CVE-2024-27307

JSONata is a JSON query and transformation language. Starting in version 1.4.0 and prior to version 1.8.7 and 2.0.4, a malicious expression can use the transform operator to override properties on the Object constructor and prototype. This may lead to denial of service, remote code execution or...

BIT-ARGO-CD-2023-40029

Argo CD is a declarative continuous deployment for Kubernetes. Argo CD Cluster secrets might be managed declaratively using Argo CD / kubectl apply. As a result, the full secret body is stored inkubectl.kubernetes.io/last-applied-configuration annotation. pull request 7139 introduced the ability ...

DEBIAN-CVE-2023-52504

In the Linux kernel, the following vulnerability has been resolved: x86/alternatives: Disable KASAN in applyalternatives Fei has reported that KASAN triggers during applyalternatives on a 5-level paging machine: BUG: KASAN: out-of-bounds in rcuiswatching Read of size 4 at addr ff110003ee6419a0 by...

CVE-2023-52504 x86/alternatives: Disable KASAN in apply_alternatives()

In the Linux kernel, the following vulnerability has been resolved: x86/alternatives: Disable KASAN in applyalternatives Fei has reported that KASAN triggers during applyalternatives on a 5-level paging machine: BUG: KASAN: out-of-bounds in rcuiswatching Read of size 4 at addr ff110003ee6419a0 by...

CMS Made Simple 2.2.19 Server-Side Template Injection Vulnerability

Exploit Title: CMS Made Simple Version: 2.2.19 - SSTI Exploit Author: tmrswrr Vendor Homepage: https://www.cmsmadesimple.org/ Version: 2.2.19 Tested on: https://www.softaculous.com/demos/CMSMadeSimple 1 log in as admin and go to Layout Design Manager Breadcrumbs 2 Click edit and write SSTI payloa...

Advisory ROSA-SA-2024-2358

Software: libwebp 1.2.3 OS: ROSA-CHROME packageevrstring: libwebp-1.2.3-1.src.rpm CVE-ID: CVE-2023-1999 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: There is a use after free/double free in libwebp. An attacker could use ApplyFiltersAndEncode to free best.bw and assign the pointer best = Trial. The...

CVE-2023-40122

In applyCustomDescription of SaveUi.java, there is a possible way to view other user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2024-1749

Name of the Vulnerable Software and Affected Versions ESET versions prior to the fixed version Description The issue is related to a local privilege escalation vulnerability that potentially allows an attacker to misuse ESET’s file operations to delete files without having proper permission. This...

CVE-2023-41708

References to the "app loader" functionality could contain redirects to unexpected locations. Attackers could forge app references that bypass existing safeguards to inject malicious script code. Please deploy the provided updates and patch releases. References to apps are now controlled more...

CVE-2023-41704

Processing of CID references at E-Mail can be abused to inject malicious script code that passes the sanitization engine. Malicious script code could be injected to a users sessions when interacting with E-Mails. Please deploy the provided updates and patch releases. CID handing has been improved...

PT-2024-18042

Name of the Vulnerable Software and Affected Versions DeepFaceLab pretrained DF.wf.288res.384.92.72.22 Description A vulnerability was found in DeepFaceLab pretrained and classified as problematic. This issue affects the function apply xseg of the file main.py. The manipulation leads to...

CVE-2024-0946

A vulnerability classified as critical was found in 60IndexPage up to 1.8.5. This vulnerability affects unknown code of the file /apply/index.php of the component Parameter Handler. The manipulation of the argument url leads to server-side request forgery. The attack can be initiated remotely. Th...

PT-2024-15927 · Unknown · 60Indexpage

Name of the Vulnerable Software and Affected Versions: 60IndexPage versions up to 1.8.5 Description: A critical vulnerability was found in the Parameter Handler component of the file /apply/index.php. The manipulation of the url argument leads to server-side request forgery. This issue can be...

git: git apply: a path outside the working tree can be overwritten with crafted input

A vulnerability was found in Git. This security issue occurs when feeding a crafted input to "git apply." A path outside the working tree can be overwritten by the user running "git apply."...

PT-2023-31447 · Unknown · Hotel Booking Management

Name of the Vulnerable Software and Affected Versions: Hotel Booking Management version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the npss parameter at the "rooms.php" endpoint. Recommendations: For Hotel Booking Management...

Improper access control

A vulnerability was found in Ethex Contracts. It has been classified as critical. This affects an unknown part of the file EthexJackpot.sol of the component Monthly Jackpot Handler. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. This product do...

JVN#46895889: RakRak Document Plus vulnerable to path traversal

RakRak Document Plus provided by Sumitomo Electric Information Systems Co., Ltd. contains a path traversal vulnerability CWE-22. Impact Arbitrary files on the server may be obtained or deleted by a user of the product with specific privileges. Solution Update the Software Update the software to t...

Adobe Releases Security Updates for ColdFusion

On Nov. 14, 2023, Adobe released security updates addressing vulnerabilities affecting unpatched ColdFusion software. Exploitation of some of these vulnerabilities may allow a malicious cyber actor to take control of an affected system. CISA urges organizations to review Adobe ColdFusion security...

CVE-2023-5245

FileUtil.extract enumerates all zip file entries and extracts each file without validating whether file paths in the archive are outside the intended directory. When creating an instance of TensorflowModel using the savedmodel format and an exported tensorflow model, the apply function invokes th...

The vulnerability of the `apply_relocations` function in the `binutils/readelf.c` component of the GNU Binutils development environment allows a attacker to cause a service failure.

The vulnerability of the applyrelocations function in the binutils/readelf.c component of the GNU Binutils development environment is related to integer overflow. Exploiting this vulnerability allows an attacker, operating remotely, to cause a service failure through the use of a specially create...