FormCraft Basic < 1.2.6 - Admin+ Stored Cross Site Scripting

The plugin does not sanitise and escape Field Labels, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. PoC Put the following payload into a Field Label and save: The XSS will be triggered when accessing the...

WEBrick RCE Vulnerability

The Basic authentication code in WEBrick library in Ruby before 2.2.8, 2.3.x before 2.3.5, and 2.4.x through 2.4.1 allows remote attackers to inject terminal emulator escape sequences into its log and possibly execute arbitrary commands via a crafted user name...

GHSA-C82R-QG3W-Q5MV Apache Solr insecure inter-node communication

Apache Solr uses a PKI based mechanism to secure inter-node communication when security is enabled. It is possible to create a specially crafted node name that does not exist as part of the cluster and point it to a malicious node. This can trick the nodes in cluster to believe that the malicious...

GHSA-2632-H32J-6RG9 Missing Release of Resource after Effective Lifetime in Jenkins

A denial of service vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in BasicAuthenticationFilter.java, BasicHeaderApiTokenAuthenticator.java that allows attackers to create ephemeral in-memory user records by attempting to log in using invalid credentials...

GHSA-3GG4-6HQG-2VJX Logstash Logs Sensitive Information

Prior to Logstash version 5.0.1, Elasticsearch Output plugin when updating connections after sniffing, would log to file HTTP basic auth credentials...

Intel BIOS firmware 缓冲区错误漏洞

Intel BIOS firmware is a set of programs from the U.S. company Intel that are solidified onto a ROM chip on the motherboard inside a computer. A security vulnerability exists in Intel BIOS firmware, which originates from an out-of-bounds write and can be exploited by an attacker to elevate...

python: urllib: Regular expression DoS in AbstractBasicAuthHandler

There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client such as web browser connects to, could trigger a Regular Expression Denial of Service ReDOS during an authentication request with a specially crafted payload that is sen...

python: urllib: Regular expression DoS in AbstractBasicAuthHandler

There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client such as web browser connects to, could trigger a Regular Expression Denial of Service ReDOS during an authentication request with a specially crafted payload that is sen...

Siemens Industrial Products with OPC UA

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC NET PC, SITOP Manager, TeleControl Server Basic Vulnerability: Null Pointer Dereference 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory...

OpenSSL 信任管理问题漏洞

OpenSSL is an open source Openssl team's general-purpose cryptographic library capable of implementing Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. The product supports a variety of cryptographic algorithms, including symmetric ciphers, hashing algorithms, secure...

UBUNTU-CVE-2022-1343

The function OCSPbasicverify verifies the signer certificate on an OCSP response. In the case where the non-default flag OCSPNOCHECKS is used then the response will be positive meaning a successful verification even in the case where the response signing certificate fails to verify. It is...

python: urllib: Regular expression DoS in AbstractBasicAuthHandler

There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client such as web browser connects to, could trigger a Regular Expression Denial of Service ReDOS during an authentication request with a specially crafted payload that is sen...

Databasir 输入验证错误漏洞

Databasir is a team-oriented document management platform for relational database models. A security vulnerability exists in Databasir 1.01 that originates from the JDBC driver being unauthenticated before use leading to code execution by any basic user with access to the system...

CVE-2022-27188

OS command injection vulnerability exists in CENTUM VP R4.01.00 to R4.03.00, CENTUM VP Small R4.01.00 to R4.03.00, CENTUM VP Basic R4.01.00 to R4.03.00, and B/M9000 VP R6.01.01 to R6.03.02, which may allow an attacker who can access the computer where the affected product is installed to execute ...

CVE-2022-27188

CVE-2022-27188 is a local OS command injection in Yokogawa CENTUM VP family. A local attacker who can access the affected machine could modify a file generated by Graphic Builder to execute arbitrary OS commands. Affected: CENTUM VP variants R4.01.00–R4.03.00, CENTUM VP Small/BASIC (same ranges),...

Yokogawa Electric CENTUM VP 授权问题漏洞

The Yokogawa Electric CENTUM VP is a CENTUM distributed control system from Yokogawa Electric. Setting high standards for engineering and technical excellence while ensuring backward compatibility with previous system versions and support for the latest technology applications. A security...

CVE-2022-23448

A vulnerability has been identified in SIMATIC Energy Manager Basic All versions V7.3 Update 1, SIMATIC Energy Manager PRO All versions V7.3 Update 1. Affected applications improperly assign permissions to critical directories and files used by the application processes. This could allow a local...

CVE-2022-23449

A vulnerability has been identified in SIMATIC Energy Manager Basic All versions V7.3 Update 1, SIMATIC Energy Manager PRO All versions V7.3 Update 1. A DLL Hijacking vulnerability could allow a local attacker to execute code with elevated privileges by placing a malicious DLL in one of the...

CVE-2022-23450

A vulnerability has been identified in SIMATIC Energy Manager Basic All versions V7.3 Update 1, SIMATIC Energy Manager PRO All versions V7.3 Update 1. The affected system allows remote users to send maliciously crafted objects. Due to insecure deserialization of user-supplied content by the...

CVE-2022-23450

A vulnerability has been identified in SIMATIC Energy Manager Basic All versions V7.3 Update 1, SIMATIC Energy Manager PRO All versions V7.3 Update 1. The affected system allows remote users to send maliciously crafted objects. Due to insecure deserialization of user-supplied content by the...