8234 matches found
Jumpserver Authorization Issues Vulnerability
Jumpserver is an open source bastion machine from Hangzhou Feizhiyun Information Technology Co. in China. JumpServer versions prior to 3.8.0 suffer from an authorization issue vulnerability that stems from an attacker being able to reset a password by sending an email...
The vulnerability of the Adobe Photoshop graphic editor, related to writing beyond the buffer boundaries in memory, allows a hacker to execute arbitrary code in the context of the current user.
The vulnerability of the Adobe Photoshop graphic editor is related to the writing of data beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code in the context of the current user, using a specially created SVG file...
PT-2023-29921 · Zitadel · Zitadel
Name of the Vulnerable Software and Affected Versions: ZITADEL versions prior to 2.38.2 ZITADEL versions prior to 2.39.2 Description: ZITADEL is an identity infrastructure management system where users can upload their own avatar image using various image types, including SVG. SVG can include...
GHSA-86J9-25M2-9W97 Non-constant time webhook token hash comparison in Jenkins Zanata Plugin
Jenkins Zanata Plugin 0.6 and earlier does not use a constant-time comparison when checking whether the provided and expected webhook token hashes are equal. This could potentially allow attackers to use statistical methods to obtain a valid webhook token. As of publication of this advisory, ther...
AZL-78558 CVE-2023-5363 affecting package openssl-fips-provider 3.1.2-1
Issue summary: A bug has been identified in the processing of key and initialisation vector IV lengths. This can lead to potential truncation or overruns during the initialisation of some symmetric ciphers. Impact summary: A truncation in the IV can result in non-uniqueness, which could result in...
CVE-2023-44767
A File upload vulnerability in RiteCMS 3.0 allows a local attacker to upload a SVG file with XSS content...
SUSE CVE-2023-5472
Use after free in Profiles in Google Chrome prior to 118.0.5993.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
GeoServer 代码问题漏洞
GeoServer is an open source software server written in Java. Allows users to share and edit geospatial data. GeoServer suffers from a server-side request forgery vulnerability that stems from the fact that the OGC Web Processing Service WPS specification is designed to process information from an...
Fedora: Security Advisory for folly (FEDORA-2023-17efd3f2cd)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6450-1 openssl vulnerabilities
Tony Battersby discovered that OpenSSL incorrectly handled key and initialization vector IV lengths. This could lead to truncation issues and result in loss of confidentiality for some symmetric cipher modes. CVE-2023-5363 Juerg Wullschleger discovered that OpenSSL incorrectly handled the AES-SIV...
CVE-2023-5363 Incorrect cipher key & IV length processing
Issue summary: A bug has been identified in the processing of key and initialisation vector IV lengths. This can lead to potential truncation or overruns during the initialisation of some symmetric ciphers. Impact summary: A truncation in the IV can result in non-uniqueness, which could result in...
Missing Cryptographic Step
Overview openssl is a package that wraps the OpenSSL library. Affected versions of this package are vulnerable to Missing Cryptographic Step when the EVPEncryptInitex2, EVPDecryptInitex2 or EVPCipherInitex2 functions are used. An attacker can cause truncation or overreading of key and...
UBUNTU-CVE-2023-5363
Issue summary: A bug has been identified in the processing of key and initialisation vector IV lengths. This can lead to potential truncation or overruns during the initialisation of some symmetric ciphers. Impact summary: A truncation in the IV can result in non-uniqueness, which could result in...
Important: kernel-livepatch-6.1.38-59.109
Issue Overview: A use-after-free vulnerability in the Linux kernel's net/sched: clsfw component can be exploited to achieve local privilege escalation. If tcfchangeindev fails, fwsetparms will immediately return an error after incrementing or decrementing the reference counter in tcfbindfilter. I...
ExelaStealer: A New Low-Cost Cybercrime Weapon Emerges
A new information stealer named ExelaStealer has become the latest entrant to an already crowded landscape filled with various off-the-shelf malware designed to capture sensitive data from compromised Windows systems. "ExelaStealer is a largely open-source infostealer with paid customizations...
Exploit for Expression Language Injection in Atlassian Confluence_Data_Center
CVE-2022-26134 – Confluence OGNL injection vulnerability Sc...
SUSE CVE-2023-5631
Roundcube before 1.4.15, 1.5.x before 1.5.5, and 1.6.x before 1.6.4 allows stored XSS via an HTML e-mail message with a crafted SVG document because of program/lib/Roundcube/rcubewashtml.php behavior. This could allow a remote attacker to load arbitrary JavaScript code...
Icegram Express < 5.6.24 - Admin+ Directory Traversal
Description The plugin is not validating the paths of files contained in uploaded zip archives, allowing highly privileged users, such as admins, to write arbitrary files to any part of the file system accessible by the web server via a path traversal vector...
Information disclosure
Inadequate encryption strength in mycli 1.27.0 allows attackers to view sensitive information via /mycli/config.py...
CVE-2022-24401
Adversary-induced keystream re-use on TETRA air-interface encrypted traffic using any TEA keystream generator. IV generation is based upon several TDMA frame counters, which are frequently broadcast by the infrastructure in an unauthenticated manner. An active adversary can manipulate the view of...