Vulnerabilidades

*** Pendiente de traducción *** <br /> Compiler removal of buffer clearing in <br /> <br /> <br /> <br /> sli_se_opaque_import_key<br /> <br /> <br /> in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.<br /> <br />

*** Pendiente de traducción *** An arbitrary file upload vulnerability in the component /admin/ThemeController.java of PerfreeBlog v3.1.2 allows attackers to execute arbitrary code via a crafted file.

*** Pendiente de traducción *** <br /> Compiler removal of buffer clearing in <br /> <br /> <br /> <br /> <br /> <br /> sli_crypto_transparent_aead_encrypt_tag<br /> <br /> <br /> <br /> in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.<br /> <br />

*** Pendiente de traducción *** <br /> Compiler removal of buffer clearing in <br /> <br /> <br /> <br /> <br /> <br /> sli_crypto_transparent_aead_decrypt_tag<br /> <br /> <br /> <br /> in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.<br /> <br />

*** Pendiente de traducción *** <br /> Compiler removal of buffer clearing in <br /> <br /> <br /> <br /> <br /> <br /> <br /> <br /> sli_se_sign_message<br /> <br /> <br /> <br /> <br /> in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.<br /> <br />

*** Pendiente de traducción *** <br /> Compiler removal of buffer clearing in <br /> <br /> <br /> <br /> <br /> <br /> <br /> <br /> sli_se_sign_hash in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.<br /> <br />

*** Pendiente de traducción *** <br /> Compiler removal of buffer clearing in <br /> <br /> sli_se_driver_mac_compute<br /> <br /> in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.<br /> <br />

*** Pendiente de traducción *** An issue in Zammad v5.4.0 allows attackers to bypass e-mail verification using an arbitrary address and manipulate the data of the generated user. Attackers are also able to gain unauthorized access to existing tickets.

*** Pendiente de traducción *** Improper Limitation of a Pathname to a Restricted Directory (&amp;#39;Path Traversal&amp;#39;) vulnerability that could allow an attacker to write files to locations with certain critical filesystem types leading to remote code execution was discovered in Western Digital My Cloud Home, My Cloud Home Duo, SanDisk ibi and Western Digital My Cloud OS 5 devices. This issue requires an authentication bypass issue to be triggered before this can be exploited. <br /> This issue affects My Cloud Home and My Cloud Home Duo: before 9.4.0-191; ibi: before 9.4.0-191; My Cloud OS 5: before 5.26.202.

*** Pendiente de traducción *** An uncontrolled resource consumption vulnerability issue that could arise by sending crafted requests to a service to consume a large amount of memory, eventually resulting in the service being stopped and restarted was discovered in Western Digital My Cloud Home, My Cloud Home Duo, SanDisk ibi and Western Digital My Cloud OS 5 devices. This issue requires the attacker to already have root privileges in order to exploit this vulnerability.This issue affects My Cloud Home and My Cloud Home Duo: before 9.4.0-191; ibi: before 9.4.0-191; My Cloud OS 5: before 5.26.202.<br /> <br />

*** Pendiente de traducción *** Improper Limitation of a Pathname to a Restricted Directory (&amp;#39;Path Traversal&amp;#39;) vulnerability that could allow an attacker to create arbitrary shares on arbitrary directories and exfiltrate sensitive files, passwords, users and device configurations was discovered in Western Digital My Cloud Home, My Cloud Home Duo, SanDisk ibi and Western Digital My Cloud OS 5 devices. This can only be exploited once an attacker gains root privileges on the devices using an authentication bypass issue or another vulnerability.This issue affects My Cloud Home and My Cloud Home Duo: before 9.4.0-191; ibi: before 9.4.0-191; My Cloud OS 5: before 5.26.202.<br /> <br />

*** Pendiente de traducción *** Ombi is an open source application which allows users to request specific media from popular self-hosted streaming servers. Versions prior to 4.38.2 contain an arbitrary file read vulnerability where an Ombi administrative user may access files available to the Ombi server process on the host operating system. Ombi administrators may not always be local system administrators and so this may violate the security expectations of the system. The arbitrary file read vulnerability was present in `ReadLogFile` and `Download` endpoints in `SystemControllers.cs` as the parameter `logFileName` is not sanitized before being combined with the `Logs` directory. When using `Path.Combine(arg1, arg2, arg3)`, an attacker may be able to escape to folders/files outside of `Path.Combine(arg1, arg2)` by using ".." in `arg3`. In addition, by specifying an absolute path for `arg3`, `Path.Combine` will completely ignore the first two arguments and just return just `arg3`. This vulnerability can lead to information disclosure. The Ombi `documentation` suggests running Ombi as a Service with Administrator privileges. An attacker targeting such an application may be able to read the files of any Windows user on the host machine and certain system files. This issue has been addressed in commit `b8a8f029` and in release version 4.38.2. Users are advised to upgrade. There are no known workarounds for this vulnerability. This issue is also tracked as GHSL-2023-088.<br />