Latest Vulnerabilities

Last week saw a variety of vulnerabilities, including path traversal and stored cross-site scripting in Reposilite, remote code execution through JNDI resolution in Kafka UI, cross-site scripting flaws impacting user interfaces, and issues in RDMA, i2c, nfc, and mac80211 components. Notable was a WordPress Slider Revolution plugin vulnerability affecting versions below 6.7.0, leading to unauthenticated broken access control. It's essential for users to stay vigilant, update software promptly, and monitor security advisories to mitigate these risks effectively.

Rejected reason: CVE was assigned in error.
Path traversal while serving Reposilite javadoc expanded files
Path traversal in Reposilite javadoc file expansion
Stored Cross site scripting in Reposilite artifacts
Remote code execution via JNDI resolution in JMX metrics collection in Kafka UI
### Impact A [cross-site scripting (XSS)](https://owasp.org/www-community/attacks/xss/) vulnerability was discovered in TinyMCE’s content extraction code. When using the `noneditable_regexp` option, s...
composer/tinymce/tinymce>=7.0.0<7.2.0
composer/tinymce/tinymce>=6.0.0<6.8.4
nuget/TinyMCE>=7.0.0<7.2.0
nuget/TinyMCE>=6.0.0<6.8.4
npm/tinymce>=7.0.0<7.2.0
npm/tinymce>=6.0.0<6.8.4
and 3 more
### Impact A [cross-site scripting (XSS)](https://owasp.org/www-community/attacks/xss/) vulnerability was discovered in TinyMCE’s content extraction code. When using the `noneditable_regexp` option, s...
composer/tinymce/tinymce>=7.0.0<7.2.0
composer/tinymce/tinymce>=6.0.0<6.8.4
nuget/TinyMCE>=7.0.0<7.2.0
nuget/TinyMCE>=6.0.0<6.8.4
npm/tinymce>=7.0.0<7.2.0
npm/tinymce>=6.0.0<6.8.4
and 3 more
### Impact A [cross-site scripting (XSS)](https://owasp.org/www-community/attacks/xss/) vulnerability was discovered in TinyMCE’s content parsing code. This allowed specially crafted noscript elements...
composer/tinymce/tinymce>=7.0.0<7.2.0
composer/tinymce/tinymce>=6.0.0<6.8.4
nuget/TinyMCE>=7.0.0<7.2.0
nuget/TinyMCE>=6.0.0<6.8.4
npm/tinymce>=7.0.0<7.2.0
npm/tinymce>=6.0.0<6.8.4
and 3 more
### Impact A [cross-site scripting (XSS)](https://owasp.org/www-community/attacks/xss/) vulnerability was discovered in TinyMCE’s content parsing code. This allowed specially crafted noscript elements...
composer/tinymce/tinymce>=7.0.0<7.2.0
composer/tinymce/tinymce>=6.0.0<6.8.4
nuget/TinyMCE>=7.0.0<7.2.0
nuget/TinyMCE>=6.0.0<6.8.4
npm/tinymce>=7.0.0<7.2.0
npm/tinymce>=6.0.0<6.8.4
and 3 more
### Impact A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. ``` node:events:502 throw err; // Unhandled 'error' e...
npm/socket.io>=3.0.0<4.6.2
npm/socket.io<2.5.0
### Impact A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. ``` node:events:502 throw err; // Unhandled 'error' e...
npm/socket.io>=3.0.0<4.6.2
npm/socket.io<2.5.0
RDMA/mlx5: Fix releasing unallocated memory in dereg MR flow
RDMA: Fix use-after-free in rxe_queue_cleanup
RDMA/irdma: Fix a user-after-free in add_pble_prm
i2c: virtio: fix completion handling
nfc: fix segfault in nfc_genl_dump_devices_done
mac80211: validate extended element ID is present
drm/msm: Fix null ptr access msm_ioctl_gem_submit()
firmware: arm_scpi: Fix string overflow in SCPI genpd driver
WordPress Slider Revolution plugin < 6.7.0 - Unauthenticated Broken Access Control vulnerability
bpf: Fix kernel address leakage in atomic fetch
net: netlink: af_netlink: Prevent empty skb by adding a check on len.
bpf: Fix kernel address leakage in atomic cmpxchg's r0 aux reg
vduse: fix memory corruption in vduse_dev_ioctl()
vduse: check that offset is within bounds in get_config()
audit: improve robustness of the audit queue handling
mac80211: track only QoS data frames for admission control
tee: amdtee: fix an IS_ERR() vs NULL bug
dm btree remove: fix use after free in rebalance_children()
btrfs: use latest_dev in btrfs_show_devname
sch_cake: do not call cake_destroy() from cake_init()
inet_diag: fix kernel-infoleak for UDP sockets
net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg
net/sched: sch_ets: don't remove idle classes from the round-robin list
mptcp: never allow the PM to close a listener subflow
mptcp: clear 'kern' flag from fallback sockets
net: stmmac: fix tc flower deletion for VLAN priority Rx steering
WordPress Slider Revolution plugin < 6.7.11 - Cross Site Scripting (XSS) vulnerability
mptcp: fix deadlock in __mptcp_push_pending()
mptcp: remove tcp ulp setsockopt support
igbvf: fix double free in `igbvf_probe`
sit: do not call ipip6_dev_free() from sit_init_net()
net: systemport: Add global locking for descriptor lifecycle
net: stmmac: dwmac-rk: fix oob read in rk_gmac_setup
btrfs: fix memory leak in __add_inode_ref()
iocost: Fix divide-by-zero on donation from low hweight cgroup
media: mxl111sf: change mutex_init() location
xen/netback: don't queue unlimited number of packages
USB: core: Make do_proc_control() and do_proc_bulk() killable
scsi: scsi_debug: Fix type in min_t to avoid stack OOB

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203