Jenkins Tests Selector Plugin 1.3.3 and earlier allows users with Item/Configure permission to read arbitrary files on the Jenkins...
6.5CVSS
0.001EPSS
Jenkins Tests Selector Plugin 1.3.3 and earlier does not escape the Properties File Path option for Choosing Tests parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure...
5.4CVSS
5.2AI Score
0.001EPSS
Jenkins Tests Selector Plugin 1.3.3 and earlier does not escape the Properties File Path option for Choosing Tests parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure...
5.4CVSS
5.3AI Score
0.001EPSS
Jenkins Tests Selector Plugin 1.3.3 and earlier does not escape the Properties File Path option for Choosing Tests parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure...
5.4CVSS
5.3AI Score
0.001EPSS
Jenkins Tests Selector Plugin 1.3.3 and earlier allows users with Item/Configure permission to read arbitrary files on the Jenkins...
6.5CVSS
6.3AI Score
0.001EPSS
Jenkins Tests Selector Plugin 1.3.3 and earlier allows users with Item/Configure permission to read arbitrary files on the Jenkins...
6.9AI Score
0.001EPSS
Jenkins Tests Selector Plugin 1.3.3 and earlier does not escape the Properties File Path option for Choosing Tests parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure...
5.8AI Score
0.001EPSS
K50455702 : jQuery vulnerabilities CVE-2021-41182, CVE-2021-41183, and CVE-2021-41184
Security Advisory Description CVE-2021-41182 jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the altField option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string...
6.1CVSS
6.4AI Score
0.004EPSS
WordPress Optimole plugin cross-site scripting vulnerability
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. WordPress plugin is a WordPress open source application plugin. WordPress plugin Optimole version 3.3.2 has a cross-site scripting vulnerability that stems from the failure of image optimization and.....
4.8CVSS
1.7AI Score
0.001EPSS
GitLab Uninitialized Admin Password (HTTP) - Active Check
The remote GitLab instance is not initialized with an admin ...
7.3AI Score
Wrong implementation of OperatorResolver::areOperatorsImported
This issue has been created to upgrade a QA report submission to a medium severity finding. From kenzo: Wrong implementation of OperatorResolver::areOperatorsImported The function as implemented will return true if the operators have same implementation but different selector, or different...
6.9AI Score
areOperatorsImported has incorrect logic
This issue has been created to upgrade a QA report submission to a medium severity finding. From 0xliumin: areOperatorsImported has incorrect logic Right now, this function returns false if the implementation AND the selector don't match. It's possible to provide a destination with either a...
6.9AI Score
Security fix for the ALT Linux 10 package qemu version 6.1.1-alt1
6.1.1-alt1 built March 1, 2022 Alexey Shabalin in task #295902 Feb. 24, 2022 Alexey Shabalin - 6.1.1 - Fixes for the following security vulnerabilities: + CVE-2021-3713 uas: add stream number sanity checks + CVE-2021-3947 hw/nvme: fix buffer overrun in nvme_changed_nslist + CVE-2021-20196...
7.4CVSS
1.8AI Score
0.001EPSS
Unauthorised AJAX Calls via Freemius
The plugins and themes use an insecure version of the Freemius Framework, which is lacking CSRF and/or authorisation in some of its AJAX actions. As a result, any authenticated users, such as subscriber could access the debug logs. Unauthenticated attackers could also make a logged in admin toggle....
2.7AI Score
Sensitive Information Disclosure vulnerability discovered in WordPress WordPress Dev Powers – Element Selector jQuery Powers Plugin plugin (versions <= 1.0.1). Solution No patched version...
2.9AI Score
Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability discovered in WordPress WordPress Dev Powers – Element Selector jQuery Powers Plugin plugin (versions <= 1.0.1). Solution No patched version...
4.5AI Score
Using transfer instead of safeTransfer allows attacker to steal all staked tokens
Lines of code Vulnerability details Impact An attacker can drain all staked tickets. Proof of Concept In the withdrawDelegationToStake function the user can transfer from one of his delegations to the TWABDelegator contract and receive vault tokens he can then unstake to get his tickets back....
