CVE-2023-46129 xkeys Seal encryption used fixed key for all encryption

NATS.io is a high performance open source pub-sub distributed communication technology, built for the cloud, on-premise, IoT, and edge computing. The cryptographic key handling library, nkeys, recently gained support for encryption, not just for signing/authentication. This is used in nats-server...

Duplicate of ./go/github.com/KubeOperator/KubePi/CVE-2023-22479.yml

Summary A session fixation attack allows an attacker to hijack a legitimate user session. The attack investigates a flaw in how the online application handles the session ID, especially the susceptible web application. Affected Version = v1.6.3 For more information If you have any questions or...

Microsoft Office Word Hidden Border Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Word 2007/2010. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

Mozilla Firefox nsTreeSelection EventListener Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on software utilizing a vulnerable version of Mozilla's Firefox. User interaction is required in that the victim must visit a malicious website or be coerced into opening a malicious document. The specific flaw exists within how...

Microsoft Powerpoint Remote Code Execution Vulnerability

Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. This issue occurs when the application handles malformed record data within a presentation file. A successful exploit of this issue will let attackers execute arbitrary code in the context of the targeted user...