PT-2023-25977 · Cmark-Gfm +1 · Cmark-Gfm +1

Name of the Vulnerable Software and Affected Versions: cmark-gfm versions prior to 0.29.0.gfm.12 Description: cmark-gfm is an extended version of the C reference implementation of CommonMark, a rationalized version of Markdown syntax with a spec. Three polynomial time complexity issues in cmark-g...

CVE-2023-29195 Vitess VTAdmin users that can create shards can deny access to other functions

Vitess is a database clustering system for horizontal scaling of MySQL through generalized sharding. Prior to version 16.0.2, users can either intentionally or inadvertently create a shard containing / characters from VTAdmin such that from that point on, anyone who tries to create a new shard fr...

PT-2023-8610 · Xwiki · Xwiki Platform

Name of the Vulnerable Software and Affected Versions: XWiki Platform versions prior to 13.10.11 XWiki Platform versions prior to 14.4.8 XWiki Platform versions prior to 14.10.1 XWiki Platform versions prior to 15.0-rc-1 Description: The issue exists due to improper escaping of...

CVE-2023-28427 Prototype pollution in matrix-js-sdk

matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. In versions prior to 24.0.0 events sent with special strings in key places can temporarily disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer's ability to process data...

CVE-2023-28438

Pimcore is an open source data and experience management platform. Prior to version 10.5.19, since a user with 'report' permission can already write arbitrary SQL queries and given the fact that this endpoint is using the GET method no CSRF protection, an attacker can inject an arbitrary query by...

PT-2023-21721 · Pimcore · Pimcore

Name of the Vulnerable Software and Affected Versions: Pimcore versions prior to 10.5.19 Description: Pimcore is an open source data and experience management platform. Since a user with 'report' permission can already write arbitrary SQL queries and given the fact that an endpoint is using the G...

CVE-2023-28106 Pimcore vulnerable to Cross-site Scripting in UrlSlug Data type

Pimcore is an open source data and experience management platform. Prior to version 10.5.19, an attacker can use cross-site scripting to send a malicious script to an unsuspecting user. Users may upgrade to version 10.5.19 to receive a patch or, as a workaround, apply the patch manually...

CVE-2023-27480 Data leak through a XAR import XXE attack in xwiki-platform-xar-model

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions any user with edit rights on a document can trigger an XAR import on a forged XAR file, leading to the ability to display the content of any file on the XWiki server host...

SUSE CVE-2022-23645

swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Versions prior to 0.5.3, 0.6.2, and 0.7.1 are vulnerable to out-of-bounds read. A specially crafted header of swtpm's state, where the blobheader's hdrsize indicator has an invalid value, may cause an...

CVE-2020-36660 paxswill EVE Ship Replacement Program User Information api.py information disclosure

A vulnerability was found in paxswill EVE Ship Replacement Program 0.12.11. It has been rated as problematic. This issue affects some unknown processing of the file src/evesrp/views/api.py of the component User Information Handler. The manipulation leads to information disclosure. The attack may ...

PT-2023-19947 · Nextcloud +1 · Nextcloud Enterprise Server +2

Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions prior to 25.0.1 Nextcloud Server versions prior to 24.0.8 Nextcloud Server versions prior to 23.0.12 Nextcloud Enterprise Server versions prior to 25.0.1 Nextcloud Enterprise Server versions prior to 24.0.8 Nextcloud...

CVE-2016-15020 liftkit database Query.php processOrderBy sql injection

A vulnerability was found in liftkit database up to 2.13.1. It has been classified as critical. This affects the function processOrderBy of the file src/Query/Query.php. The manipulation leads to sql injection. Upgrading to version 2.13.2 is able to address this issue. The patch is named...

CVE-2018-25075 karsany OBridge ProcedureDao.java getAllStandaloneProcedureAndFunction sql injection

A vulnerability classified as critical has been found in karsany OBridge up to 1.3. Affected is the function getAllStandaloneProcedureAndFunction of the file obridge-main/src/main/java/org/obridge/dao/ProcedureDao.java. The manipulation leads to sql injection. The complexity of an attack is rathe...

PT-2023-14817 · Discourse · Discourse

Name of the Vulnerable Software and Affected Versions: Discourse versions prior to 2.8.14 on the stable branch Discourse versions prior to 3.0.0.beta15 on the beta and tests-passed branches Description: Discourse is an option source discussion platform. When a user requests a password reset link...

CVE-2021-4302 slackero phpwcms SVG File cross site scripting

A vulnerability was found in slackero phpwcms up to 1.9.26. It has been classified as problematic. This affects an unknown part of the component SVG File Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 1.9.27 is able to...

CVE-2019-25094 innologi appointments Extension Appointment cross site scripting

A vulnerability, which was classified as problematic, was found in innologi appointments Extension up to 2.0.5 on TYPO3. This affects an unknown part of the component Appointment Handler. The manipulation of the argument formfield leads to cross site scripting. It is possible to initiate the atta...

PT-2022-27780 · Nodebb · Nodebb

Name of the Vulnerable Software and Affected Versions: NodeBB versions prior to 2.6.1 Description: The issue arises from a plain object with a prototype being used in socket.io message handling, allowing a specially crafted payload to impersonate other users and takeover accounts. Recommendations...

PT-2022-6557 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: A use-after-free vulnerability in the Linux Kernel io uring subsystem can be exploited to achieve local privilege escalation. Both io install fixed file and its callers call fput in a...

PT-2022-35871 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.14.296 Description: A NULL pointer dereference issue exists at the nilfs bmap lookup at level function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...

DEBIAN-CVE-2022-3705

A vulnerability was found in vim and classified as problematic. Affected by this issue is the function qfupdatebuffer of the file quickfix.c of the component autocmd Handler. The manipulation leads to use after free. The attack may be launched remotely. Upgrading to version 9.0.0805 is able to...