6.8AI Score
Bypass MAX_LOCK duration + External calls even when delegation is locked
Lines of code https://github.com/pooltogether/v4-twab-delegator/blob/master/contracts/Delegation.sol#L40 Vulnerability details Impact Delegation owner can change the MAX_LOCK duration even though current lock set on delegation has not yet expired Also Delegation owner can execute calls even when...
6.9AI Score
Wrong logic around areOperatorsImported
Lines of code Vulnerability details Impact The logic related to the areOperatorsImported method is incorrect and can cause an operator not to be updated because the owner thinks it is already updated, and a vulnerable or defective one can be used. Proof of Concept The operators mapping is made up.....
6.8AI Score
Velociraptor Version 0.6.3: Dig Deeper With More Speed and Scalability
Rapid7 is very excited to announce the latest Velociraptor release 0.6.3. This release has been in the making for a few months now and has several exciting new features. Scalability and speed have been the main focus of development since our previous release. Working with some of our larger...
AI Score
[32:9.8.2-0.68.rc1.0.3.8] - Backport fix for CVE-2018-5741 [Orabug: 33496185] [32:9.8.2-0.68.rc1.0.2.8] - Backport possible assertion failure on DNAME processing (CVE-2021-25215) [32:9.8.2-0.68.rc1.0.1.8] - Backport the fix for buffer overflow (CVE-2020-8625) (Orabug: 32588749)...
6.5CVSS
-0.4AI Score
0.003EPSS
5.4CVSS
AI Score
0.001EPSS
5.4CVSS
5.8AI Score
EPSS
5.4CVSS
0.1AI Score
0.001EPSS
9.8CVSS
7.2AI Score
0.047EPSS
5.3CVSS
5.3AI Score
0.001EPSS
9.8CVSS
7.2AI Score
0.047EPSS
9.8CVSS
7.1AI Score
0.047EPSS
Description Sensitive information as part of the error is getting disclosed during the upload of an unrestricted file. Steps to Reproduce Instance 1 Log in to the application https://demo.microweber.org Add a new post and upload an SVG file and you will see an error message getting Popped on the...
6.5CVSS
-0.1AI Score
0.001EPSS
Drupal 7.x < 7.86 / 9.2.x < 9.2.11 / 9.3.x < 9.3.3 Multiple Vulnerabilities (drupal-2022-01-19)
According to its self-reported version, the instance of Drupal running on the remote web server is 7.x prior to 7.86, 9.2.x prior to 9.2.11, or 9.3.x prior to 9.3.3. It is, therefore, affected by multiple vulnerabilities. Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the...
6.5CVSS
6.8AI Score
0.005EPSS
espoofer is an open-source testing tool to bypass SPF, DKIM, and DMARC authentication in email systems. It helps mail server administrators and penetration testers to check whether the target email server and client are vulnerable to email spoofing attacks or can be abused to send spoofing emails.....
9.8CVSS
7.8AI Score
0.006EPSS
GovernorCompatibilityBravo incorrect ABI encoding may lead to unexpected behavior
Impact The GovernorCompatibilityBravo module may lead to the creation of governance proposals that execute function calls with incorrect arguments due to bad ABI encoding. This happens if the proposal is created using explicit function signatures, e.g. a proposal to invoke the function...
-0.4AI Score
GovernorCompatibilityBravo incorrect ABI encoding may lead to unexpected behavior
Impact The GovernorCompatibilityBravo module may lead to the creation of governance proposals that execute function calls with incorrect arguments due to bad ABI encoding. This happens if the proposal is created using explicit function signatures, e.g. a proposal to invoke the function...
-0.4AI Score
Council veto protection does not work
Handle TomFrenchBlockchain Vulnerability details Impact Council can veto proposals to remove them to remain in power. Proof of Concept The Vader governance contract has the concept of a "council" which can unilaterally accept or reject a proposal. To prevent a malicious council preventing itself...
7AI Score
Exploit for Deserialization of Untrusted Data in Apache Log4J
Apache Log4j Zero Day aka Log4Shell aka...
