pytorch-lightning vulnerable to Arbitrary File Write via /v1/runs API endpoint
A vulnerability in the /v1/runs API endpoint of lightning-ai/pytorch-lightning v2.2.4 allows attackers to exploit path traversal when extracting tar.gz files. When the LightningApp is running with the plugin_server, attackers can deploy malicious tar.gz plugins that embed arbitrary files with path....
9.1CVSS
7.7AI Score
0.0004EPSS
The XPC service within the audit functionality of Jamf Compliance Editor before version 1.3.1 on macOS can lead to local privilege...
0.0004EPSS
The XPC service within the audit functionality of Jamf Compliance Editor before version 1.3.1 on macOS can lead to local privilege...
6.7AI Score
0.0004EPSS
Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote code execution vulnerability in the shadowing component of the Endpoint Protector and Unify agent which allows an attacker with administrative access to the Endpoint Protector or Unify server to...
8.1AI Score
0.0004EPSS
Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote code execution vulnerability in the logging component of the Endpoint Protector and Unify server application which allows an unauthenticated remote attacker to send a malicious request, resulting in...
0.0004EPSS
Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote code execution vulnerability in the shadowing component of the Endpoint Protector and Unify agent which allows an attacker with administrative access to the Endpoint Protector or Unify server to...
0.0004EPSS
An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router or conductor running with a redundant peer allows a network based attacker to bypass authentication and take full control of the device. Only routers or conductors that are running in....
10CVSS
7.2AI Score
0.001EPSS
Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote code execution vulnerability in the logging component of the Endpoint Protector and Unify server application which allows an unauthenticated remote attacker to send a malicious request, resulting in...
8.4AI Score
0.0004EPSS
Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote code execution vulnerability in the Endpoint Protector and Unify agent in the way that the EasyLock dependency is acquired from the server. An attacker with administrative access to the Endpoint...
0.0004EPSS
An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router or conductor running with a redundant peer allows a network based attacker to bypass authentication and take full control of the device. Only routers or conductors that are running in....
10CVSS
0.001EPSS
Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote code execution vulnerability in the Endpoint Protector and Unify agent in the way that the EasyLock dependency is acquired from the server. An attacker with administrative access to the Endpoint...
8.1AI Score
0.0004EPSS
VMware Workspace One UEM update addresses an information exposure vulnerability. A malicious actor with network access to the Workspace One UEM may be able to perform an attack resulting in an information...
6.8CVSS
6.7AI Score
0.0004EPSS
VMware Workspace One UEM update addresses an information exposure vulnerability. A malicious actor with network access to the Workspace One UEM may be able to perform an attack resulting in an information...
6.8CVSS
0.0004EPSS
VMware Cloud Director Object Storage Extension contains an Insertion of Sensitive Information vulnerability. A malicious actor with adjacent access to web/proxy server logging may be able to obtain sensitive information from URLs that are...
5.3CVSS
0.0004EPSS
VMware Cloud Director Object Storage Extension contains an Insertion of Sensitive Information vulnerability. A malicious actor with adjacent access to web/proxy server logging may be able to obtain sensitive information from URLs that are...
5.3CVSS
6.4AI Score
0.0004EPSS
CVE-2024-5642 Buffer overread when using an empty list with SSLContext.set_npn_protocols()
CPython 3.9 and earlier doesn't disallow configuring an empty list ("[]") for SSLContext.set_npn_protocols() which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used (see CVE-2024-5535 for OpenSSL). This vulnerability is of low severity due to...
6.8AI Score
0.0004EPSS
CVE-2024-5642 Buffer overread when using an empty list with SSLContext.set_npn_protocols()
CPython 3.9 and earlier doesn't disallow configuring an empty list ("[]") for SSLContext.set_npn_protocols() which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used (see CVE-2024-5535 for OpenSSL). This vulnerability is of low severity due to...
0.0004EPSS
Decoding OWASP – A Security Engineer’s Roadmap to Application Security
In a time where over 60% of data breaches are linked to software vulnerabilities and a single overlooked software vulnerability can expose sensitive data, the imperative of robust application security cannot be overstated. The 2023 IBM Security Cost of a Data Breach Report highlights that...
8.4AI Score
VMware Cloud Director Object Storage Extension contains an Insertion of Sensitive Information vulnerability. A malicious actor with adjacent access to web/proxy server logging may be able to obtain sensitive information from URLs that are...
