CVE-2023-6623

The CVE-2023-6623 entry corresponds to a Local File Inclusion vulnerability in the WordPress Essential Blocks plugin prior to version 4.4.3. Several connected sources confirm that unauthenticated attackers can overwrite local variables when rendering templates via the REST API, potentially enabli...

GHSA-GG7W-PW2R-X2CQ Apache Solr allows read access to host environmet variables

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Solr. The Solr Metrics API publishes all unprotected environment variables available to each Apache Solr instance. Users are able to specify which environment variables to hide, however, the default list is designe...

Design/Logic Flaw

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Solr. The Solr Metrics API publishes all unprotected environment variables available to each Apache Solr instance. Users are able to specify which environment variables to hide, however, the default list is designe...

UBUNTU-CVE-2023-50290

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Solr. The Solr Metrics API publishes all unprotected environment variables available to each Apache Solr instance. Users are able to specify which environment variables to hide, however, the default list is designe...

CVE-2023-50290 Apache Solr: Host environment variables are published via the Metrics API

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Solr. The Solr Metrics API publishes all unprotected environment variables available to each Apache Solr instance. Users are able to specify which environment variables to hide, however, the default list is designe...

CVE-2023-50290

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Solr. The Solr Metrics API publishes all unprotected environment variables available to each Apache Solr instance. Users are able to specify which environment variables to hide, however, the default list is designe...

CVE-2023-50290

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Solr. The Solr Metrics API publishes all unprotected environment variables available to each Apache Solr instance. Users are able to specify which environment variables to hide, however, the default list is designe...

CVE-2023-50290

A flaw was found in Apache Solr. This issue may allow an unauthorized actor access to sensitive information. The Solr Metrics API publishes all unprotected environment variables available to each Apache Solr instance. Users are able to specify which environment variables to hide, however, the...

NVIDIA DGX Security Vulnerability

NVIDIA DGX is a high-performance workstation for deep learning applications from NVIDIA. A security vulnerability exists in NVIDIA DGX A100 Servers, which stems from the possibility that a user may be able to cause dynamic variables to be evaluated via local access...

PT-2024-1138 · Apache · Apache Solr

Name of the Vulnerable Software and Affected Versions: Apache Solr versions 9.0.0 through 9.3.0 Description: The Solr Metrics API publishes all unprotected environment variables available to each Apache Solr instance. Users are able to specify which environment variables to hide, however, the...

CVE-2023-40394

The issue was addressed with improved validation of environment variables. This issue is fixed in iOS 16.6 and iPadOS 16.6. An app may be able to access sensitive user data...

CVE-2023-40394

The issue was addressed with improved validation of environment variables. This issue is fixed in iOS 16.6 and iPadOS 16.6. An app may be able to access sensitive user data...

CVE-2023-40394

The issue was addressed with improved validation of environment variables. This issue is fixed in iOS 16.6 and iPadOS 16.6. An app may be able to access sensitive user data...

CVE-2023-40394

The issue was addressed with improved validation of environment variables. This issue is fixed in iOS 16.6 and iPadOS 16.6. An app may be able to access sensitive user data...

Mars: Sensitive Information Exposed at █████

Sensitive information was exposed in a JavaScript file, revealing configuration details, credentials, and file paths related to the deployment of a JavaScript application. This could enable unauthorized access to sensitive data...

PT-2024-12623 · Gtkwave · Gtkwave

Name of the Vulnerable Software and Affected Versions: GTKWave version 3.3.115 Description: The issue is related to out-of-bounds read vulnerabilities in the VCD var definition section functionality. A specially crafted .vcd file can lead to arbitrary code execution when opened. This can be...

Code Execution

teleport is vulnerable to Code Execution. The vulnerability is due to improper validation on user supplied environment variables. This issue can be exploited by an attacker to execute arbitrary code on the MacOS systems...

Withdrawn Advisory: User-provided environment values allow execution on macOS agents

Withdrawn Advisory This advisory has been withdrawn because the vulnerability affects a binary, not a library in a supported ecosystem. Therefore, users of the library should not receive alerts. This link is maintained to preserve external references. Original Description Impact Agents running on...

GHSA-VFXF-76HV-V4W4 Withdrawn Advisory: User-provided environment values allow execution on macOS agents

Withdrawn Advisory This advisory has been withdrawn because the vulnerability affects a binary, not a library in a supported ecosystem. Therefore, users of the library should not receive alerts. This link is maintained to preserve external references. Original Description Impact Agents running on...

PT-2024-40475 · Teleport · Teleport

Name of the Vulnerable Software and Affected Versions: Teleport versions prior to 12.4.31 Teleport versions prior to 13.4.13 Teleport versions prior to 14.2.4 Description: The issue affects agents running on macOS, making them susceptible to unexpected code execution through user-supplied...