Gwyn's Imagemap Selector Security Vulnerabilities

(RHSA-2023:3095) Moderate: libreswan security and bug fix update

Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network (VPN).....

Moderate: libreswan security and bug fix update

Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network (VPN).....

Moderate: libreswan security and bug fix update

Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network (VPN).....

RHEL 8 : libreswan (RHSA-2023:3095)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:3095 advisory. libreswan: remote DoS via crafted TS payload with an incorrect selector length (CVE-2023-23009) Note that Nessus has not tested for this issue but...

AlmaLinux 9 : libreswan (ALSA-2023:2633)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2023:2633 advisory. Libreswan 4.9 allows remote attackers to cause a denial of service (assert failure and daemon restart) via crafted TS payload with an incorrect selector...

Missing Proposal Validations in Funding Contract.

Lines of code https://github.com/code-423n4/2023-05-ajna/blob/276942bc2f97488d07b887c8edceaaab7a5c3964/ajna-grants/src/grants/base/Funding.sol#L52-L66 Vulnerability details Impact The Funding.sol contract's _validateCallDatas function validates the targets, values, and calldatas parameters for a...

RHEL 9 : libreswan (RHSA-2023:2633)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:2633 advisory. libreswan: remote DoS via crafted TS payload with an incorrect selector length (CVE-2023-23009) Note that Nessus has not tested for this issue but...

css-what vulnerabilities

Releases Ubuntu 20.04 LTS Ubuntu 18.04 ESM Ubuntu 16.04 ESM Packages node-css-what - A CSS selector parser Details It was discovered that css-what incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker...

(RHSA-2023:2633) Moderate: libreswan security update

Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network (VPN).....

Moderate: libreswan security update

Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network (VPN).....

Moderate: libreswan security update

Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network (VPN).....

vyper vulnerable to storage allocator overflow

Impact The storage allocator does not guard against allocation overflows. This can result in vulnerabilities like the following: ```vyper owner: public(address) take_up_some_space: public(uint256[10]) buffer: public(uint256[max_value(uint256)]) @external def initialize(): self.owner =...

vyper vulnerable to storage allocator overflow

Impact The storage allocator does not guard against allocation overflows. This can result in vulnerabilities like the following: ```vyper owner: public(address) take_up_some_space: public(uint256[10]) buffer: public(uint256[max_value(uint256)]) @external def initialize(): self.owner =...

Exploit for Improper Access Control in Papercut Papercut Mf

...

Security Bulletin: IBM® Engineering Requirements Management DOORS/DWA vulnerabilities fixed in 9.7.2.7

Summary cURL libcurl, Apache Xerces2 Java, Apache Jena, Spring Framework, json-smart-v1 and json-smart-v2 , libxml2, Apache Standard Taglibs , Apache ActiveMQ, Apache Commons Codec are identified as vulnerable components with multiple reported vulnerabilities, listed below. The IBM® Engineering...

Interpretation Conflict

@openzeppelin/contracts is vulnerable to Interpretation Conflict. The vulnerability exists because the TransparentUpgradeableProxy clashing selector calls may not be delegated if the clashing function has a different signature with incompatible ABI encoding, which could lead to proxy revert while.....

Fedora 38 : libreswan (2023-a2348480cb)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-a2348480cb advisory. Libreswan 4.9 allows remote attackers to cause a denial of service (assert failure and daemon restart) via crafted TS payload with an incorrect selector...

Fedora 37 : libreswan (2023-42ec148952)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-42ec148952 advisory. Libreswan 4.9 allows remote attackers to cause a denial of service (assert failure and daemon restart) via crafted TS payload with an incorrect selector...

org.xwiki.platform:xwiki-platform-attachment-ui vulnerable to Code Injection

Impact A registered user can perform remote code execution leading to privilege escalation by injecting the proper code in the "property" field of an attachment selector, as a gadget of their own dashboard. Note that the vulnerability does not impact comments of a wiki. Patches The vulnerability...

org.xwiki.platform:xwiki-platform-attachment-ui vulnerable to Code Injection

Impact A registered user can perform remote code execution leading to privilege escalation by injecting the proper code in the "property" field of an attachment selector, as a gadget of their own dashboard. Note that the vulnerability does not impact comments of a wiki. Patches The vulnerability...

CVE-2023-29519

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A registered user can perform remote code execution leading to privilege escalation by injecting the proper code in the "property" field of an attachment selector, as a gadget of their own...

CVE-2023-29519

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A registered user can perform remote code execution leading to privilege escalation by injecting the proper code in the "property" field of an attachment selector, as a gadget of their own...

CVE-2023-29519

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A registered user can perform remote code execution leading to privilege escalation by injecting the proper code in the "property" field of an attachment selector, as a gadget of their own...

Remote code execution

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A registered user can perform remote code execution leading to privilege escalation by injecting the proper code in the "property" field of an attachment selector, as a gadget of their own...

CVE-2023-29519 Code injection in org.xwiki.platform:xwiki-platform-attachment-ui

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A registered user can perform remote code execution leading to privilege escalation by injecting the proper code in the "property" field of an attachment selector, as a gadget of their own...

CVE-2023-30541

OpenZeppelin Contracts is a library for secure smart contract development. A function in the implementation contract may be inaccessible if its selector clashes with one of the proxy's own selectors. Specifically, if the clashing function has a different signature with incompatible ABI encoding,...

