Potential leakage of Sentry auth tokens by React Native SDK with Expo plugin

Impact SDK versions between and including 5.16.0 and 5.19.0 allowed Sentry auth tokens to be set in the optional authToken configuration parameter, for debugging purposes. Doing so would result in the auth token being built into the application bundle, and therefore the auth token could be...

The vulnerability of the `ksmbddecode_ntlmssp_auth_blob()` function in the ksmbd module of Linux operating systems allows a hacker to execute arbitrary code.

The vulnerability of the ksmbddecodentlmsspauthblob function in the ksmbd module of Linux operating systems is related to the copying of buffers without checking the size of the input data during the processing of the authblob-SessionKey.Length parameter. Exploiting this vulnerability allows a...

@nfid/embed has compromised private key due to @dfinity/auth-client producing insecure session keys

Problem User sessions in the @nfid/embed SDK with Ed25519 keys are vulnerable due to a compromised private key 535yc-uxytb-gfk7h-tny7p-vjkoe-i4krp-3qmcl-uqfgr-cpgej-yqtjq-rqe. This exposes users to potential loss of funds on ledgers and unauthorized access to canisters they control. Solution Usin...

UBUNTU-CVE-2024-25763

openNDS 10.2.0 is vulnerable to Use-After-Free via /openNDS/src/auth.c...

openNDS Security Vulnerabilities

openNDS is openNDS open source a high-performance, small footprint portal system. A security vulnerability exists in openNDS version 10.2.0, which originates from a post-release reuse vulnerability in the /openNDS/src/auth.c file...

ConnectWise ScreenConnect Unauthenticated Remote Code Execution

This module exploits an authentication bypass vulnerability that allows an unauthenticated attacker to create a new administrator user account on a vulnerable ConnectWise ScreenConnect server. The attacker can leverage this to achieve RCE by uploading a malicious extension module. All versions of...

bakers-registry (>=0.1.1 <=0.1.7), bitcoinlib (>=0.5.1 <=0.6.3) +12 more potentially affected by CVE-2024-21502 via fastecdsa (>=1.6.4 <=2.3.0)

fastecdsa PYPI version =1.6.4, =0.1.1, =0.5.1, =0.1.0, =0.7.3, =0.1.1, =0.1.0, =2.0.0, =0.1.0a28, =1.0.1, =1.0.0, =0.1.0, =0.4.3 - xchainpy-bitcoin =0.1.2 Source cves: CVE-2024-21502 Source advisory: OSV:GHSA-PH86-G9R3-5QW4...

bakers-registry (>=0.1.1 <=0.1.7), bitcoinlib (>=0.5.1 <=0.6.3) +12 more potentially affected by CVE-2024-21502 via fastecdsa (>=1.6.4 <=2.3.0)

fastecdsa PYPI version =1.6.4, =0.1.1, =0.5.1, =0.1.0, =0.7.3, =0.1.1, =0.1.0, =2.0.0, =0.1.0a28, =1.0.1, =1.0.0, =0.1.0, =0.4.3 - xchainpy-bitcoin =0.1.2 Source cves: CVE-2024-21502 Source advisory: OSV:PYSEC-2024-39...

SUSE CVE-2023-52440

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slub overflow in ksmbddecodentlmsspauthblob If authblob-SessionKey.Length is bigger than session key sizeCIFSKEYSIZE, slub overflow can happen in key exchange codes. cifsarc4crypt copy to session key array from...

CVE-2023-46241 Potential account take over due to unverified emails from Microsoft Identity Platform

discourse-microsoft-auth is a plugin that enables authentication via Microsoft. On sites with the discourse-microsoft-auth plugin enabled, an attack can potentially take control of a victim's Discourse account. Sites that have configured their application's account type to any options other than...

CVE-2023-46241

The CVE-2023-46241 entry concerns the discourse-microsoft-auth plugin for Discourse, which allows Microsoft-based authentication and can enable account takeovers when sites are configured to non-single-tenant accounts. The issue is linked to authentication handling within the plugin and has been ...

CVE-2023-52440

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slub overflow in ksmbddecodentlmsspauthblob If authblob-SessionKey.Length is bigger than session key sizeCIFSKEYSIZE, slub overflow can happen in key exchange codes. cifsarc4crypt copy to session key array from...

CVE-2023-52440

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slub overflow in ksmbddecodentlmsspauthblob If authblob-SessionKey.Length is bigger than session key sizeCIFSKEYSIZE, slub overflow can happen in key exchange codes. cifsarc4crypt copy to session key array from...

Improper Input Validation

github.com/cosmos/cosmos-sdk is vulnerable to Improper Input Validation. The vulnerability is due to a lack of BlockedAddressed validation in the x/auth/vesting module which would prevent the creation of a periodic vesting account. If triggered, there is the potential for a chain halt if the...

@bundly/ic-core-js (>=0.1.0 <=0.4.2-rc.4), @bundly/ic-react (>=0.1.0 <=0.4.2-rc.4) +10 more potentially affected by CVE-2024-1631 via @dfinity/auth-client (>=0.20.2 <=0.9.3)

@dfinity/auth-client NPM version =0.20.2, =0.1.0, =0.1.0, =0.1.1, =0.0.2, =0.0.1, =0.0.1, =0.0.3, =0.0.2, =0.0.38-next-2023-12-19, =0.0.1, =0.0.7 Source cves: CVE-2024-1631 Source advisory: OSV:GHSA-C9VV-FHGV-CJC3...

CVE-2023-6398

CVE-2023-6398 is a post-authentication command-injection vulnerability in Zyxel devices where the file upload binary can be abused by an authenticated administrator to execute OS commands on the device via FTP. Affected products include ZyXEL ATP series (4.32–5.37 Patch 1), USG FLEX series (4.50–...

GLSA-202402-18 : Exim: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202402-18 Exim: Multiple Vulnerabilities - Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofe...

Metabase 0.46.6 - Pre-Auth Remote Code Execution Exploit

Exploit Title: metabase 0.46.6 - Pre-Auth Remote Code Execution Exploit Author: Musyoka Ian Vendor Homepage: https://www.metabase.com/ Software Link: https://www.metabase.com/ Version: metabase 0.46.6 Tested on: Ubuntu 22.04, metabase 0.46.6 CVE : CVE-2023-38646 !/usr/bin/env python3 import socke...

CVE-2024-24814 Denial of service when manipulating mod_auth_openidc_session_chunks cookie in mod_auth_openidc

modauthopenidc is an OpenID Certified™ authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality. In affected versions missing input validation on modauthopenidcsessionchunks cookie value makes the server vulnerable to a...

alastria-auth (>=0.0.3 <=0.0.17), alastria-identity (>=0.2.0 <=0.4.0) +36 more potentially affected by CVE-2023-6681 via jwcrypto (>=0.4.0 <=1.5.0)

jwcrypto PYPI version =0.4.0, =0.0.3, =0.2.0, =0.4.0a0, =2.0.0, =0.1.0, =0.1.0, =0.1.0.2, =2.5.6, =0.6.0, =0.1.0, =0.0.0.1, =2.5.0, =0.1.0, =0.1.0, =0.14.1 and more Source cves: CVE-2023-6681 Source advisory: OSV:PYSEC-2024-104...