored XSS attacks. The vulnerability known as XSS (Cross-Site Scripting) occurs when an application allows untrusted user input to be displayed on a web page without proper validation or escaping. This issue has been addressed in release version 1.2.28. All users are advised to upgrade. There are no known workarounds for this issue.

Cacti is an open source performance and fault management framework. An admin user can create a device with a malicious hostname containing php code and repeat the installation process (completing only step 5 of the installation process is enough, no need to complete the steps before or after it) to use a php file as the cacti log file. After having the malicious hostname end up in the logs (log poisoning), one can simply go to the log file url to execute commands to achieve RCE. This issue has been addressed in version 1.2.28 and all users are advised to upgrade. There are no known workarounds for this vulnerability.

Cacti is an open source performance and fault management framework. The `title` parameter is not properly sanitized when saving external links in links.php . Morever, the said title parameter is stored in the database and reflected back to user in index.php, finally leading to stored XSS. Users with the privilege to create external links can manipulate the `title` parameter in the http post request while creating external links to perform stored XSS attacks. The vulnerability known as XSS (Cross-Site Scripting) occurs when an application allows untrusted user input to be displayed on a web page without proper validation or escaping. This issue has been addressed in release version 1.2.28. All users are advised to upgrade. There are no known workarounds for this vulnerability.

glpi-agent ошибка Can't load XML::LibXML

УУязвимость функции apr_base64 библиотеки Apache Portable Runtime (APR), позволяющая нарушителю выполнить произвольный код

Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime Utility (APR-util) 1.6.1 and prior versions.

Уязвимость реализации технологии XSLT (eXtensible Stylesheet Language Transformations) модуля отображения Blink браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании

Уязвимость компонентов buf.c и tree.c библиотеки libxml2, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код

Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well.

Плохо читаемый текст при оффлайн обновлении packagekit

Отсутствует drop-in в tmpfiles.d для создания каталога /run/ejabberd

Can't locate config.ph