CVE-2022-46164 Account takeover via prototype vulnerability

NodeBB is an open source Node.js based forum software. Due to a plain object with a prototype being used in socket.io message handling a specially crafted payload can be used to impersonate other users and takeover accounts. This vulnerability has been patched in version 2.6.1. Users are advised ...

CVE-2022-46169 Unauthenticated Command Injection

Cacti is an open source platform which provides a robust and extensible operational monitoring and fault management framework for users. In affected versions a command injection vulnerability allows an unauthenticated user to execute arbitrary code on a server running Cacti, if a specific data...

PT-2022-27191 · Unknown · Solarview Compact

Name of the Vulnerable Software and Affected Versions: SolarView Compact version 7.0 Description: The issue is related to Cross-site Scripting XSS via the "/network test.php" API endpoint. This allows for potential malicious script injection and execution. No information is provided about the...

CVE-2022-45442 Sinatra vulnerable to Reflected File Download attack

Sinatra is a domain-specific language for creating web applications in Ruby. An issue was discovered in Sinatra 2.0 before 2.2.3 and 3.0 before 3.0.4. An application is vulnerable to a reflected file download RFD attack that sets the Content-Disposition header of a response when the filename is...

CVE-2022-41927 XWiki Platform vulnerable to Cross-Site Request Forgery (CSRF) allowing to delete or rename tags

XWiki Platform is vulnerable to Cross-Site Request Forgery CSRF that may allow attackers to delete or rename tags without needing any confirmation. The problem has been patched in XWiki 13.10.7, 14.4.1 and 14.5RC1. Workarounds: It's possible to patch existing instances directly by editing the pag...

CVE-2022-41923 Grails Spring Security Core plugin vulnerable to privilege escalation

Grails Spring Security Core plugin is vulnerable to privilege escalation. The vulnerability allows an attacker access to one endpoint i.e. the targeted endpoint using the authorization requirements of a different endpoint i.e. the donor endpoint. In some Grails framework applications, access to t...

CVE-2021-4240 phpservermon User.php generatePasswordResetToken predictable algorithm in random number generator

A vulnerability, which was classified as problematic, was found in phpservermon. This affects the function generatePasswordResetToken of the file src/psm/Service/User.php. The manipulation leads to use of predictable algorithm in random number generator. The exploit has been disclosed to the publ...

avtorazborkatula.ru Cross Site Scripting vulnerability OBB-3055061

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2022-3988 Frappe Search navbar_search.html cross site scripting

A vulnerability was found in Frappe. It has been rated as problematic. Affected by this issue is some unknown functionality of the file frappe/templates/includes/navbar/navbarsearch.html of the component Search. The manipulation of the argument q leads to cross site scripting. The attack may be...

CVE-2022-39352 OpenFGA Authorization Bypass

OpenFGA is a high-performance authorization/permission engine inspired by Google Zanzibar. Versions prior to 0.2.5 are vulnerable to authorization bypass under certain conditions. You are affected by this vulnerability if you added a tuple with a wildcard assigned to a tupleset relation the right...

PT-2022-26799 · Open5Gs · Open5Gs

Name of the Vulnerable Software and Affected Versions: open5gs version 2.4.11 Description: The issue is related to a memory leak in the component src/smf/pfcp-path.c, which allows attackers to cause a Denial of Service DoS via a crafted PFCP packet. Recommendations: For open5gs version 2.4.11,...

PT-2022-26022 · Forma Lms · Forma Lms

Name of the Vulnerable Software and Affected Versions: Forma LMS versions 3.1.0 and earlier Description: The issue allows an authenticated attacker with the role of student to perform a SQL injection on the 'searchvalue' parameter in the "appLms/ajax.server.php?r=mycertificate/getMyCertificates"...

PYSEC-2022-42974

Jupyter Core is a package for the core common functionality of Jupyter projects. Jupyter Core prior to version 4.11.2 contains an arbitrary code execution vulnerability in jupytercore that stems from jupytercore executing untrusted files in CWD. This vulnerability allows one user to run code as...

CVE-2022-39286 Execution with Unnecessary Privileges in JupyterApp

Jupyter Core is a package for the core common functionality of Jupyter projects. Jupyter Core prior to version 4.11.2 contains an arbitrary code execution vulnerability in jupytercore that stems from jupytercore executing untrusted files in CWD. This vulnerability allows one user to run code as...

CVE-2022-39315 Kirby CMS vulnerable to user enumeration in the brute force protection

Kirby is a Content Management System. Prior to versions 3.5.8.2, 3.6.6.2, 3.7.5.1, and 3.8.1, a user enumeration vulnerability affects all Kirby sites with user accounts unless Kirby's API and Panel are disabled in the config. It can only be exploited for targeted attacks because the attack does...

PT-2022-22991 · Abode Systems · Iota All-In-One Security Kit

Name of the Vulnerable Software and Affected Versions: Abode Systems, Inc. iota All-In-One Security Kit versions 6.9Z through 6.9X Description: Four format string injection issues exist in the UPnP logging functionality. A specially-crafted UPnP negotiation can lead to memory corruption,...

Chromecast Security Bulletin—October 2022Stay organized with collectionsSave and categorize content based on your preferences.

The Chromecast Security Bulletin contains details of security vulnerabilities affecting supported Chromecast with Google TV devices Chromecast devices. For Chromecast devices, security patch levels of 2022-07-05 or later address all applicable issues in the July 2022 Android Security Bulletin and...

GHSA-43QQ-QW4X-28F8 Kirby CMS vulnerable to user enumeration in the code-based login and password reset forms

TL;DR This vulnerability only affects you if you are using the code or password-reset auth method with the auth.methods option. It can only be successfully exploited under server configuration conditions outside of the attacker's control. ---- Introduction User enumeration is a type of...

CVE-2022-3566

A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcpgetsockopt/tcpsetsockopt of the component TCP Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. The identifier VDB-211089 was assign...

CVE-2022-3526 Linux Kernel skb macvlan.c macvlan_handle_frame memory leak

A vulnerability classified as problematic was found in Linux Kernel. This vulnerability affects the function macvlanhandleframe of the file drivers/net/macvlan.c of the component skb. The manipulation leads to memory leak. The attack can be initiated remotely. It is recommended to apply a patch t...