GnuPG through 2.3.6 in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g. use of GPGME) are met allows signature forgery via injection into the status line.

...

The vulnerability of Microsoft Excel and Microsoft Office Web Apps Server packages lies in the lack of proper input validation, allowing attackers to execute arbitrary code.

The vulnerability of Microsoft Excel and Microsoft Office Web Apps Server programs is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created malicious file...

WordPress Site Offline or Coming Soon plugin跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Site Offline or Coming Soon plugin version 1.6.6 and earlier are vulnerable to cross-site request...

[H-03] Attacker can mint unbound amount of iPTs (on APWine)

Lines of code Vulnerability details Note that I've reported a similar vulnerability, on a different 'Principals' and POC\attack vector is a bit different. I will leave it to the judge to decide if these should be grouped as 1 report or not - but I wanted to be specific at the POC instead of...

CVE-2022-34204

A missing permission check in Jenkins EasyQA Plugin 1.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server...

Detecting malicious key extractions by compromised identities for Azure Cosmos DB

Azure Cosmos DB is a fully managed NoSQL cloud database service for modern app development. It offers a variety of advanced built-in features, such as automatic worldwide data replication, lightning-fast response types, and a variety of APIs. In this blog post, we describe security practices for...

CVE-2022-34206

CVE-2022-34206 concerns Jenkins Jianliao Notification Plugin (1.1 and earlier). The root cause is a missing permission check in a form-validation method, allowing attackers with Overall/Read to send HTTP POST requests to an attacker-specified URL and enabling CSRF. The issue is confirmed across m...

D-Link DIR-850 授权问题漏洞

The D-Link DIR-850 is a wireless router from AUO D-Link of Taiwan, China. An authorization issue vulnerability exists in D-Link DIR-850L 1.21WW. An attacker can exploit this vulnerability to access the network by sending packets on data frames to the AP...

WordPress Carousel CK plugin跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress Carousel CK plugin 1.1.0 and earlier versions have a cross-site scripting vulnerability tha...

cause users to revet right after deployment so they cant lend or borrow

Lines of code Vulnerability details Impact because of deployment hasMatured is false mintInternal reverts then cause users' to loose money on gas and users' cant lend which could lead to worse things and cause more attack vectors. Recommended Mitigation Steps check for delay after deployment or g...

Adobe Bridge 缓冲区错误漏洞

Adobe Bridge is a file viewer from the American company Audobee Adobe. A buffer error vulnerability exists in Adobe Bridge. An attacker exploiting this vulnerability could cause arbitrary code execution...

Talos EMEA monthly update: Business email compromise

The latest edition of the Talos EMEA Monthly Update is available now on Cisco.com and Cisco's YouTube page. You can also view the episode in its entirety above. For June, Hazel and Martin got together to discuss business email compromise. BEC has quickly become the most lucrative attack vector...

GHSA-4W8F-HJM9-XWGF Path Traversal in django-s3file

Impact It was possible to traverse the entire AWS S3 bucket and in most cases to access or delete files. The issue was discovered by the maintainer. There were no reports of the vulnerability being known to or exploited by a third party, before the release of the patch. If the AWSLOCATION setting...

Path Traversal in django-s3file

Impact It was possible to traverse the entire AWS S3 bucket and in most cases to access or delete files. The issue was discovered by the maintainer. There were no reports of the vulnerability being known to or exploited by a third party, before the release of the patch. If the AWSLOCATION setting...

Google Android 资源管理错误漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability. An attacker can exploit this vulnerability to gain elevated privileges on the system...

Google Android 安全漏洞

Google Android is a Linux-based open-source operating system from Google, a U.S. company. An attacker could use the vulnerability to gain elevated privileges on the system...

CRI-O 资源管理错误漏洞

CRI-O is a lightweight container runtime environment for Kubernetes systems. CRI-O suffers from a resource management error vulnerability that stems from a lack of size limitations on CRI-O read output. An attacker could create larger output to exploit the vulnerability to affect the availability...

CVE-2022-31461

Owl Labs Meeting Owl 5.2.0.15 allows attackers to deactivate the passcode protection mechanism via a certain c 11 message...

Carrier LenelS2 HID Mercury access panels 安全漏洞

Carrier LenelS2 HID Mercury access panels is a controller panel from Carrier, U.S.A. A buffer overflow vulnerability exists in Carrier LenelS2 HID Mercury access panels, which could be exploited by an attacker to send a specially crafted update file to the device, which could cause a buffer...

Microsoft Windows Support Diagnostic Tool 操作系统命令注入漏洞

Microsoft Support Diagnostic Tool MSDT, Microsoft Support Diagnostic Tool is a utility program used to troubleshoot and collect diagnostic data for professionals to analyze and solve problems.Microsoft Office is a popular office software developed by Microsoft Corporation. Microsoft Support...