10CVSS
-0.6AI Score
0.976EPSS
Summary We have identified that the IBM Kenexa LMS On Premise is affected by one or more security vulnerabilities. These have been tested in LMS 6.1.0 version. Vulnerability Details ** CVEID: CVE-2021-4104 DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the...
7.5CVSS
1.7AI Score
0.127EPSS
Summary We have identified that the IBM Kenexa LCMS Premier is affected by one or more security vulnerabilities. These have been tested in LCMS Premier 13.x & 14.0 versions. Vulnerability Details ** CVEID: CVE-2021-4104 DESCRIPTION: **Apache Log4j could allow a remote attacker to execute...
7.5CVSS
1.9AI Score
0.127EPSS
Exploit for Deserialization of Untrusted Data in Apache Log4J
Apache Log4j Zero Day aka Log4Shell aka...
10CVSS
-0.6AI Score
0.976EPSS
Exploit for Deserialization of Untrusted Data in Apache Log4J
Apache Log4j Zero Day aka Log4Shell aka...
10CVSS
-0.6AI Score
0.976EPSS
A deep dive into an NSO zero-click iMessage exploit: Remote Code Execution
Posted by Ian Beer & Samuel Groß of Google Project Zero We want to thank Citizen Lab for sharing a sample of the FORCEDENTRY exploit with us, and Apple’s Security Engineering and Architecture (SEAR) group for collaborating with us on the technical analysis. The editorial opinions reflected below...
7.8CVSS
7.2AI Score
0.002EPSS
AI Score
7.4AI Score
-0.3AI Score
Zucchetti Axess CLOKI Access Control 1.64 CSRF Disable Access Control
Title: Zucchetti Axess CLOKI Access Control 1.64 CSRF Disable Access Control Advisory ID: ZSL-2021-5689 Type: Local/Remote Impact: Cross-Site Scripting, Security Bypass Risk: (3/5) Release Date: 13.12.2021 Summary CLOKI is the pre-installed application on our terminals that provides simple to...
7.7AI Score
Locke.sol:Stream - arbitraryCall can be used to drain incentive tokens
Handle ScopeLift Vulnerability details Impact Governor can drain incentive balance via arbitraryCall Proof of Concept The Stream contract offers createIncentive https://github.com/code-423n4/2021-11-streaming/blob/main/Streaming/src/Locke.sol#L500 and claimIncentive...
6.8AI Score
virt:kvm_utils security update
hivex [1.3.18] - Resolves: bz#1810193 (Upgrade components in virt:rhel module:stream for RHEL-8.3 release) [1.3.18] - Resolves: bz#1810193 (Upgrade components in virt:rhel module:stream for RHEL-8.3 release) libguestfs [1:1.40.2-25.0.1] - Replace upstream references from description tag -...
8.2CVSS
0.3AI Score
0.001EPSS
NodeBB 1.18.4 - Remote Code Execution With One Shot
Message forums are used by many companies and open source projects to exchange with their users. NodeBB is the leading JavaScript-based forum solution, having over 12k stars on GitHub. Several popular companies are using NodeBB to establish a community around their flagship products. During recent....
7.5CVSS
-0.1AI Score
0.001EPSS
Emoji-Button Cross-Site Scripting Vulnerability
Emoji-Button is a native JavaScript emoji selector. emoji-Button is vulnerable to a cross-site scripting vulnerability that stems from the lack of effective filtering and validation of URLs and i18n strings in the software for custom emoji, which could be exploited by an attacker to craft an input....
6.1CVSS
2.7AI Score
0.001EPSS
GitLab: Arbitrary POST request as victim user from HTML injection in Jupyter notebooks
Summary An attacker can create a Jupyter notebook that will make arbitrary POST requests as the victim user. In the "worst case" an attacker could make an admin create a new admin account for the attacker. Other possible attack vectors are forcing invites to private projects etc. Every POST...
0.4AI Score
Google Chrome contacts picker security bypass vulnerability
Google Chrome is a web browser from Google, Inc. A security vulnerability exists in Google Chrome due to an error in policy enforcement in the product contact selector. An attacker could use this vulnerability to bypass security...
4.3CVSS
2.9AI Score
0.003EPSS