Vulnerabilities

Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an Improper Input Validation vulnerability that could lead to arbitrary file system read by an admin-privilege authenticated attacker. Exploitation of this issue does not require user interaction.

Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. A high-privileged authenticated attacker can force the application to make arbitrary requests via injection of arbitrary URLs. Exploitation of this issue does not require user interaction, scope is changed due to the fact that an attacker can enforce file read outside the application's path boundary.

A flaw was found in the tracker-miners package. A weakness in the sandbox allows a maliciously-crafted file to execute code outside the sandbox if the tracker-extract process has first been compromised by a separate vulnerability.

An integer overflow flaw was found in the Linux kernel. This issue leads to the kernel allocating `skb_shared_info` in the userspace, which is exploitable in systems without SMAP protection since `skb_shared_info` contains references to function pointers.

Improper Authentication vulnerability in Mitsubishi Electric Corporation MELSEC-F Series main modules allows a remote unauthenticated attacker to obtain sequence programs from the product or write malicious sequence programs or improper data in the product without authentication by sending illegitimate messages.<br /> <br /> <br /> <br /> <br /> <br /> <br />

Cross-site Scripting (XSS) - Stored in GitHub repository froxlor/froxlor prior to 2.1.0-dev1.

<br /> An Improper Validation of Syntactic Correctness of Input vulnerability in Routing Protocol Daemon (rpd) Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network based attacker to cause a Denial of Service (DoS).<br /> <br /> When a malformed BGP UPDATE packet is received over an established BGP session, the rpd crashes and restarts.<br /> <br /> This issue affects both eBGP and iBGP implementations.<br /> <br /> This issue affects:<br /> <br /> Juniper Networks Junos OS<br /> <br /> <br /> <br /> * 21.4 versions prior to 21.4R3-S4;<br /> * 22.1 versions prior to 22.1R3-S3;<br /> * 22.2 versions prior to 22.2R3-S2;<br /> * 22.3 versions prior to 22.3R2-S2, 22.3R3;<br /> * 22.4 versions prior to 22.4R2-S1, 22.4R3;<br /> * 23.2 versions prior to 23.2R1, 23.2R2;<br /> <br /> <br /> <br /> <br /> Juniper Networks Junos OS Evolved<br /> <br /> <br /> <br /> * 21.4 versions prior to 21.4R3-S5-EVO;<br /> * 22.1 versions prior to 22.1R3-S3-EVO;<br /> * 22.2 versions prior to 22.2R3-S3-EVO;<br /> * 22.3 versions prior to 22.3R2-S2-EVO;<br /> * 22.4 versions prior to 22.4R3-EVO;<br /> * 23.2 versions prior to 23.2R2-EVO;<br /> <br /> <br /> <br /> <br /> <br /> <br />

The SJA1000 CAN controller driver backend automatically attempt to recover from a bus-off event when built with CONFIG_CAN_AUTO_BUS_OFF_RECOVERY=y. This results in calling k_sleep() in IRQ context, causing a fatal exception.

<br /> An Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in the management daemon (mgd) process of Juniper Networks Junos OS and Junos OS Evolved allows a network-based authenticated low-privileged attacker, by executing a specific command via NETCONF, to cause a CPU Denial of Service to the device&amp;#39;s control plane.<br /> <br /> This issue affects:<br /> <br /> Juniper Networks Junos OS<br /> <br /> <br /> <br /> * All versions prior to 20.4R3-S7;<br /> * 21.2 versions prior to 21.2R3-S5;<br /> * 21.3 versions prior to 21.3R3-S5;<br /> * 21.4 versions prior to 21.4R3-S4;<br /> * 22.1 versions prior to 22.1R3-S2;<br /> * 22.2 versions prior to 22.2R3;<br /> * 22.3 versions prior to 22.3R2-S1, 22.3R3;<br /> * 22.4 versions prior to 22.4R1-S2, 22.4R2.<br /> <br /> <br /> <br /> <br /> Juniper Networks Junos OS Evolved<br /> <br /> <br /> <br /> * All versions prior to 21.4R3-S4-EVO;<br /> * 22.1 versions prior to 22.1R3-S2-EVO;<br /> * 22.2 versions prior to 22.2R3-EVO;<br /> * 22.3 versions prior to 22.3R3-EVO;<br /> * 22.4 versions prior to 22.4R2-EVO.<br /> <br /> <br /> <br /> <br /> An indicator of compromise can be seen by first determining if the NETCONF client is logged in and fails to log out after a reasonable period of time and secondly reviewing the WCPU percentage for the mgd process by running the following command:<br /> <br /> mgd process example:<br /> <br /> user@device-re#&gt; show system processes extensive | match "mgd|PID" | except last<br /> PID USERNAME PRI NICE SIZE RES STATE C TIME WCPU COMMAND<br /> 92476 root 100 0 500M 89024K CPU3 3 57.5H 89.60% mgd

