161 matches found
Sql Injection
org.postgresql, postgresql is vulnerable to Sql Injection. The vulnerability is caused due to not escaping user provided literal parameter values in SQL query when using configuration option PreferQueryMode=SIMPLE. An attacker can exploit this vulnerability to inject SQL to alter the query by...
Grafana -- Email verification is not required after email change
Grafana Labs reports: The vulnerability impacts instances where Grafana basic authentication is enabled. Grafana has a verifyemailenabled configuration option. When this option is enabled, users are required to confirm their email addresses before the sign-up process is complete. However, the ema...
SUSE CVE-2018-1080
Dogtag PKI, through version 10.6.1, has a vulnerability in AAclAuthz.java that, under certain configurations, causes the application of ACL allow and deny rules to be reversed. If a server is configured to process allow rules before deny rules authz.evaluateOrder=allow,deny, then allow rules will...
Pip Command Injection Vulnerability
Pip is a set of tools for installing and managing Python packages. A security vulnerability exists in pip versions prior to v23.3, which stems from the presence of an injected arbitrary configuration option call...
Integer overflow
Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.6.0 and prior are vulnerable to integer overflow in consumecount of src/gnuv2/cplus-dem.c. The overflow check is valid logic but, is missing the modulus if the block once compiled. The compiler sees this block...
CVE-2023-40022 Rizin vulnerable to Integer Overflow in C++ demangler logic
Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.6.0 and prior are vulnerable to integer overflow in consumecount of src/gnuv2/cplus-dem.c. The overflow check is valid logic but, is missing the modulus if the block once compiled. The compiler sees this block...
CVE-2023-3586
Mattermost fails to disable public Boards after the "Enable Publicly-Shared Boards" configuration option is disabled, resulting in previously-shared public Boards to remain accessible...
Design/Logic Flaw
Mattermost fails to disable public Boards after the "Enable Publicly-Shared Boards" configuration option is disabled, resulting in previously-shared public Boards to remain accessible...
CVE-2023-3586 Disabling publicly-shared boards does not disable existing publicly available board links
Mattermost fails to disable public Boards after the "Enable Publicly-Shared Boards" configuration option is disabled, resulting in previously-shared public Boards to remain accessible...
CVE-2023-3586 Disabling publicly-shared boards does not disable existing publicly available board links
Mattermost fails to disable public Boards after the "Enable Publicly-Shared Boards" configuration option is disabled, resulting in previously-shared public Boards to remain accessible...
Vendure Cross Site Request Forgery vulnerability impacting all API requests
Impact Vendure is an e-commerce GraphQL framework with a number of APIs and different levels of authorization. By default the Cookie settings are insecure, having the SameSite setting as false which results in not having one originates from the cookie-session npm package’s default settings. Patch...
org.xwiki.commons:xwiki-commons-xml's HTML sanitizer allows form elements in restricted
Impact The HTML sanitizer that is included in XWiki since version 14.6RC1 allowed form and input HTML tags. In the context of XWiki, this allows an attacker without script right to either create forms that can be used for phishing attacks or also in the context of a sheet, the attacker could add ...
[SECURITY] [DLA 3475-1] trafficserver security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3475-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk June 30, 2023 https://wiki.debian.org/LTS -...
Apache Commons FileUpload - DoS with excessive parts
Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads. Note that, like all of the file upload limits, the new configuration option...
Apache Traffic Server Denial of Service Vulnerability (CNVD-2023-55453)
Apache Traffic Server ATS is the United States Apache Apache Foundation's set of scalable HTTP proxy and caching server. A denial of service vulnerability exists in Apache Traffic Server due to improper input validation related to the configuration option proxy.config.http.pushmethodenabled faili...
CVE-2023-30631
Improper Input Validation vulnerability in Apache Software Foundation Apache Traffic Server. The configuration option proxy.config.http.pushmethodenabled didn't function. However, by default the PUSH method is blocked in the ipallow configuration file.This issue affects Apache Traffic Server:...
CVE-2023-30631 Apache Traffic Server: Configuration option to block the PUSH method in ATS didn't work
Improper Input Validation vulnerability in Apache Software Foundation Apache Traffic Server. The configuration option proxy.config.http.pushmethodenabled didn't function. However, by default the PUSH method is blocked in the ipallow configuration file.This issue affects Apache Traffic Server:...
Apache Traffic Server 输入验证错误漏洞
Apache Traffic Server ATS is the United States Apache Apache Foundation's set of scalable HTTP proxy and caching server. A denial of service vulnerability exists in Apache Traffic Server due to improper input validation related to the configuration option proxy.config.http.pushmethodenabled faili...
CVE-2023-1387
A flaw was found in Grafana. This flaw allows a remote, authenticated attacker to obtain sensitive information caused by an issue when enabling the "urllogin" configuration option. By sending a specially crafted request, an attacker can obtain JWT information and use this to launch further attack...
CVE-2023-31140
OpenProject is open source project management software. Starting with version 7.4.0 and prior to version 12.5.4, when a user registers and confirms their first two-factor authentication 2FA device for an account, existing logged in sessions for that user account are not terminated. Likewise, if a...