5.3CVSS
0.0004EPSS
VMware Cloud Director Object Storage Extension contains an Insertion of Sensitive Information vulnerability. A malicious actor with adjacent access to web/proxy server logging may be able to obtain sensitive information from URLs that are...
5.3CVSS
6.3AI Score
0.0004EPSS
VMware Workspace One UEM update addresses an information exposure vulnerability. A malicious actor with network access to the Workspace One UEM may be able to perform an attack resulting in an information...
6.8CVSS
0.0004EPSS
VMware Workspace One UEM update addresses an information exposure vulnerability. A malicious actor with network access to the Workspace One UEM may be able to perform an attack resulting in an information...
6.8CVSS
6.7AI Score
0.0004EPSS
An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router or conductor running with a redundant peer allows a network based attacker to bypass authentication and take full control of the device. Only routers or conductors that are running in....
10CVSS
0.001EPSS
An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router or conductor running with a redundant peer allows a network based attacker to bypass authentication and take full control of the device. Only routers or conductors that are running in....
10CVSS
7.4AI Score
0.001EPSS
Hush Line is a free and open-source, anonymous-tip-line-as-a-service for organizations or individuals. The TOTP authentication flow has multiple issues that weakens its one-time nature. Specifically, the lack of 2FA for changing security settings allows attacker with CSRF or XSS primitives to...
7.5CVSS
0.0004EPSS
Hush Line is a free and open-source, anonymous-tip-line-as-a-service for organizations or individuals. The TOTP authentication flow has multiple issues that weakens its one-time nature. Specifically, the lack of 2FA for changing security settings allows attacker with CSRF or XSS primitives to...
7.5CVSS
7.6AI Score
0.0004EPSS
7.3AI Score
An Inside Look at The Malware and Techniques Used in the WordPress.org Supply Chain Attack
On Monday June 24th, 2024 the Wordfence Threat Intelligence team was made aware of the presence of malware in the Social Warfare repository plugin (see post Supply Chain Attack on WordPress.org Plugins Leads to 5 Maliciously Compromised WordPress Plugins). After adding the malicious code to our...
7.8AI Score
7.3AI Score
CVE-2024-38523 Hush Line OTP issue
Hush Line is a free and open-source, anonymous-tip-line-as-a-service for organizations or individuals. The TOTP authentication flow has multiple issues that weakens its one-time nature. Specifically, the lack of 2FA for changing security settings allows attacker with CSRF or XSS primitives to...
7.5CVSS
6.6AI Score
0.0004EPSS
CVE-2024-38523 Hush Line OTP issue
Hush Line is a free and open-source, anonymous-tip-line-as-a-service for organizations or individuals. The TOTP authentication flow has multiple issues that weakens its one-time nature. Specifically, the lack of 2FA for changing security settings allows attacker with CSRF or XSS primitives to...
7.5CVSS
0.0004EPSS
An absolute path traversal vulnerability exists in parisneo/lollms-webui v9.6, specifically in the open_file endpoint of lollms_advanced.py. The sanitize_path function with allow_absolute_path=True allows an attacker to access arbitrary files and directories on a Windows system. This vulnerability....
7.5CVSS
7.4AI Score
0.0004EPSS
An absolute path traversal vulnerability exists in parisneo/lollms-webui v9.6, specifically in the open_file endpoint of lollms_advanced.py. The sanitize_path function with allow_absolute_path=True allows an attacker to access arbitrary files and directories on a Windows system. This vulnerability....
7.5CVSS
0.0004EPSS
In version 1.2.7 of lunary-ai/lunary, any authenticated user, regardless of their role, can change the name of an organization due to improper access control. The function checkAccess() is not implemented, allowing users with the lowest privileges, such as the 'Prompt Editor' role, to modify...
5.3CVSS
0.0004EPSS
In version 1.2.7 of lunary-ai/lunary, any authenticated user, regardless of their role, can change the name of an organization due to improper access control. The function checkAccess() is not implemented, allowing users with the lowest privileges, such as the 'Prompt Editor' role, to modify...
5.3CVSS
5.2AI Score
0.0004EPSS
In h2oai/h2o-3 version 3.46.0, the run_tool command in the rapids component allows the main function of any class under the water.tools namespace to be called. One such class, MojoConvertTool, crashes the server when invoked with an invalid argument, causing a denial of...
7.5CVSS
7.5AI Score
0.0004EPSS
A vulnerability in the /v1/runs API endpoint of lightning-ai/pytorch-lightning v2.2.4 allows attackers to exploit path traversal when extracting tar.gz files. When the LightningApp is running with the plugin_server, attackers can deploy malicious tar.gz plugins that embed arbitrary files with path....