CVE-2023-30541

OpenZeppelin Contracts is a library for secure smart contract development. A function in the implementation contract may be inaccessible if its selector clashes with one of the proxy's own selectors. Specifically, if the clashing function has a different signature with incompatible ABI encoding,...

CVE-2023-30541

OpenZeppelin Contracts is a library for secure smart contract development. A function in the implementation contract may be inaccessible if its selector clashes with one of the proxy's own selectors. Specifically, if the clashing function has a different signature with incompatible ABI encoding,...

Code injection

OpenZeppelin Contracts is a library for secure smart contract development. A function in the implementation contract may be inaccessible if its selector clashes with one of the proxy's own selectors. Specifically, if the clashing function has a different signature with incompatible ABI encoding,...

CVE-2023-30541 TransparentUpgradeableProxy clashing selector calls may not be delegated in @openzeppelin/contracts

OpenZeppelin Contracts is a library for secure smart contract development. A function in the implementation contract may be inaccessible if its selector clashes with one of the proxy's own selectors. Specifically, if the clashing function has a different signature with incompatible ABI encoding,...

OpenZeppelin Contracts TransparentUpgradeableProxy clashing selector calls may not be delegated

Impact A function in the implementation contract may be inaccessible if its selector clashes with one of the proxy's own selectors. Specifically, if the clashing function has a different signature with incompatible ABI encoding, the proxy could revert while attempting to decode the arguments from.....

OpenZeppelin Contracts TransparentUpgradeableProxy clashing selector calls may not be delegated

Impact A function in the implementation contract may be inaccessible if its selector clashes with one of the proxy's own selectors. Specifically, if the clashing function has a different signature with incompatible ABI encoding, the proxy could revert while attempting to decode the arguments from.....

Mageia: Security Advisory (MGASA-2023-0089)

The remote host is missing an update for...

Exploit for Authentication Bypass by Capture-replay in Microsoft

CVE-2023-23397 This script allows to create TNEF-encoded...

Use safeTransferFrom() instead of transferFrom() in function NeoTokyoStaker._assetTransferFrom()

Lines of code Vulnerability details Impact Some ERC-20 tokens do not revert on failure (such as ZRX). Instead, they would just return a boolean false. In function NeoTokyoStaker._assetTransferFrom(), the check success is only checking whether the low-level call is successful or not. If the ERC-20.....

Updated libreswan packages fix security vulnerability

A change in the libreswan 4.2 Traffic Selector parsing code introduced a missing check that would reject palformed Traffic Selector payloads. As such, in such case the code stumbles on to hit a double free, leading to a crash and restart of the pluto daemon. No remote code execution....

Debian DSA-5368-1 : libreswan - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dsa-5368 advisory. Libreswan 4.9 allows remote attackers to cause a denial of service (assert failure and daemon restart) via crafted TS payload with an incorrect selector length....

CVE-2023-23009

A flaw was found in the Libreswan package. A crafted TS payload with an incorrect selector length may allow a remote attacker to cause a denial of...

Denial Of Service (DoS)

efox is vulnerable to Denial of Service (DoS) attacks. A remote attacker is able to cause denial of service conditions via crafted TS payload with an incorrect selector...

CVE-2023-23009

Libreswan 4.9 allows remote attackers to cause a denial of service (assert failure and daemon restart) via crafted TS payload with an incorrect selector...

CVE-2023-23009

Libreswan 4.9 allows remote attackers to cause a denial of service (assert failure and daemon restart) via crafted TS payload with an incorrect selector...

CVE-2023-23009

Libreswan 4.9 allows remote attackers to cause a denial of service (assert failure and daemon restart) via crafted TS payload with an incorrect selector...

CVE-2023-23009

Libreswan 4.9 allows remote attackers to cause a denial of service (assert failure and daemon restart) via crafted TS payload with an incorrect selector...

CVE-2023-23009

Libreswan 4.9 allows remote attackers to cause a denial of service (assert failure and daemon restart) via crafted TS payload with an incorrect selector...

Code injection

Libreswan 4.9 allows remote attackers to cause a denial of service (assert failure and daemon restart) via crafted TS payload with an incorrect selector...

CVE-2023-23009

Libreswan 4.9 allows remote attackers to cause a denial of service (assert failure and daemon restart) via crafted TS payload with an incorrect selector...

CVE-2023-23009

Libreswan 4.9 allows remote attackers to cause a denial of service (assert failure and daemon restart) via crafted TS payload with an incorrect selector...

Intel® Ethernet Controllers and Adapters Advisory

Summary: A potential security vulnerability in some Intel® Ethernet Controllers and Adapters may allow denial of service. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2022-36382 Description: Out-of-bounds write in firmware for...

Unbreakable Enterprise kernel security update

[5.4.17-2136.316.7] - runtime revert of virtio_net: Stripe queue affinities across cores. (Konrad Rzeszutek Wilk) [Orabug: 35001045] [5.4.17-2136.316.6] - block: Change the granularity of io ticks from ms to ns (Gulam Mohamed) [Orabug: 34780807] - powercap: intel_rapl: support new layout of...

Unbreakable Enterprise kernel-container security update

[5.4.17-2136.316.7] - runtime revert of virtio_net: Stripe queue affinities across cores. (Konrad Rzeszutek Wilk) [Orabug: 35001045] [5.4.17-2136.316.6] - block: Change the granularity of io ticks from ms to ns (Gulam Mohamed) [Orabug: 34780807] - powercap: intel_rapl: support new layout of...