#vulnerability

Red Hat Security Advisory 2024-9678-03 - An update for squid is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Issues addressed include a denial of service vulnerability.

Apple Security Advisory 11-19-2024-3 - iOS 18.1.1 and iPadOS 18.1.1 addresses code execution vulnerabilities.

Building on its broad security portfolio, Microsoft's new exposure management is now available in the Microsoft Defender portal, with third-party-connectors on the way.

In a first, Russia's APT28 hacking group appears to have remotely breached the Wi-Fi of an espionage target by hijacking a laptop in another building across the street.

Malware bypasses Microsoft Defender and 2FA, stealing $24K in cryptocurrency via a fake NFT game app. Learn how…

MITRE and CISA's 2024 list of the 25 most dangerous software weaknesses exposes the need for organizations to continue to invest in secure code.

### Summary A server side request forgery vuln was found within geonode when testing on a bug bounty program. Server side request forgery allows a user to request information on the internal service/services. ### Details The endpoint /proxy/?url= does not properly protect against SSRF. when using the following format you can request internal hosts and display data. /proxy/?url=http://169.254.169.254\@whitelistedIPhere. This will state wether the AWS internal IP is alive. If you get a 404, the host is alive. A non alive host will not display a response. To display metadata, use a hashfrag on the url /proxy/?url=http://169.254.169.254\@#whitelisteddomain.com or try /proxy/?url=http://169.254.169.254\@%23whitelisteddomain.com ### Impact Port scan internal hosts, and request information from internal hosts.

### Impact Flowise allows developers to inject configuration into the Chainflow during execution through the `overrideConfig` option. This is supported in both the frontend web integration and the backend Prediction API. This has a range of fundamental issues that are a **major** security vulnerability. While this feature is intentional, it should have strong protections added and be disabled by default. These issues include: 1. Remote code execution. While inside a sandbox this allows for 1. Sandbox escape 2. DoS by crashing the server 3. SSRF 2. Prompt Injection, both System and User 1. Full control over LLM prompts 2. Server variable and data exfiltration And many many more such as altering the flow of a conversation, prompt exfiltration via LLM proxying etc. These issues are self-targeted and do not persist to other users but do leave the server and business exposed. All issues are shown with the API but also work with the web embed. ### Workarounds - `overrideC...

## Summary A critical remote OS command injection vulnerability has been identified in the Llama Factory training process. This vulnerability arises from improper handling of user input, allowing malicious actors to execute arbitrary OS commands on the host system. The issue is caused by insecure usage of the `Popen` function with `shell=True`, coupled with unsanitized user input. Immediate remediation is required to mitigate the risk. ## Affected Version Llama Factory versions **<=0.9.0** are affected by this vulnerability. ## Impact Exploitation of this vulnerability allows attackers to: 1. Execute arbitrary OS commands on the server. 2. Potentially compromise sensitive data or escalate privileges. 3. Deploy malware or create persistent backdoors in the system. This significantly increases the risk of data breaches and operational disruption. ## Root Cause The vulnerability originates from the training process where the `output_dir` value, obtained from the user input, is in...