62 matches found
Datapizza AI 代码问题漏洞
Datapizza AI is an open-source development framework for intelligent agents by Datapizza. Version 0.0.2 of Datapizza AI contains code vulnerabilities. These vulnerabilities stem from incorrect operations on the function RedisCache in the file datapizza-ai-cache/redis/datapizza/cache/redis/cache.p...
Exploit for CVE-2026-2969
This repository contains public information for the disclosure o...
EUVD-2021-19548
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2020-8165
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A deserialization of untrusted data vulnernerability exists in rails 5.2.4.3, rails 6.0.3.1 that can allow an attacker to unmarshal user-provided objects in...
Linux Distros Unpatched Vulnerability : CVE-2021-32785
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - modauthopenidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users...
Argo CD 安全漏洞
Argo CD is a software application. A declarative GitOps continuous delivery tool for Kubernetes. It continuously monitors running applications and compares the current live state with the desired target state e.g., configuration in a Git repository, automatically synchronizing and deploying...
com.qwlabs.doraemon:feature-flags (>=0.2.239 <=0.2.256), com.qwlabs.doraemon:q-api (>=0.2.239 <=0.2.256) +8 more potentially affected by CVE-2023-6393 via io.quarkus:quarkus-cache (>=3.2.0.CR1 <=3.2.8.Final)
io.quarkus:quarkus-cache MAVEN version =3.2.0.CR1, =0.2.239, =0.2.239, =0.2.239, =0.2.239, =3.2.0.CR1, =3.2.0.CR1, =3.2.0.CR1, =3.2.0.CR1, =3.2.0.CR1, =2.0.17, =2.1.0-BETA-7 Source cves: CVE-2023-6393 Source advisory: OSV:GHSA-XFV5-JQGP-VQHJ...
[SECURITY] [DLA 3409-1] libapache2-mod-auth-openidc security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3409-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk April 30, 2023 https://wiki.debian.org/LTS -...
SUSE CVE-2021-32785
modauthopenidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. When modauthopenidc versions prior to 2.4.9 are configured to use an unencrypted Redis cache...
Format string bug in the Redis cache implementation
...
CVE-2021-32785
A flaw was found in modauthopenidc. When modauthopenidc is configured to use unencrypted Redis cache it is possible to trigger a format string bug that could be used by a remote unauthenticated attacker to crash the httpd workers. The highest threat from this liability is to service availability...
AZL-6479 CVE-2021-32785 affecting package httpd for versions less than 2.4.52-1
modauthopenidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. When modauthopenidc versions prior to 2.4.9 are configured to use an unencrypted Redis cache...
DEBIAN-CVE-2021-32785
modauthopenidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. When modauthopenidc versions prior to 2.4.9 are configured to use an unencrypted Redis cache...
CVE-2021-32785
modauthopenidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. When modauthopenidc versions prior to 2.4.9 are configured to use an unencrypted Redis cache...
Format string
modauthopenidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. When modauthopenidc versions prior to 2.4.9 are configured to use an unencrypted Redis cache...
UBUNTU-CVE-2021-32785
modauthopenidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. When modauthopenidc versions prior to 2.4.9 are configured to use an unencrypted Redis cache...
CVE-2021-32785 Format string bug in the Redis cache implementation
modauthopenidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. When modauthopenidc versions prior to 2.4.9 are configured to use an unencrypted Redis cache...
CVE-2021-32785
modauthopenidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. When modauthopenidc versions prior to 2.4.9 are configured to use an unencrypted Redis cache...
rubygem-activesupport: potentially unintended unmarshalling of user-provided objects in MemCacheStore and RedisCacheStore
A flaw was found in rubygem-activesupport. An untrusted user input can be written to the cache store using the raw: true parameter which can lead to the result being evaluated as a marshaled object instead of plain text. The threat from this vulnerability is to data confidentiality and integrity ...
OESA-2021-1145 rubygem-rails security update
Ruby on Rails is a full-stack web framework optimized for programmer happiness and sustainable productivity. It encourages beautiful code by favoring convention over configuration. Security Fixes: A deserialization of untrusted data vulnernerability exists in rails 5.2.4.3, rails 6.0.3.1 that can...