9.1CVSS
0.0004EPSS
A vulnerability in the /v1/runs API endpoint of lightning-ai/pytorch-lightning v2.2.4 allows attackers to exploit path traversal when extracting tar.gz files. When the LightningApp is running with the plugin_server, attackers can deploy malicious tar.gz plugins that embed arbitrary files with path....
9.1CVSS
9.4AI Score
0.0004EPSS
In h2oai/h2o-3 version 3.46.0, the run_tool command in the rapids component allows the main function of any class under the water.tools namespace to be called. One such class, MojoConvertTool, crashes the server when invoked with an invalid argument, causing a denial of...
7.5CVSS
0.0004EPSS
In lunary-ai/lunary versions <=v1.2.11, an attacker can bypass email validation by using a dot character ('.') in the email address. This allows the creation of multiple accounts with essentially the same email address (e.g., '[email protected]' and '[email protected]'), leading to...
5.3CVSS
0.0004EPSS
In lunary-ai/lunary versions <=v1.2.11, an attacker can bypass email validation by using a dot character ('.') in the email address. This allows the creation of multiple accounts with essentially the same email address (e.g., '[email protected]' and '[email protected]'), leading to...
5.3CVSS
5.3AI Score
0.0004EPSS
This Advisory describes an issue that impacts Arista Wireless Access Points. Any entity with the ability to authenticate via SSH to an affected AP as the “config” user is able to cause a privilege escalation via spawning a bash shell. The SSH CLI session does not require high permissions to...
8.4CVSS
8.5AI Score
0.0004EPSS
In lunary-ai/lunary version 1.2.4, an improper access control vulnerability allows members with team management permissions to manipulate project identifiers in requests, enabling them to invite users to projects in other organizations, change members to projects in other organizations with...
7.4CVSS
0.0004EPSS
This Advisory describes an issue that impacts Arista Wireless Access Points. Any entity with the ability to authenticate via SSH to an affected AP as the “config” user is able to cause a privilege escalation via spawning a bash shell. The SSH CLI session does not require high permissions to...
8.4CVSS
0.0004EPSS
In lunary-ai/lunary version 1.2.4, an improper access control vulnerability allows members with team management permissions to manipulate project identifiers in requests, enabling them to invite users to projects in other organizations, change members to projects in other organizations with...
7.4CVSS
7.4AI Score
0.0004EPSS
CVE-2024-5980 Arbitrary File Write via /v1/runs API endpoint in lightning-ai/pytorch-lightning
A vulnerability in the /v1/runs API endpoint of lightning-ai/pytorch-lightning v2.2.4 allows attackers to exploit path traversal when extracting tar.gz files. When the LightningApp is running with the plugin_server, attackers can deploy malicious tar.gz plugins that embed arbitrary files with path....
9.1CVSS
8AI Score
0.0004EPSS
CVE-2024-5980 Arbitrary File Write via /v1/runs API endpoint in lightning-ai/pytorch-lightning
A vulnerability in the /v1/runs API endpoint of lightning-ai/pytorch-lightning v2.2.4 allows attackers to exploit path traversal when extracting tar.gz files. When the LightningApp is running with the plugin_server, attackers can deploy malicious tar.gz plugins that embed arbitrary files with path....
9.1CVSS
0.0004EPSS
CVE-2024-6086 Improper Access Control in lunary-ai/lunary
In version 1.2.7 of lunary-ai/lunary, any authenticated user, regardless of their role, can change the name of an organization due to improper access control. The function checkAccess() is not implemented, allowing users with the lowest privileges, such as the 'Prompt Editor' role, to modify...
5.3CVSS
6.7AI Score
0.0004EPSS
CVE-2024-6086 Improper Access Control in lunary-ai/lunary
In version 1.2.7 of lunary-ai/lunary, any authenticated user, regardless of their role, can change the name of an organization due to improper access control. The function checkAccess() is not implemented, allowing users with the lowest privileges, such as the 'Prompt Editor' role, to modify...
5.3CVSS
0.0004EPSS
CVE-2024-5755 Email Validation Bypass in lunary-ai/lunary
In lunary-ai/lunary versions <=v1.2.11, an attacker can bypass email validation by using a dot character ('.') in the email address. This allows the creation of multiple accounts with essentially the same email address (e.g., '[email protected]' and '[email protected]'), leading to...
5.3CVSS
7.2AI Score
0.0004EPSS