Jenkins SAML Single Sign On(SSO) Plugin missing permission checks

Jenkins SAML Single Sign OnSSO Plugin 2.0.0 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to send an HTTP POST request with JSON body containing attacker-specified content, to miniOrange’s API for sending emails...

Input validation

Jenkins SAML Single Sign OnSSO Plugin 2.0.2 and earlier does not perform hostname validation when connecting to miniOrange or the configured IdP to retrieve SAML metadata, which could be abused using a man-in-the-middle attack to intercept these connections...

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins Email Extension Plugin allows attackers to make another user stop watching an attacker-specified job...

CVE-2023-32995

CVE-2023-32995 is a CSRF vulnerability in Jenkins SAML Single Sign On(SSO) Plugin versions 2.0.0 and earlier. The flaw allows an attacker with Overall/Read permission to trigger an HTTP POST with a JSON body to miniOrange’s API for sending emails due to a missing/unchecked permission check on an ...

CVE-2023-32993

Jenkins SAML Single Sign OnSSO Plugin 2.0.2 and earlier does not perform hostname validation when connecting to miniOrange or the configured IdP to retrieve SAML metadata, which could be abused using a man-in-the-middle attack to intercept these connections...

RA Group’s Custom Ransomware Hits US & South Korea

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The emergence of the RA ransomware group highlights the utilization of the recently leaked Babuk ransomware source code as they employ it to develop their variant of the malware. To receive real-time...

RUSTSEC-2023-0039 Out-of-bounds array access leads to panic

Affected versions of the crate have a bug where attacker-controlled input can result in the use of an out-of-bound array index. Rust detects the use of the out-of-bound index and causes the application to panic. An attacker may be able to use this to cause a denial-of-service. However, it is not...

Contact Form by Supsystic < 1.7.25 - CSRF

The plugin does not have CSRF checks in their AJAX actions, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

CVE-2023-31620

An issue in the dvcompare component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

AlmaLinux 9 : edk2 (ALSA-2023:2165)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:2165 advisory. - Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize. CVE-2021-38578 - A timing based side channel exists in t...

EulerOS 2.0 SP9 : gnutls (EulerOS-SA-2023-1843)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover...

Improper Input Validation

OpenJDK is vulnerable to Improper Input Validation. An attacker can create, delete or modify critical data or complete access to some of Oracle Java SE and Oracle GraalVM Enterprise Edition accessible data through TLS...

github.com/ipfs/kubo affected by DOS Bitswap unbounded persistent memory leak

Impact An attacker is able allocate arbitrarily many bytes in the Bitswap server by sending many WANTBLOCK and or WANTHAVE requests which are queued in an unbounded queue, with allocations that persist even if the connection is closed. This affects users accepting or connecting untrusted...

Xxe

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 249185...

Cross site request forgery (csrf)

A cross site request forgery vulnerability exists in Rockwell Automation's FactoryTalk Vantagepoint. This vulnerability can be exploited in two ways. If an attacker sends a malicious link to a computer that is on the same domain as the FactoryTalk Vantagepoint server and a user clicks the link, t...

Buffer overflow

Buffer overflow in NetBIOS QNAME registering and communication process of Office / Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. :Satera LBP660C...

Extraordinary Funding proposal could be susceptible back-run

Lines of code Vulnerability details Impact An extraordinary proposal can be proposed, voted on, and executed within a single transaction, in the same block. As a result, an attacker with enough voting power to meet the conditions on their own could back-run a transaction to steal funds from the...

CVE-2023-32076 in-toto vulnerable to Configuration Read From Local Directory

in-toto is a framework to protect supply chain integrity. The in-toto configuration is read from various directories and allows users to configure the behavior of the framework. The files are from directories following the XDG base directory specification. In versions 1.4.0 and prior, among the...

ABB Improper Restriction of Operations Within the Bounds of a Memory Buffer in Wind River VxWorks (CVE-2019-12260)

Wind River is the provider of a real time operating system called VxWorks which is used in the embedded software of the PM 877 Controller. Wind River has announced security vulnerabilities in the VxWorks TCP/IP stack IPnet and management of memory block size Bad Alloc. The controller PM 877 is...

Apache Airflow Elevation of Privilege Vulnerability

Apache Airflow is the United States Apache Apache Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. An elevation of privilege vulnerability exists in Apache Airflow versions prior to...