183 matches found
GHSA-HVC7-763R-4F3H openssl-encrypt has no owner verification on key revocation — any client can revoke any key
Summary The revokekey method in opensslencryptserver/modules/keyserver/service.py at lines 195-270 accepts a clientid parameter but never verifies that the requesting client is the same as key.ownerclientid. Impact Any authenticated client can revoke any other client's key, as long as they provid...
BIT-CEPH-2020-10736
An authorization bypass vulnerability was found in Ceph versions 15.2.0 before 15.2.2, where the ceph-mon and ceph-mgr daemons do not properly restrict access, resulting in gaining access to unauthorized resources. This flaw allows an authenticated client to modify the configuration and possibly...
CVE-2026-22219
Chainlit versions prior to 2.9.4 contain a server-side request forgery SSRF vulnerability in the /project/element update flow when configured with the SQLAlchemy data layer backend. An authenticated client can provide a user-controlled url value in an Element, which is fetched by the SQLAlchemy...
CVE-2026-22218
Chainlit versions prior to 2.9.4 contain an arbitrary file read vulnerability in the /project/element update flow. An authenticated client can send a custom Element with a user-controlled path value, causing the server to copy the referenced file into the attacker’s session. The resulting element...
CVE-2026-22218
Chainlit versions prior to 2.9.4 contain an arbitrary file read vulnerability in the /project/element update flow. An authenticated client can send a custom Element with a user-controlled path value, causing the server to copy the referenced file into the attacker’s session. The resulting element...
CVE-2026-22218
Chainlit CVE-2026-22218 affects versions prior to 2.9.4 and is an arbitrary file read in the /project/element update flow. An authenticated client can submit a user-controlled path in a custom Element, causing the server to copy that file into the attacker’s session. The attacker can then retriev...
CVE-2019-16536
Stack overflow leading to DoS can be triggered by a malicious authenticated client in Clickhouse before 19.14.3.3...
redis: Lua library commands may lead to integer overflow and potential RCE
An integer overflow present in the Redis Lua scripting engine that allows an authenticated client to submit a specially crafted Lua script for example via EVAL/EVALSHA that can trigger memory corruption and potentially lead to remote code execution within the Redis server process...
redis: Lua library commands may lead to integer overflow and potential RCE
An integer overflow present in the Redis Lua scripting engine that allows an authenticated client to submit a specially crafted Lua script for example via EVAL/EVALSHA that can trigger memory corruption and potentially lead to remote code execution within the Redis server process...
redis: Lua library commands may lead to integer overflow and potential RCE
An integer overflow present in the Redis Lua scripting engine that allows an authenticated client to submit a specially crafted Lua script for example via EVAL/EVALSHA that can trigger memory corruption and potentially lead to remote code execution within the Redis server process...
redis: Lua library commands may lead to integer overflow and potential RCE
An integer overflow present in the Redis Lua scripting engine that allows an authenticated client to submit a specially crafted Lua script for example via EVAL/EVALSHA that can trigger memory corruption and potentially lead to remote code execution within the Redis server process...
redis: Lua library commands may lead to integer overflow and potential RCE
An integer overflow present in the Redis Lua scripting engine that allows an authenticated client to submit a specially crafted Lua script for example via EVAL/EVALSHA that can trigger memory corruption and potentially lead to remote code execution within the Redis server process...
EUVD-2020-25837
Malware in sbrugna...
EUVD-2017-16420
Malware in sbrugna...
EUVD-2020-29308
Malware in sbrugna...
EUVD-2019-19373
Malware in sbrugna...
EUVD-2021-21087
Malware in sbrugna...
EUVD-2023-34092
Malicious code in bioql PyPI...
Missing Release of Memory after Effective Lifetime
Overview Affected versions of this package are vulnerable to Missing Release of Memory after Effective Lifetime via the key exchange process. An attacker can cause gradual memory exhaustion and potential application crashes by repeatedly initiating key exchanges with incorrect guesses as an...
PocketMine-MP `ResourcePackDataInfoPacket` amplification vulnerability due to lack of resource pack sequence status checking
Summary A denial-of-service / out-of-memory vulnerability exists in the STATUSSENDPACKS handling of ResourcePackClientResponsePacket. PocketMine-MP processes the packIds array without verifying that all entries are unique. A malicious non-standard Bedrock client can send multiple duplicate valid...