CLSA-2023-1678820123 Fix CVE(s): CVE-2023-1175

SECURITY UPDATE: Illegal memory access when using virtual editing - debian/patches/CVE-2023-1175: Make sure "startspaces" is not negative - CVE-2023-1175...

Security Bulletin: There is a security vulnerability in Apache SOAP used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2022-40705)

Summary There is a security vulnerability in Apache SOAP used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2022-40705 DESCRIPTION: Apache SOAP is vulnerable to an XML external entity injection XXE attack when processing XML data, caused by a...

PT-2023-20455 · Xwiki · Xwiki Commons

Name of the Vulnerable Software and Affected Versions: XWiki Commons versions 3.1-milestone-1 through 13.10.8 XWiki Commons versions 14.0.0 through 14.4.3 XWiki Commons versions 14.5.0 through 14.7RC0 Description: The issue allows any user to edit their own profile and inject code, which is...

CVE-2022-32836

This issue was addressed with improved state management. This issue is fixed in Apple Music 3.9.10 for Android. An app may be able to access user-sensitive data...

aiguesvida.cat Cross Site Scripting vulnerability OBB-3200358

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2023-25805 versionn Command Injection Vulnerability

versionn, software for changing version information across multiple files, has a command injection vulnerability in all versions prior to version 1.1.0. This issue is patched in version 1.1.0...

Chip company loses $250m after ransomware hits supply chain

Applied Materials, one of the worlds leading suppliers of equipment, services, and software for the manufacture of semiconductors, has warned that its second-quarter sales are likely to be hurt to the tune of $250 million due to a cybersecurity attack at one of its suppliers. MKS Instruments Inc...

CVE-2023-23936 CRLF Injection in Nodejs ‘undici’ via host

Undici is an HTTP/1.1 client for Node.js. Starting with version 2.0.0 and prior to version 5.19.1, the undici library does not protect host HTTP header from CRLF injection vulnerabilities. This issue is patched in Undici v5.19.1. As a workaround, sanitize the headers.host string before passing to...

delake.com Cross Site Scripting vulnerability OBB-3195511

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

SUSE CVE-2021-29625

Adminer is open-source database management software. A cross-site scripting vulnerability in Adminer versions 4.6.1 to 4.8.0 affects users of MySQL, MariaDB, PgSQL and SQLite. XSS is in most cases prevented by strict CSP in all modern browsers. The only exception is when Adminer is using a pdo...

SUSE CVE-2022-23649

Cosign provides container signing, verification, and storage in an OCI registry for the sigstore project. Prior to version 1.5.2, Cosign can be manipulated to claim that an entry for a signature exists in the Rekor transparency log even if it doesn't. This requires the attacker to have pull and...

SUSE CVE-2022-24724

cmark-gfm is GitHub's extended version of the C reference implementation of CommonMark. Prior to versions 0.29.0.gfm.3 and 0.28.3.gfm.21, an integer overflow in cmark-gfm's table row parsing table.c:rowfromstring may lead to heap memory corruption when parsing tables who's marker rows contain mor...

CVE-2023-25563 GSS-NTLMSSP vulnerable to multiple out-of-bounds reads when decoding NTLM fields

GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, multiple out-of-bounds reads when decoding NTLM fields can trigger a denial of service. A 32-bit integer overflow condition can lead to incorrect checks of consistency of length of...

CVE-2020-36661 Kong lua-multipart multipart.lua is_header redos

A vulnerability was found in Kong lua-multipart 0.5.8-1. It has been declared as problematic. This vulnerability affects the function isheader of the file src/multipart.lua. The manipulation leads to inefficient regular expression complexity. Upgrading to version 0.5.9-1 is able to address this...

CVE-2023-22797

An open redirect vulnerability is fixed in Rails 7.0.4.1 with the new protection against open redirects from calling redirectto with untrusted user input. In prior versions the developer was fully responsible for only providing trusted input. However the check introduced could allow an attacker t...

PT-2023-2359 · D Link · D-Link Dir-820L

Name of the Vulnerable Software and Affected Versions: D-Link DIR820LA1 FW105B03 Description: The issue is an OS Command injection vulnerability that allows attackers to escalate privileges to root via a crafted payload with the ping addr parameter to ping.ccp. This vulnerability exists due to th...

Use of Cache Containing Sensitive Information

Grafana is an open-source platform for monitoring and observability. When datasource query caching is enabled, Grafana caches all headers, including grafanasession . As a result, any user that queries a datasource where the caching is enabled can acquire another user’s session. To mitigate the...

CVE-2023-23621

Discourse is an open-source discussion platform. Prior to version 3.0.1 on the stable branch and version 3.1.0.beta2 on the beta and tests-passed branches, a malicious user can cause a regular expression denial of service using a carefully crafted user agent. This issue is patched in version 3.0....

CVE-2023-0549 YAFNET Private Message PostPrivateMessage cross site scripting

A vulnerability, which was classified as problematic, has been found in YAFNET up to 3.1.10. This issue affects some unknown processing of the file /forum/PostPrivateMessage of the component Private Message Handler. The manipulation of the argument subject/message leads to cross site scripting. T...

CVE-2023-22485 cmark-gfm out-of-bounds read in validate_protocol

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. In versions prior 0.29.0.gfm.7, a crafted markdown document can trigger an out-of-bounds read in the validateprotocol function. We believe this bug is harmless in practice, because the out-of-bounds...