6775 matches found
GHSA-F8X4-F32R-W556 Duplicate Advisory: PyO3 has a risk of use-after-free in `borrowed` reads from Python weak references
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-6jgw-rgmm-7cv6. This link is maintained to preserve external references. Original Advisory The family of functions to read "borrowed" values from Python weak references were fundamentally unsound, because the we...
WordPress UltimateAI plugin <= 2.8.3 - Limited User Password Change due to Improper Empty and Missing Default Value Check vulnerability
Limited User Password Change due to Improper Empty and Missing Default Value Check vulnerability discovered by István Márton in WordPress Plugin UltimateAI versions = 2.8.3...
WordPress plugin Kama SpamBlock 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
PT-2024-40267 · Pypi · Pyo3
Name of the Vulnerable Software and Affected Versions: PyO3 versions prior to 0.23 Description: The issue concerns a family of functions in PyO3 that read "borrowed" values from Python weak references. These functions were fundamentally unsound because the weak reference does not have ownership o...
GHSA-57QH-VMJR-5JXG Snipe-IT remote code execution
Snipe-IT before 7.0.10 allows remote code execution associated with cookie serialization when an attacker knows the APPKEY. This is exacerbated by .env files, available from the product's repository, that have default APPKEY values...
Snipe-IT remote code execution
Snipe-IT before 7.0.10 allows remote code execution associated with cookie serialization when an attacker knows the APPKEY. This is exacerbated by .env files, available from the product's repository, that have default APPKEY values...
CVE-2024-48987
Snipe-IT before 7.0.10 allows remote code execution associated with cookie serialization when an attacker knows the APPKEY. This is exacerbated by .env files, available from the product's repository, that have default APPKEY values...
CVE-2024-48987
Snipe-IT before 7.0.10 allows remote code execution associated with cookie serialization when an attacker knows the APPKEY. This is exacerbated by .env files, available from the product's repository, that have default APPKEY values...
CVE-2024-48987
Snipe-IT before 7.0.10 allows remote code execution associated with cookie serialization when an attacker knows the APPKEY. This is exacerbated by .env files, available from the product's repository, that have default APPKEY values...
CVE-2024-47869 Non-constant-time comparison when comparing hashes in Gradio
Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves a timing attack in the way Gradio compares hashes for the analyticsdashboard function. Since the comparison is not done in constant time, an attacker could exploit this by measuring the response ti...
GHSA-26JH-R8G2-6FPR Gradio's dropdown component pre-process step does not limit the values to those in the dropdown list
Impact What kind of vulnerability is it? Who is impacted? This vulnerability is a data validation issue in the Gradio Dropdown component's pre-processing step. Even if the allowcustomvalue parameter is set to False, attackers can bypass this restriction by sending custom requests with arbitrary...
Improper Input Validation
Overview gradio is a Python library for easily interacting with trained machine learning models Affected versions of this package are vulnerable to Improper Input Validation through the Dropdown component's pre-processing step. An attacker can manipulate input data by sending custom requests with...
GHSA-J757-PF57-F8R4 Gradio performs a non-constant-time comparison when comparing hashes
Impact What kind of vulnerability is it? Who is impacted? This vulnerability involves a timing attack in the way Gradio compares hashes for the analyticsdashboard function. Since the comparison is not done in constant time, an attacker could exploit this by measuring the response time of differen...
CLSA-2024-1728581056 python3: Fix of 2 CVEs
CVE-2024-6232: remove backtracking when parsing tarfile headers - CVE-2024-7592: fix quadratic complexity in parsing '-quoted' cookie values with backslashes...
CLSA-2024-1728580597 python3: Fix of 2 CVEs
CVE-2024-6232: remove backtracking when parsing tarfile headers - CVE-2024-7592: fix quadratic complexity in parsing '-quoted' cookie values with backslashes...
Gradio 安全漏洞
Gradio, an open source Python library open-sourced by Hugging Face, is a way to demonstrate machine learning models through a friendly web interface. Gradio suffers from a security vulnerability that stems from the fact that comparisons are not done in constant time, which can be exploited by an...
GHSA-9722-9J67-VJCR Improper Authorization in Select Permissions
Due to the order in which permissions were processed, some statements, filters and computations could lead to leaking field values or record contents to users without the required permissions. This behavior could be triggered in different scenarios: - When performing a SELECT operation on a table...
PT-2024-39748 · Red Hat · Keycloak Server
Name of the Vulnerable Software and Affected Versions: Keycloak Server affected versions not specified Description: A denial of service DoS attack is possible due to improper handling of proxy headers in the Keycloak Server. When configured to accept incoming proxy headers, Keycloak may accept...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS due to invalid values that contain a specific set of characters. Note: This is only vulnerable if a user opens a page on which a paragraph widget is rendered. Details Cross-site scripting or XSS is a code...
Information Exposure Through An Error Message
org.jenkins-ci.main:jenkins-core is vulnerable to Information Exposure Through an Error Message. The vulnerability is due to improper redaction of multi-line secret values in error messages generated from form submissions involving the secretTextarea form field...