CVE-2023-45277

Yamcs 5.8.6 is vulnerable to directory traversal issue 1 of 2. The vulnerability is in the storage functionality of the API and allows one to escape the base directory of the buckets, freely navigate system directories, and read arbitrary files...

Directory traversal

Yamcs 5.8.6 is vulnerable to directory traversal issue 1 of 2. The vulnerability is in the storage functionality of the API and allows one to escape the base directory of the buckets, freely navigate system directories, and read arbitrary files...

TinyMCE Cross-Site Scripting Vulnerability

Tiny Technologies TinyMCE is a rich text editor from Tiny Technologies, Inc. A security vulnerability exists in TinyMCE, which stems from a mutant cross-site scripting mXSS vulnerability discovered in TinyMCE's core undo and redo functionality...

CVE-2023-45277

Yamcs 5.8.6 is vulnerable to directory traversal issue 1 of 2. The vulnerability is in the storage functionality of the API and allows one to escape the base directory of the buckets, freely navigate system directories, and read arbitrary files...

SUSE SLES15 Security Update : kernel (SUSE-SU-2023:4095-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4095-1 advisory. The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixe...

Ubuntu: Security Advisory (USN-6436-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GHSA-HV79-P62R-WG3P Cachet vulnerable to Authenticated Remote Code Execution

Summary A template functionality which allows users to create templates allows them to execute any code on the server during the bad filtration and old twig version. Within /cachet/app/Http/Routes/ApiRoutes.php, and attacker could control template input which is passed to laravel's dispatched...

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM : RPM Package Manager vulnerabilities (USN-5273-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5273-1 advisory. Demi M. Obenour discovered that RPM Package Manager incorrectly handled certain files. An attacker could possibly use this issue ...

CVE-2023-5579

A vulnerability was found in yhz66 Sandbox 6.1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /im/user/ of the component User Data Handler. The manipulation leads to information disclosure. The exploit has been disclosed to the public and may...

Cross-Site Request Forgery Vulnerability in Logout Functionality

Description Logout CSRF is a security vulnerability where an attacker forces a user to unknowingly log out of their session by tricking them into triggering a logout request through a malicious website or link. GET http://localhost:8080/logout Proof of Concept history.pushState'', '', '/'...

Cross site request forgery (csrf)

The Thumbnail Slider With Lightbox plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the delete functionality. This makes it possible for unauthenticated attackers to delete image...

PT-2023-23695 · Unknown · Softether Vpn

Name of the Vulnerable Software and Affected Versions: SoftEther VPN versions 4.41-9782-beta through 5.01.9674 Description: An information disclosure issue exists in the CtEnumCa functionality. Specially crafted network packets can lead to a disclosure of sensitive information. An attacker can se...

CVE-2023-43661

Cachet, the open-source status page system. Prior to the 2.4 branch, a template functionality which allows users to create templates allows them to execute any code on the server during the bad filtration and old twig version. Commit 6fb043e109d2a262ce3974e863c54e9e5f5e0587 of the 2.4 branch...

Design/Logic Flaw

Cachet, the open-source status page system. Prior to the 2.4 branch, a template functionality which allows users to create templates allows them to execute any code on the server during the bad filtration and old twig version. Commit 6fb043e109d2a262ce3974e863c54e9e5f5e0587 of the 2.4 branch...

CVE-2023-43661 Cachet vulnerable to Authenticated Remote Code Execution

Cachet, the open-source status page system. Prior to the 2.4 branch, a template functionality which allows users to create templates allows them to execute any code on the server during the bad filtration and old twig version. Commit 6fb043e109d2a262ce3974e863c54e9e5f5e0587 of the 2.4 branch...

CVE-2023-43661 Cachet vulnerable to Authenticated Remote Code Execution

Cachet, the open-source status page system. Prior to the 2.4 branch, a template functionality which allows users to create templates allows them to execute any code on the server during the bad filtration and old twig version. Commit 6fb043e109d2a262ce3974e863c54e9e5f5e0587 of the 2.4 branch...

CVE-2023-34354

A stored cross-site scripting XSS vulnerability exists in the uploadbrand.cgi functionality of peplink Surf SOHO HW1 v6.3.5 in QEMU. A specially crafted HTTP request can lead to execution of arbitrary javascript in another user's browser. An attacker can make an authenticated HTTP request to...

Incorrect Addresses will be returned via retrieveProxyContractAddress() possibly bricking delegations.

Lines of code Vulnerability details The retrieveProxyContractAddress function is used to retrieve the address where it casts a bytes32 to an address type. function retrieveProxyContractAddress ERC20Votes token, address delegate private view returns address bytes memory bytecode = abi.encodePacked...

PT-2023-21685 · Peplink · Peplink Surf Soho

Name of the Vulnerable Software and Affected Versions: peplink Surf SOHO HW1 version 6.3.5 Description: An OS command injection issue exists in the admin.cgi MVPN trial init functionality. A specially crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP...

Authentication flaw

The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an authentication bypass vulnerability. A remote and unauthenticated attacker can bypass authentication and access administrative functionality by sending HTTP requests using a crafted Y-forwarded-for header...