Design/Logic Flaw

A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a...

CVE-2023-20900

A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a...

CVE-2023-20900

A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a...

CVE-2023-20900

A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a...

CVE-2023-20900

A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a...

UBUNTU-CVE-2023-20900

A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a...

H2 Web Interface Create Alias RCE

The H2 database contains an alias function which allows for arbitrary Java code to be used. This functionality can be abused to create an exec functionality to pull our payload down and execute it. H2's web interface contains restricts MANY characters, so injecting a payload directly is not...

H2 Database Web Interface Create Alias Remote Code Execution Exploit

The H2 database contains an alias function which allows for arbitrary Java code to be used. This functionality can be abused to create an exec functionality to pull our payload down and execute it. H2's web interface contains restricts MANY characters, so injecting a payload directly is not...

CVE-2023-38487 HedgeDoc API allows to hide existing notes

HedgeDoc is software for creating real-time collaborative markdown notes. Prior to version 1.9.9, the API of HedgeDoc 1 can be used to create notes with an alias matching the ID of existing notes. The affected existing note can then not be accessed anymore and is effectively hidden by the new one...

CVE-2023-38487 HedgeDoc API allows to hide existing notes

HedgeDoc is software for creating real-time collaborative markdown notes. Prior to version 1.9.9, the API of HedgeDoc 1 can be used to create notes with an alias matching the ID of existing notes. The affected existing note can then not be accessed anymore and is effectively hidden by the new one...

IBM: Nginx Alias Traversal - babel.bluetab.net

Vulnerability description not provided...

VulnCheck KEV: CVE-2019-7580

ThinkCMF 5.0.190111 allows remote attackers to execute arbitrary PHP code via the portal/admincategory/addpost.html alias parameter because the mishandling of a single quote character allows data/conf/route.php injection...

Iranian Hackers Using POWERSTAR Backdoor in Targeted Espionage Attacks

Charming Kitten, the nation-state actor affiliated with Iran's Islamic Revolutionary Guard Corps IRGC, has been attributed to a bespoke spear-phishing campaign that delivers an updated version of a fully-featured PowerShell backdoor called POWERSTAR. "There have been improved operational security...

CLSA-2023-1688070107 sqlite: Fix of CVE-2020-24736

CVE-2020-24736: internally, remove all references to a Window object that belongs to an expression in an ORDER BY clause if that expression is converted to an alias of a result-set expression...

CLSA-2023-1688069016 sqlite: Fix of CVE-2020-24736

CVE-2020-24736: internally, remove all references to a Window object that belongs to an expression in an ORDER BY clause if that expression is converted to an alias of a result-set expression...

New Golang-based Skuld Malware Stealing Discord and Browser Data from Windows PCs

A new Golang-based information stealer called Skuld has compromised Windows systems across Europe, Southeast Asia, and the U.S. "This new malware strain tries to steal sensitive information from its victims," Trellix researcher Ernesto Fernández Provecho said in a Tuesday analysis. "To accomplish...

Amazon Linux 2 : glib2 (ALAS-2023-2058)

The version of glib2 installed on the remote host is prior to 2.56.1-9. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2058 advisory. A flaw was found in glib before version 2.63.6. Due to random charset alias, pkexec can leak content from files owned by privileged...

Important: glib2

Issue Overview: In GNOME GLib 2.56.1, gmarkupparsecontextendparse in gmarkup.c has a NULL pointer dereference. CVE-2018-16428 GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in gmarkupparsecontextparse in gmarkup.c, related to utf8str. CVE-2018-16429 The keyfile settings backend in GNOM...

Redline Router 授权问题漏洞

Redline Router is a wireless router from Redline. A security vulnerability exists in Redline Router versions prior to 7.17, which stems from an authentication bypass via alias vulnerability...

GHSA-CPMR-MW4J-99R7 Nginx alias path traversal allows unauthenticated attackers to read all files on /label_studio/core/

Summary The vulnerability resides on the Nginx config file: https://github.com/heartexlabs/label-studio/blob/53944e6bcede75ca5c102d655013f2e5238e85e6/deploy/default.confL119 The pattern on location /static indicates a popular misconfiguration on Nginx servers presented in 2018 originally by Orang...