bluez: memory leak in the SDP protocol

BlueZ is a Bluetooth protocol stack for Linux. In affected versions a vulnerability exists in sdpcstateallocbuf which allocates memory which will always be hung in the singly linked list of cstates and will not be freed. This will cause a memory leak over time. The data can be a very large object...

Moderate: qt5-qtsvg security update

Scalable Vector Graphics SVG is an XML-based language for describing two-dimensional vector graphics. Qt provides classes for rendering and displaying SVG drawings in widgets and on other paint devices. Security Fixes: qt: out-of-bounds write may lead to DoS CVE-2021-45930 For more details about...

qt5-qtsvg security update

An update for qt5-qtsvg is now available for Rocky Linux 8. Rocky Enterprise Software Foundation Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Rugpull vector : a single admin address can withdraw all funds

Lines of code Vulnerability details Impact Someone with access to admin keys could rug pull all funds Proof of Concept The gravity.sol contract should work as an escrow to mint equivalent tokens in the cosmos chain. This is maintained by a system of validators. The possible decentralization of th...

CVE-2022-28270

Adobe Photoshop versions 22.5.6 and earlier and 23.2.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious SVG...

Glovo: Django debug enabled showing information about system, database, configuration files

Summary: Hi team, This subdomain pulpo.it.glovoint.com is a Django application running with debug mode turned on DEBUG = True . One of the main features of debug mode is the display of detailed error pages to help developers. If your app raises an exception when DEBUG is True, Django will display...

amount requires to be updated to contract balance increase (4)

Lines of code Vulnerability details Impact Every time transferFrom or transfer function in ERC20 standard is called there is a possibility that underlying smart contract did not transfer the exact amount entered. It is required to find out contract balance increase/decrease after the transfer. Th...

Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to attack under error due to Go CVE-2022-23773

Summary Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to attack under error due to Go CVE-2022-23773 with details below Vulnerability Details CVEID: CVE-2022-23773 DESCRIPTION: An unspecified error with not treating branches with semantic-version names a...

Bad Actors Are Maximizing Remote Everything

The rise of remote work and learning opened new opportunities for many people – as we’ve seen by the number of people who have moved to new places or adapted to “workcations.” Cybercriminals are taking advantage of the same opportunities – just in a different way. Evaluating the prevalence of...

python-lxml: HTML Cleaner allows crafted and SVG embedded scripts to pass through

There's a flaw in python-lxml's HTML Cleaner component, which is responsible for sanitizing HTML and Javascript. An attacker who is able to submit a crafted payload to a web service using python-lxml's HTML Cleaner may be able to trigger script execution in clients such as web browsers. This can...

Vendure 跨站脚本漏洞

Vendure is a headless GraphQL eCommerce framework based on Node.js and Nest ＆ TypeScript, focused on developer productivity and easy customization. version 0.1.0-alpha.2 to 1.5.1 of Vendure is vulnerable to a cross-site scripting vulnerability that stems from the program's lack of data validation...

CVE-2022-23942

Apache Doris, prior to 1.0.0, used a hardcoded key and IV to initialize the cipher used for ldap password, which may lead to information disclosure...

CVE-2022-23942

Apache Doris, prior to 1.0.0, used a hardcoded key and IV to initialize the cipher used for ldap password, which may lead to information disclosure...

FlywheelCore.setBooster() can be used to steal unclaimed rewards

Lines of code Vulnerability details Impact A malicious authorized user can steal all unclaimed rewards and break the reward accounting Even if the authorized user is benevolent the fact that there is a rug vector available may negatively impact the protocol's reputation. Furthermore since this...

Australia Experiences Massive Spike in WAF Multi-Vector, DDoS Attacks

With web applications under increased attacks, Akamai has analyzed data points for web application firewall WAF multi-vector and DDoS attacks between April 2021 and March 2022 to determine the severity of the situation in Australia...

CVE-2021-41162 Cross-site Scripting in Combodo iTop

Combodo iTop is a web based IT Service Management tool. In 3.0.0 beta releases prior to beta6 the ajax.render.php?operation=wizardhelper page did not properly escape the user supplied parameters, allowing for a cross site scripting attack vector. Users are advised to upgrade. There are no known...

GLPI 跨站脚本漏洞

GLPI is an open source IT and asset management software for individual developers. The software provides a full-featured IT resource management interface that you can use to build databases to fully manage IT computers, monitors, servers, printers, network devices, phones, and even toner cartridg...

PT-2022-7407 · Glpi +2 · Glpi +2

Name of the Vulnerable Software and Affected Versions: GLPI versions prior to 10.0.0 Description: The issue is related to a lack of sanitization on SVG file uploads, allowing an attacker to inject javascript into a user's avatar. This can lead to a cross-site scripting attack when any user views...

libxml2: Use-after-free in xmlXIncludeDoProcess() in xinclude.c

There's a flaw in libxml2. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability...

Windows-Specific Relative Path Traversal vulnerability in StaticDir server

Description The fix released in version 0.19.1 does not completely fix the relative path traversal vulnerability on Windows hosts. An attacker can access files outside of the configured directory root. This is due to Windows supporting the \ character as a path separator. Proof of Concept With a...