Jhead 3.06.0.1 allows attackers to execute arbitrary OS commands by placing them in a JPEG filename and then using the regeneration -rgt50 option.

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u431-perf, 11.0.25, 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM for JDK: 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM Enterprise Edition: 20.3.16 and 21.3.12. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u431-perf, 11.0.25, 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM for JDK: 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM Enterprise Edition: 20.3.16 and 21.3.12. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u431-perf, 11.0.25, 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM for JDK: 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM Enterprise Edition: 20.3.16 and 21.3.12. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).

new version

Уязвимость системы заявок, инцидентов и инвентаризации компьютерного оборудования GLPI, связанная с внешним контролем имени файла или пути, позволяющая нарушителю загрузить произвольный PHP-скрипт и перехватить загрузчик плагинов для выполнения этого произвольный скрипта

Уязвимость системы заявок, инцидентов и инвентаризации компьютерного оборудования GLPI, связанная с неправильной нейтрализацией специальных элементов, используемых в команде SQL, позволяющая нарушителю изменить данные учетной записи другого пользователя и получить над ней контроль

Уязвимость системы заявок, инцидентов и инвентаризации компьютерного оборудования GLPI, связанная с неправильным контролем доступа, позволяющая нарушителю обойти текущие правила разграничения доступа

Уязвимость системы заявок, инцидентов и инвентаризации компьютерного оборудования GLPI, связанная с некорректным управлением сеансом, позволяющая нарушителю получить полный доступ к приложению

Уязвимость системы заявок, инцидентов и инвентаризации компьютерного оборудования GLPI, связанная с непринятием мер по защите структуры запроса SQL, позволяющая нарушителю выполнить произвольный код

Уязвимость функции восстановления пароля системы заявок, инцидентов и инвентаризации компьютерного оборудования GLPI, позволяющая нарушителю обойти существующие ограничения безопасности

Уязвимость реализации прикладного программного интерфейса системы заявок, инцидентов и инвентаризации компьютерного оборудования GLPI, позволяющая нарушителю раскрыть конфиденциальную информацию

Уязвимость системы заявок, инцидентов и инвентаризации компьютерного оборудования GLPI, связанная с неправильным контролем доступа, позволяющая нарушителю получить несанкционированный доступ к учетной записи

Уязвимость системы заявок, инцидентов и инвентаризации компьютерного оборудования GLPI, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю провести атаку межсайтового скриптинга (XSS)

Уязвимость системы заявок, инцидентов и инвентаризации компьютерного оборудования GLPI, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю провести атаку межсайтового скриптинга (XSS)

Уязвимость системы заявок, инцидентов и инвентаризации компьютерного оборудования GLPI, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю провести атаку межсайтового скриптинга (XSS)

Уязвимость системы заявок, инцидентов и инвентаризации компьютерного оборудования GLPI, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю провести атаку межсайтового скриптинга (XSS)

Уязвимость системы заявок, инцидентов и инвентаризации компьютерного оборудования GLPI, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю провести атаку межсайтового скриптинга (XSS)

Уязвимость системы заявок, инцидентов и инвентаризации компьютерного оборудования GLPI, связанная с непринятием мер по защите структуры запроса SQL, позволяющая нарушителю выполнить SQL-инъекции

Уязвимость системы заявок, инцидентов и инвентаризации компьютерного оборудования GLPI, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю провести атаку межсайтового скриптинга (XSS)

Уязвимость системы заявок, инцидентов и инвентаризации компьютерного оборудования GLPI, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю провести атаку межсайтового скриптинга (XSS)

Уязвимость системы заявок, инцидентов и инвентаризации компьютерного оборудования GLPI, связанная с непринятием мер по защите структуры запроса SQL, позволяющая нарушителю выполнить SQL-инъекции

Уязвимость системы заявок, инцидентов и инвентаризации компьютерного оборудования GLPI, связанная с неправильным контролем доступа, позволяющая нарушителю получить несанкционированный доступ к учетной записи

GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An authenticated user can attach a document to any item, even if the user has no write access on it. Upgrade to 10.0.16.

GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An authenticated user can exploit a SQL injection vulnerability in some AJAX scripts to alter another user account data and take control of it. Upgrade to 10.0.16.

GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An authenticated technician user can upload a malicious PHP script and hijack the plugin loader to execute this malicious script. Upgrade to 10.0.16.