<br /> An Improper Input Validation vulnerability in the routing protocol daemon (rpd) of Juniper Networks allows an attacker to cause a Denial of Service (DoS )to the device upon receiving and processing a specific malformed ISO VPN BGP UPDATE packet.<br /> <br /> Continued receipt of this packet will cause a sustained Denial of Service condition.<br /> <br /> This issue affects:<br /> <br /> <br /> <br /> * Juniper Networks Junos OS:<br /> * All versions prior to 20.4R3-S6;<br /> * 21.1 versions prior to 21.1R3-S5;<br /> * 21.2 versions prior to 21.2R3-S4;<br /> * 21.3 versions prior to 21.3R3-S3;<br /> * 21.4 versions prior to 21.4R3-S3;<br /> * 22.1 versions prior to 22.1R2-S2, 22.1R3;<br /> * 22.2 versions prior to 22.2R2-S1, 22.2R3;<br /> * 22.3 versions prior to 22.3R1-S2, 22.3R2.<br /> <br /> <br /> <br /> <br /> Juniper Networks Junos OS Evolved:<br /> <br /> <br /> <br /> * All versions prior to 20.4R3-S6-EVO;<br /> * 21.1-EVO version 21.1R1-EVO and later versions prior to 21.2R3-S4-EVO;<br /> * 21.3-EVO versions prior to 21.3R3-S3-EVO;<br /> * 21.4-EVO versions prior to 21.4R3-S3-EVO;<br /> * 22.1-EVO versions prior to 22.1R3-EVO;<br /> * 22.2-EVO versions prior to 22.2R2-S1-EVO, 22.2R3-EVO;<br /> * 22.3-EVO versions prior to 22.3R1-S2-EVO, 22.3R2-EVO.<br /> <br /> <br /> <br /> <br /> <br /> <br />

<br /> An Allocation of Resources Without Limits or Throttling vulnerability in Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service (DoS).<br /> <br /> On all Junos OS QFX5000 Series and EX4000 Series platforms, when a high number of VLANs are configured, a specific DHCP packet will cause PFE hogging which will lead to dropping of socket connections.<br /> <br /> This issue affects:<br /> <br /> Juniper Networks Junos OS on QFX5000 Series and EX4000 Series<br /> <br /> <br /> <br /> * 21.1 versions prior to 21.1R3-S5;<br /> * 21.2 versions prior to 21.2R3-S5;<br /> * 21.3 versions prior to 21.3R3-S5;<br /> * 21.4 versions prior to 21.4R3-S4;<br /> * 22.1 versions prior to 22.1R3-S3;<br /> * 22.2 versions prior to 22.2R3-S1;<br /> * 22.3 versions prior to 22.3R2-S2, 22.3R3;<br /> * 22.4 versions prior to 22.4R2.<br /> <br /> <br /> <br /> <br /> This issue does not affect Juniper Networks Junos OS versions prior to 21.1R1<br /> <br /> <br /> <br />

<br /> An Improper Input Validation vulnerability in the Packet Forwarding Engine of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause memory leak, leading to Denial of Service (DoS).<br /> <br /> On all Junos OS QFX5000 Series platforms, when pseudo-VTEP (Virtual Tunnel End Point) is configured under EVPN-VXLAN scenario, and specific DHCP packets are transmitted, DMA memory leak is observed. Continuous receipt of these specific DHCP packets will cause memory leak to reach 99% and then cause the protocols to stop working and traffic is impacted, leading to Denial of Service (DoS) condition. A manual reboot of the system recovers from the memory leak.<br /> <br /> To confirm the memory leak, monitor for "sheaf:possible leak" and "vtep not found" messages in the logs.<br /> <br /> This issue affects:<br /> <br /> Juniper Networks Junos OS QFX5000 Series:<br /> <br /> <br /> <br /> * All versions prior to 20.4R3-S6;<br /> * 21.1 versions prior to 21.1R3-S5;<br /> * 21.2 versions prior to 21.2R3-S5;<br /> * 21.3 versions prior to 21.3R3-S4;<br /> * 21.4 versions prior to 21.4R3-S3;<br /> * 22.1 versions prior to 22.1R3-S2;<br /> * 22.2 versions prior to 22.2R2-S2, 22.2R3;<br /> * 22.3 versions prior to 22.3R2-S1, 22.3R3;<br /> * 22.4 versions prior to 22.4R1-S2, 22.4R2.<br /> <br /> <br /> <br /> <br /> <br /> <br />