GHSA-HQX2-J33X-9FC4 Gitea XSS Vulnerability in Repository Description

Gitea 1.7.2, 1.7.3 is affected by: Cross Site Scripting XSS. The impact is: execute JavaScript in victim's browser, when the vulnerable repo page is loaded. The component is: repository's description. The attack vector is: victim must navigate to public and affected repo page...

Gitea XSS Vulnerability in Repository Description

Gitea 1.7.2, 1.7.3 is affected by: Cross Site Scripting XSS. The impact is: execute JavaScript in victim's browser, when the vulnerable repo page is loaded. The component is: repository's description. The attack vector is: victim must navigate to public and affected repo page...

GHSA-6PVW-HH48-JX7P Craft CMS XSS Vulnerability

Craft CMS before 2.6.2982 allows for a potential XSS attack vector by uploading a malicious SVG file...

IBM DataPower Gateway 资源管理错误漏洞

IBM DataPower Gateway is a set of security and integration platforms from IBM USA designed specifically for mobile, cloud, application programming interface API, web, service-oriented architecture SOA, B2B and cloud workloads. The platform protects, integrates, and optimizes access across channel...

Moodle SSRF Vulnerability

The editblog.php script allows a registered user to add external RSS feed resources. It was identified that this feature could be abused to be used as a SSRF attack vector by adding a malicious URL/TCP PORT in order to target internal network or an internet hosted server, bypassing firewall rules...

[WP-H0] Fake balances can be created for not-yet-existing ERC20 tokens, which allows attackers to set traps to steal funds from future users

Lines of code Vulnerability details function createVault uint256 tokenIdOrAmount, address token, ... external returns uint256 vaultId ... Vault memory vault = Vault ... ; // vault index should always be odd vaultIndex += 2; vaultId = vaultIndex; vaultsvaultId = vault; // give msg.sender vault tok...

Merchandise Online Store 安全漏洞

Merchandise Online Store is a merchandise online store system. A security vulnerability exists in Merchandise Online Store that can be exploited by an attacker to delete arbitrary files...

Improper Privilege Management API V2

Description There are some api v2 doesn't check permission allow attackers to retrieve/edit information ticket,account,group,department,team,ElasticSearch Proof of Concept Get users list 1. Login. 2. Go to /api/v2/accounts?type=all. 3. Users list return. Create user with admin role 1. Get the adm...

Insurance Management System SQL注入漏洞

Insurance Management System is an insurance management system from the personal developer Angel Jude Reyes Suarez. Insurance Management System 1.0 is vulnerable to SQL injection, which could be exploited by attackers to obtain information about data in the target system...

bind: Lame cache can be abused to severely degrade resolver performance

A flaw was found in the way bind processes broken responses from authoritative servers. This caching mechanism could be abused by an attacker to significantly degrade resolver performance...

bluez: memory leak in the SDP protocol

BlueZ is a Bluetooth protocol stack for Linux. In affected versions a vulnerability exists in sdpcstateallocbuf which allocates memory which will always be hung in the singly linked list of cstates and will not be freed. This will cause a memory leak over time. The data can be a very large object...

Glovo: Django debug enabled showing information about system, database, configuration files

Summary: Hi team, This subdomain pulpo.it.glovoint.com is a Django application running with debug mode turned on DEBUG = True . One of the main features of debug mode is the display of detailed error pages to help developers. If your app raises an exception when DEBUG is True, Django will display...

Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to attack under error due to Go CVE-2022-23773

Summary Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to attack under error due to Go CVE-2022-23773 with details below Vulnerability Details CVEID: CVE-2022-23773 DESCRIPTION: An unspecified error with not treating branches with semantic-version names a...

Bad Actors Are Maximizing Remote Everything

The rise of remote work and learning opened new opportunities for many people – as we’ve seen by the number of people who have moved to new places or adapted to “workcations.” Cybercriminals are taking advantage of the same opportunities – just in a different way. Evaluating the prevalence of...

CVE-2021-41162 Cross-site Scripting in Combodo iTop

Combodo iTop is a web based IT Service Management tool. In 3.0.0 beta releases prior to beta6 the ajax.render.php?operation=wizardhelper page did not properly escape the user supplied parameters, allowing for a cross site scripting attack vector. Users are advised to upgrade. There are no known...

libxml2: Use-after-free in xmlXIncludeDoProcess() in xinclude.c

There's a flaw in libxml2. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability...

Windows-Specific Relative Path Traversal vulnerability in StaticDir server

Description The fix released in version 0.19.1 does not completely fix the relative path traversal vulnerability on Windows hosts. An attacker can access files outside of the configured directory root. This is due to Windows supporting the \ character as a path separator. Proof of Concept With a...

madlib-object-utils安全漏洞

madlib-object-utils is an application. A set of utility functions for working with objects. A security vulnerability exists in madlib-object-utils that allows an attacker to merge object prototypes into it...

openSIS SQL Injection Vulnerability (CNVD-2022-85100)

Open Solutions For Education openSIS is an open source student information management system from Open Solutions For Education. openSIS version 8.0 has a SQL injection vulnerability that originates from the parameter studentid in /modules/eligibility/Student.php that can be used for SQL injection...

Samsung SMR 缓冲区错误漏洞

Samsung SMR is a system patch package from South Korea's Samsung Samsung. Samsung SMR contains a heap buffer overflow vulnerability that can be exploited by attackers to execute code...