GLPI is a free asset and IT management software package. An authenticated user can exploit multiple SQL injection vulnerabilities. One of them can be used to alter another user account data and take control of it. Upgrade to 10.0.17.

GLPI is a free asset and IT management software package. An unauthenticated user can provide a malicious link to a GLPI technician in order to exploit a reflected XSS vulnerability. Upgrade to 10.0.17.

GLPI is a free asset and IT management software package. An authenticated user can exploit a SQL injection vulnerability from the ticket form. Upgrade to 10.0.17.

GLPI is a free asset and IT management software package. Starting in version 0.80 and prior to version 10.0.17, an unauthenticated user can use an application endpoint to check if an email address corresponds to a valid GLPI user. Version 10.0.17 fixes the issue.

GLPI is a free asset and IT management software package. An unauthenticated user can provide a malicious link to a GLPI technician in order to exploit a reflected XSS vulnerability located in the Software form. Upgrade to 10.0.17.

GLPI is a free asset and IT management software package. An unauthenticated user can provide a malicious link to a GLPI technician in order to exploit a reflected XSS vulnerability. Upgrade to 10.0.17.

GLPI is a free asset and IT management software package. An authenticated user can perfom a SQL injection by changing its preferences. Upgrade to 10.0.17.

GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An unauthenticated user can provide a malicious link to a GLPI technician in order to exploit a reflected XSS vulnerability located in the reports pages. Upgrade to 10.0.17.

GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An unauthenticated user can provide a malicious link to a GLPI technician in order to exploit a reflected XSS vulnerability located in the Cable form. Upgrade to 10.0.17.

GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An authenticated user can bypass the access control policy to create a private RSS feed attached to another user account and use a malicious payload to triggger a stored XSS. Upgrade to 10.0.17.

GLPI is a free asset and IT management software package. Starting in version 9.3.0 and prior to version 10.0.17, an authenticated user can use the API to take control of any user that have the same or a lower level of privileges. Version 10.0.17 contains a patch for this issue.

GLPI is a free Asset and IT management software package. An technician can upload a SVG containing a malicious script. The script will then be executed when any user will try to see the document contents. Upgrade to 10.0.17.

GLPI is a free asset and IT management software package. Starting in version 9.1.0 and prior to version 10.0.17, a technician with an access to the API can take control of an account with higher privileges. Version 10.0.17 contains a patch for this issue.

GLPI is a free asset and IT management software package. Starting in version 0.80 and prior to version 10.0.17, an administrator with access to the sent notifications contents can take control of an account with higher privileges. Version 10.0.17 contains a patch for this issue.

GLPI is a free asset and IT management software package. Starting in version 10.0.0 and prior to version 10.0.17, an authenticated user can use an application endpoint to delete any user account. Version 10.0.17 contains a patch for this issue.

GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to version 10.0.17, an unauthenticated user can retrieve all the sessions IDs and use them to steal any valid session. Version 10.0.17 contains a patch for this issue.

tqdm is an open source progress bar for Python and CLI. Any optional non-boolean CLI arguments (e.g. `--delim`, `--buf-size`, `--manpath`) are passed through python's `eval`, allowing arbitrary code execution. This issue is only locally exploitable and had been addressed in release version 4.66.3. All users are advised to upgrade. There are no known workarounds for this vulnerability.

The CPAN::Checksums package 2.12 for Perl does not uniquely define signed data.

Уязвимость компонента IMAP интерпретатора языка программирования PHP, позволяющая нарушителю выполнять произвольные команды в операционной системе

University of Washington IMAP Toolkit 2007f on UNIX, as used in imap_open() in PHP and other products, launches an rsh command (by means of the imap_rimap function in c-client/imap4r1.c and the tcp_aopen function in osdep/unix/tcp_unix.c) without preventing argument injection, which might allow remote attackers to execute arbitrary OS commands if the IMAP server name is untrusted input (e.g., entered by a user of a web application) and if rsh has been replaced by a program with different argument semantics. For example, if rsh is a link to ssh (as seen on Debian and Ubuntu systems), then the attack can use an IMAP server name containing a "-oProxyCommand" argument.

Уязвимость подкомпонента userinfo текстового веб-браузера Lynx, связанная с недостаточной защитой регистрационных данных, позволяющая нарушителю получить доступ к конфиденциальным данным

Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers to discover cleartext credentials because they may appear in SNI data.