23147 matches found
jinja2: Jinja sandbox breakout through attr filter selecting format method
A flaw was found in Jinja. In affected versions, an oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker who controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content o...
CVE-2024-45324
A use of externally-controlled format string vulnerability CWE-134 in FortiOS version 7.4.0 through 7.4.4, version 7.2.0 through 7.2.9, version 7.0.0 through 7.0.15 and before 6.4.15, FortiProxy version 7.4.0 through 7.4.6, version 7.2.0 through 7.2.12 and before 7.0.19, FortiPAM version 1.4.0...
CVE-2024-45324
A use of externally-controlled format string vulnerability CWE-134 in FortiOS version 7.4.0 through 7.4.4, version 7.2.0 through 7.2.9, version 7.0.0 through 7.0.15 and before 6.4.15, FortiProxy version 7.4.0 through 7.4.6, version 7.2.0 through 7.2.12 and before 7.0.19, FortiPAM version 1.4.0...
CVE-2024-45324
A use of externally-controlled format string vulnerability CWE-134 in FortiOS version 7.4.0 through 7.4.4, version 7.2.0 through 7.2.9, version 7.0.0 through 7.0.15 and before 6.4.15, FortiProxy version 7.4.0 through 7.4.6, version 7.2.0 through 7.2.12 and before 7.0.19, FortiPAM version 1.4.0...
CVE-2024-45324
CVE-2024-45324 describes an externally-controlled format string vulnerability (CWE-134) in Fortinet products, allowing a privileged attacker to execute unauthorized code via specially crafted HTTP/HTTPS commands. Affected are FortiOS (versions 7.4.0–7.4.4; 7.2.0–7.2.9; 7.0.0–7.0.15 and before 6.4...
CVE-2024-45324
A use of externally-controlled format string vulnerability CWE-134 in FortiOS version 7.4.0 through 7.4.4, version 7.2.0 through 7.2.9, version 7.0.0 through 7.0.15 and before 6.4.15, FortiProxy version 7.4.0 through 7.4.6, version 7.2.0 through 7.2.12 and before 7.0.19, FortiPAM version 1.4.0...
jinja2: Jinja has a sandbox breakout through indirect reference to format method
A flaw was found in the Jinja package. In affected versions of Jinja, an oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to...
Fortinet Fortigate Multiple format string vulnerabilities (FG-IR-24-325)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-325 advisory. - A use of externally-controlled format string vulnerability CWE-134 in FortiOS version 7.4.0 through 7.4.4, version 7.2.0...
Fortinet FortiWeb Multiple format string vulnerabilities (FG-IR-24-325)
The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-325 advisory. - A use of externally-controlled format string vulnerability CWE-134 in FortiOS version 7.4.0 through 7.4.4, version 7.2.0...
Jinja sandbox breakout through attr filter selecting format method
...
UBUNTU-CVE-2025-27796
ReadWPGImage in WPG in GraphicsMagick before 1.3.46 mishandles palette buffer allocation, resulting in out-of-bounds access to heap memory in ReadBlob...
GHSA-MF24-CHXH-HMVJ Envoy Gateway Log Injection Vulnerability
Impact In all Envoy Gateway versions prior to 1.2.7 and 1.3.1 a default Envoy Proxy access log configuration is used. This format is vulnerable to log injection attacks. If the attacker uses a specially crafted user-agent which performs json injection, then he could add and overwrite fields to th...
Envoy Gateway Log Injection Vulnerability
Impact In all Envoy Gateway versions prior to 1.2.7 and 1.3.1 a default Envoy Proxy access log configuration is used. This format is vulnerable to log injection attacks. If the attacker uses a specially crafted user-agent which performs json injection, then he could add and overwrite fields to th...
SAMSUNG Notes 安全漏洞
Samsung Notes is an application program from the South Korean company Samsung SAMSUNG. It is used to provide a recording function. An out-of-bounds read vulnerability exists in Samsung Notes, which stems from a lack of proper validation of user-supplied data when parsing jpeg images, and can be...
GHSA-CPWX-VRP4-4PQ7 Jinja2 vulnerable to sandbox breakout through attr filter selecting format method
An oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends o...
jinja2: Jinja has a sandbox breakout through indirect reference to format method
A flaw was found in the Jinja package. In affected versions of Jinja, an oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to...
How to Create a Scan for Open Redirects
This whitepaper covers how to create a scan in Perl to identify open redirection in web applications. Depending on the context of the environment and architecture, the content of the paper can be applied to APIs in addition to presenting how to correct or avoid open redirect problems at the code...
Linux Distros Unpatched Vulnerability : CVE-2022-39237
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - syslabs/sif is the Singularity Image Format SIF reference implementation. In versions prior to 2.8.1the github.com/sylabs/sif/v2/pkg/integrity package did not...
Linux Distros Unpatched Vulnerability : CVE-2022-1215
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A format string vulnerability was found in libinput CVE-2022-1215 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVE...
Linux Distros Unpatched Vulnerability : CVE-2022-46295
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality in multiple supported formats of Open Babel 3.1.1 and master...