9260 matches found
Mageia: Security Advisory (MGASA-2023-0009)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2023:1628-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2023:0795-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Label Studio 1.5.0 - Authenticated Server Side Request Forgery (SSRF)
Exploit Title: Label Studio 1.5.0 - Authenticated Server Side Request Forgery SSRF Google Dork: intitle:"Label Studio" intext:"Sign Up" intext:"Welcome to Label Studio Community Edition" Date: 2022-10-03 Exploit Author: @DeveloperNinja, [email protected] Vendor Homepage:...
CBL Mariner 2.0 Security Update: moby-runc (CVE-2022-24769)
The version of moby-runc installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-24769 advisory. - Moby is an open-source project created by Docker to enable and accelerate software containerization. A bu...
Debian: Security Advisory (DLA-3369-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3369-1] runc security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3369-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler March 27, 2023 https://wiki.debian.org/LTS -...
WordPress Translatepress Multilingual SQL Injection
Exploit Title: Translatepress Multilinugal WordPress plugin 2.3.3 - Authenticated SQL Injection Exploit Author: Elias Hohl Date: 2022-07-23 Vendor Homepage: https://translatepress.com/ Software Link: https://wordpress.org/plugins/translatepress-multilingual/ Version: 2.3.3 Tested on: Ubuntu 20.04...
WordPress NEX-Forms plugin < 7.9.7 - Authenticated SQL injection Vulnerability
Exploit Title: NEX-Forms WordPress plugin =3D 5.0.12 AND time-based blind query SLEEP Payload: page=3Dnex-forms-dashboard&formid=3D1 AND SELECT 4715 FROM SELECTSLEEP5nPUi...
WordPress NEX-Forms SQL Injection
Exploit Title: NEX-Forms WordPress plugin =3D 5.0.12 AND time-based blind query SLEEP Payload: page=3Dnex-forms-dashboard&formid=3D1 AND SELECT 4715 FROM SELECTSLEEP5nPUi...
Exploit for Improper Access Control in Joomla Joomla\!
Joomla! information disclosure - CVE-2023-23752 exploit Explo...
Waf-Bypass - Check Your WAF Before An Attacker Does
WAF bypass Tool is an open source tool to analyze the security of any WAF for False Positives and False Negatives using predefined and customizable payloads. Check your WAF before an attacker does. WAF Bypass Tool is developed by Nemesida WAF team with the participation of community. How to run I...
Design/Logic Flaw
angular-server-side-configuration helps configure an angular application at runtime on the server or in a docker container via environment variables. angular-server-side-configuration detects used environment variables in TypeScript .ts files during build time of an Angular CLI project. The...
CVE-2023-28444
The CVE concerns angular-server-side-configuration. It detects environment variables in TypeScript files during Angular CLI build, writes them to ngssc.json, and can expose them in index.html. In monorepo deployments with a backend, this may leak variables; a mitigation in v15.1.0 adds a searchPa...
CVE-2023-28444 angular-server-side-configuration information disclosure vulnerability in monorepo with node.js backend
angular-server-side-configuration helps configure an angular application at runtime on the server or in a docker container via environment variables. angular-server-side-configuration detects used environment variables in TypeScript .ts files during build time of an Angular CLI project. The...
SUSE-SU-2023:1566-1 Security update for containerd
This update for containerd fixes the following issues: - CVE-2022-23471: Fixed host memory exhaustion through Terminal resize goroutine leak bsc1206235. - Re-build containerd to use updated golang-packaging jsc1342. - Update to containerd v1.6.16 for Docker v23.0.0-ce...
CVE-2023-28442 Geoserver for GeoNode sensitive information leak
GeoNode is an open source platform that facilitates the creation, sharing, and collaborative use of geospatial data. Prior to versions 2.20.6, 2.19.6, and 2.18.7, anonymous users can obtain sensitive information about GeoNode configurations from the response of the /geoserver/rest/about/status...
GitLab: Arbitrary escape sequence injection in docker-machine from worker nodes
Vulnerability description not provided...
The vulnerability of the Docker Desktop platform for developing and delivering container applications lies in its improper protection of an alternative path, allowing a attacker to execute arbitrary code.
The vulnerability of the Docker Desktop platform for developing and delivering container applications is related to improper protection of the alternative path. Exploiting this vulnerability allows an attacker to execute arbitrary code...
Amazon Linux 2023 : docker (ALAS2023-2023-143)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-143 advisory. A flaw was found in Moby. This flaw allows an attacker to bypass primary group restrictions due to a flaw in the supplementary group access setup. CVE-2022-36109 Tenable has extracted the preceding...