Jenkins Warnings Next Generation Plugin cross-site request forgery vulnerability

Jenkins Warnings Next Generation Plugin has a form validation HTTP endpoint used to validate a Groovy script through compilation, which was not subject to sandbox protection. The endpoint checked for the Overall/RunScripts permission, but did not require POST requests, so it was vulnerable to...

GHSA-WHF8-3H58-2W9F Jenkins Warnings Next Generation Plugin cross-site request forgery vulnerability

Jenkins Warnings Next Generation Plugin has a form validation HTTP endpoint used to validate a Groovy script through compilation, which was not subject to sandbox protection. The endpoint checked for the Overall/RunScripts permission, but did not require POST requests, so it was vulnerable to...

Jenkins Script Security Plugin sandbox bypass vulnerability

The previously implemented script security sandbox protections prohibiting the use of unsafe AST transforming annotations such as @Grab 2019-01-08 fix for SECURITY-1266 could be circumvented through use of various Groovy language features: - Use of AnnotationCollector - Import aliasing -...

GHSA-6Q78-6XVR-26FG Jenkins Groovy Plugin sandbox bypass vulnerability

Jenkins Script Security sandbox protection could be circumvented during the script compilation phase by applying AST transforming annotations such as @Grab to source code elements. Both the pipeline validation REST APIs and actual script/pipeline execution are affected. This allowed users with...

PCRE 缓冲区错误漏洞

PCRE is an open source regular expression library written in C by the individual developer Philip Hazel. A security vulnerability exists in PCRE. An attacker can exploit this vulnerability to trigger a denial of service or obtain sensitive information by forcing a read of an invalid memory addres...

CVE-2022-1622

LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tiflzw.c:619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa...

kernel: Local privilege escalation due to incorrect BPF JIT branch displacement computation

A flaw was found in the Linux kernels eBPF implementation. By default, accessing the eBPF verifier is only accessible to privileged users with CAPSYSADMIN. A local user with the ability to insert eBPF instructions can abuse a flaw in eBPF to corrupt memory. The highest threat from this...

Exploit for Improper Initialization in Linux Linux_Kernel

COMP3320-VAPT Files r...

CVE-2022-29161 Crypto script service uses hashing algorithm SHA1 with RSA for certificate signature in xwiki-platform

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. The XWiki Crypto API will generate X509 certificates signed by default using SHA1 with RSA, which is not considered safe anymore for use in certificate signatures, due to the risk of collision...

OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable...

Internet Bug Bounty: CVE-2022-28738: Double free in Regexp compilation

Due to a bug in the Regexp compilation process, creating a Regexp object with a crafted source string could cause the same memory to be freed twice. This is known as a “double free” vulnerability. Note that, in general, it is considered unsafe to create and use a Regexp object generated from...

MGASA-2022-0143 Updated ruby packages fix security vulnerability

Double free in Regexp compilation CVE-2022-28738. A buffer overrun was found in String-to-Float conversion CVE-2022-28739...

Denial Of Service (DoS)

ruby is vulnerable to denial of service. The vulnerability exists due to a Double free in Regexp compilation which allows an attacker to crash the application via malicious input...

FreeBSD : Ruby -- Double free in Regexp compilation (f22144d7-bad1-11ec-9cfe-0800270512f4)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the f22144d7-bad1-11ec-9cfe-0800270512f4 advisory. - piao reports: Due to a bug in the Regexp compilation process, creating a Regexp object with a crafted...

NimPackt-v1 - Nim-based Assembly Packer And Shellcode Loader For Opsec And Profit

ByCas van Cooten @chvancooten With special thanks to Marcello Salvati @byt3bl33der and Fabian Mosch @S3cur3Th1sSh1t Description Update: NimPackt-v1 is among the worst code I have ever written I was just starting out learning Nim. Because of this, I started on a full rewrite of NimPackt, dubbed...

Double free in Regexp compilation

A double-free vulnerability is discovered in Regexp compilation. This vulnerability has been assigned the CVE identifier CVE-2022-28738. We strongly recommend upgrading Ruby. Due to a bug in the Regexp compilation process, creating a Regexp object with a crafted source string could cause the same...

Ruby -- Double free in Regexp compilation

piao reports: Due to a bug in the Regexp compilation process, creating a Regexp object with a crafted source string could cause the same memory to be freed twice. This is known as a "double free" vulnerability. Note that, in general, it is considered unsafe to create and use a Regexp object...

Mozilla: Incorrect AliasSet used in JIT Codegen

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: When generating the assembly code for MLoadTypedArrayElementHole, an incorrect AliasSet was used. In conjunction with another vulnerability, this could have been used for an out-of-bounds memory read...

CVE-2022-28805

singlevar in lparser.c in Lua from including 5.4.0 up to excluding 5.4.4 lacks a certain luaKexp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code...

Design/Logic Flaw

Out-of-bounds Read error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 46dc8fcd...