CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42351 – Possible Data Tampering & Loss of Public Datasets in Galaxy
https://notcve.org/view.php?id=CVE-2024-42351
20 Sep 2024 — Galaxy is a free, open-source system for analyzing data, authoring workflows, training and education, publishing tools, managing infrastructure, and more. An attacker can potentially replace the contents of public datasets resulting in data loss or tampering. All supported branches of Galaxy (and more back to release_21.05) were amended with the below patch. Users are advised to upgrade. There are no known workarounds for this vulnerability. • https://depot.galaxyproject.org/patch/GX-2024-0001/022da344a02bafd604402ac8e253e0014f6e2e08.patch • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-42346 – Stored Cross Site Scripting (Stored XSS) in Galaxy
https://notcve.org/view.php?id=CVE-2024-42346
20 Sep 2024 — Galaxy is a free, open-source system for analyzing data, authoring workflows, training and education, publishing tools, managing infrastructure, and more. The editor visualization, /visualizations endpoint, can be used to store HTML tags and trigger javascript execution upon edit operation. All supported branches of Galaxy (and more back to release_20.05) were amended with the supplied patches. Users are advised to upgrade. There are no known workarounds for this vulnerability. • https://github.com/partywavesec/CVE-2024-42346 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 1CVE-2023-42812 – Galaxy vulnerable to Server Side Request Forgery during data imports
https://notcve.org/view.php?id=CVE-2023-42812
22 Sep 2023 — Galaxy is an open-source platform for FAIR data analysis. Prior to version 22.05, Galaxy is vulnerable to server-side request forgery, which allows a malicious to issue arbitrary HTTP/HTTPS requests from the application server to internal hosts and read their responses. Version 22.05 contains a patch for this issue. Galaxy es una plataforma de código abierto para el análisis de datos FAIR. Antes de la versión 22.05, Galaxy es vulnerable a Server-Side Request Forgery (SSRF), lo que permite que un malware emi... • https://github.com/galaxyproject/galaxy/blob/06d56c859713b74f1c2e35da1c2fcbbf0a965645/lib/galaxy/files/uris.py • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27578 – Galaxy vulnerable to unauthorized modification of pages/visualizations due to insufficient permission check
https://notcve.org/view.php?id=CVE-2023-27578
20 Mar 2023 — Galaxy is an open-source platform for data analysis. All supported versions of Galaxy are affected prior to 22.01, 22.05, and 23.0 are affected by an insufficient permission check. Unsupported versions are likely affected as far back as the functionality of Visualizations/Pages exists. Due to this issue, an attacker can modify or delete any Galaxy Visualization or Galaxy Page given they know the encoded ID of it. Additionally, they can copy or import any Galaxy Visualization given they know the encoded ID o... • https://depot.galaxyproject.org/patch/GX-2022-0002/modify_pages_viz-release_22.01.patch • CWE-284: Improper Access Control CWE-863: Incorrect Authorization •
CVSS: 10.0EPSS: 2%CPEs: 1EXPL: 0CVE-2015-10062 – galaxy-data-resource Command Line Template injection
https://notcve.org/view.php?id=CVE-2015-10062
17 Jan 2023 — A vulnerability, which was classified as problematic, was found in galaxy-data-resource up to 14.10.0. This affects an unknown part of the component Command Line Template. The manipulation leads to injection. Upgrading to version 14.10.1 is able to address this issue. The patch is named 50d65f45d3f5be5d1fbff2e45ac5cec075f07d42. • https://github.com/blankenberg/galaxy-data-resource/commit/50d65f45d3f5be5d1fbff2e45ac5cec075f07d42 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-11827
https://notcve.org/view.php?id=CVE-2020-11827
14 Jul 2020 — In GOG Galaxy 1.2.67, there is a service that is vulnerable to weak file/service permissions: GalaxyClientService.exe. An attacker can put malicious code in a Trojan horse GalaxyClientService.exe. After that, the attacker can re-start this service as an unprivileged user to escalate his/her privileges and run commands on the machine with SYSTEM rights. En GOG Galaxy versión 1.2.67, se presenta un servicio que es vulnerable a los permisos de archivos/servicios débiles: archivo GalaxyClientService.exe. Un ata... • https://fatihhcelik.blogspot.com/2020/04/gog-galaxy-desktop-app-local-privilege.html • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 2CVE-2020-7352 – GOG Galaxy GalaxyClientService Privilege Escalation
https://notcve.org/view.php?id=CVE-2020-7352
15 Jun 2020 — The GalaxyClientService component of GOG Galaxy runs with elevated SYSTEM privileges in a Windows environment. Due to the software shipping with embedded, static RSA private key, an attacker with this key material and local user permissions can effectively send any operating system command to the service for execution in this elevated context. The service listens for such commands on a locally-bound network port, localhost:9978. A Metasploit module has been published which exploits this vulnerability. This ... • https://github.com/szerszen199/PS-CVE-2020-7352 • CWE-264: Permissions, Privileges, and Access Controls CWE-798: Use of Hard-coded Credentials •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2019-15511
https://notcve.org/view.php?id=CVE-2019-15511
21 Nov 2019 — An exploitable local privilege escalation vulnerability exists in the GalaxyClientService installed by GOG Galaxy. Due to Improper Access Control, an attacker can send unauthenticated local TCP packets to the service to gain SYSTEM privileges in Windows system where GOG Galaxy software is installed. All GOG Galaxy versions before 1.2.60 and all corresponding versions of GOG Galaxy 2.0 Beta are affected. Se presenta una vulnerabilidad de escalada de privilegios local explotable en el GalaxyClientService inst... • https://github.com/adenkiewicz/CVE-2019-15511 • CWE-306: Missing Authentication for Critical Function •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 1CVE-2018-4048
https://notcve.org/view.php?id=CVE-2018-4048
30 May 2019 — An exploitable local privilege elevation vulnerability exists in the file system permissions of the `Temp` directory in GOG Galaxy 1.2.48.36 (Windows 64-bit Installer). An attacker can overwrite executables of the Desktop Galaxy Updater to exploit this vulnerability and execute arbitrary code with SYSTEM privileges. Existe una vulnerabilidad de privilegio local aprovechable en en los permisos del sistema de archivos del directorio `Temp` en GOG Galaxy 1.2.48.36 (Instalador de Windows de 64 bits). Un atacant... • https://talosintelligence.com/vulnerability_reports/TALOS-2018-0722 • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-4049
https://notcve.org/view.php?id=CVE-2018-4049
02 Apr 2019 — An exploitable local privilege elevation vulnerability exists in the file system permissions of GOG Galaxy's “Games” directory, version 1.2.48.36 (Windows 64-bit Installer). An attacker can overwrite executables of installed games to exploit this vulnerability and execute arbitrary code with elevated privileges. Existe una vulnerabilidad de elevación de privilegios local explotable en los permisos del sistema de archivos del directorio de "Juegos" de GOG Galaxy, versión 1.2.48.36 (Windows 64-bit Installer).... • https://talosintelligence.com/vulnerability_reports/TALOS-2018-0723 • CWE-732: Incorrect Permission Assignment for Critical Resource •