Exploit for Double Free in Openbsd Openssh

OpenSSH CVE-2023-25136 Pre-Auth Double Free – Writeup and PO...

0xsodium (>=0.0.0 <=1.48.0), 3extensions (=1.0.1) +967 more potentially affected by CVE-2023-26144 via graphql (>=16.3.0 <=16.8.0)

graphql NPM version =16.3.0, =0.0.0, =0.0.1, =0.0.0, =0.0.0, =0.0.1, =1.16.13, =1.8.5, =1.1.12, =1.6.23, =1.16.6, =1.1.12, =1.8.5, =1.16.33, =1.0.0, =1.17.12-beta-20260420-075606-d7d7a9c7 and more Source cves: CVE-2023-26144 Source advisory: SNYK:JS-GRAPHQL-5905181...

PT-2023-16542 · Red Hat +1 · Openshift Console +1

Name of the Vulnerable Software and Affected Versions: OpenShift console affected versions not specified Description: A flaw was found in the Network Observability plugin for OpenShift console. Unless the Loki authToken configuration is set to FORWARD mode, authentication is no longer enforced,...

CVE-2023-38204 Bypass APSB23-41 (CVE-2023-38203) - Pre-Auth RCE ColdFusion 2021 Update 8

Adobe ColdFusion versions 2018u18 and earlier, 2021u8 and earlier and 2023u2 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction...

Rouge ward can remove auth permission from other wards and then remove themselves

Lines of code Vulnerability details In a protocol, the deny function is used to remove the ward permissions from an address. This is actually a serious thing to consider that can actually occur, if a ward contract or account is obtained and other wards are not aware, the rogue ward can actually...

Unchecked Input

Lines of code Vulnerability details Impact Attackers can get the auth badge due to unchecked input vulnerability at the LiquidityPool The wardmsg.sender badge gives the attacker the highest role in the entire Centrifuge ecosystem, allowing the attacker to steal funds and cause DOS. Proof of Conce...

Ivanti Sentry MICSLogService Auth Bypass resulting in RCE (CVE-2023-38035)

This module exploits an authentication bypass in Ivanti Sentry which exposes API functionality which allows for code execution in the context of the root user. Module Options msf use exploit/linux/http/ivantisentrymisclogservice msf exploitivantisentrymisclogservice show targets ...targets... msf...

Exploit for Insecure Default Initialization of Resource in Apache Superset

CVE-2023-27524: Apache Superset Auth Bypass and RCE Apache Su...

Sonicwall GMS 9.9.9320 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Sonicwall', 'Description' = %q This module exploits a series of vulnerabilities - including auth bypass, SQL injection, and shell injection - to...

Design/Logic Flaw

Argo CD is a declarative continuous deployment for Kubernetes. Argo CD Cluster secrets might be managed declaratively using Argo CD / kubectl apply. As a result, the full secret body is stored inkubectl.kubernetes.io/last-applied-configuration annotation. pull request 7139 introduced the ability ...

Oracle Linux 5 : dovecot (ELSA-2008-0297)

The remote Oracle Linux 5 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2008-0297 advisory. - LDAP+auth cache user login mixup CVE-2007-6598, 427575 - insecure mailextragroups option CVE-2008-1199, 436927 - update to latest upstream, fixes a f...

Code injection

Jenkins Assembla Auth Plugin 1.14 and earlier does not verify that the permissions it grants are enabled, resulting in users with EDIT permissions to be granted Overall/Manage and Overall/SystemRead permissions, even if those permissions are disabled and should not be granted...

CVE-2023-41945

Jenkins Assembla Auth Plugin 1.14 and earlier does not verify that the permissions it grants are enabled, resulting in users with EDIT permissions to be granted Overall/Manage and Overall/SystemRead permissions, even if those permissions are disabled and should not be granted...

CVE-2023-41945

The CVE-2023-41945 issue affects the Jenkins Assembla Auth Plugin (versions ≤ 1.14). Root cause: the plugin does not verify that permissions it grants are actually enabled, allowing users with EDIT to receive Overall/Manage and Overall/SystemRead permissions even when disabled. Impact: elevated p...

CVE-2023-40007

CVE-2023-40007 affects the WordPress plugin CT Commerce (versions

CVE-2023-40329

CVE-2023-40329 affects the WordPress plugin WPZest Custom Admin Login Page (WPZest) up to version 1.2.0. The vulnerability is an authenticated Stored Cross-Site Scripting (XSS) flaw, where user input in admin settings is not properly validated/escaped, enabling XSS with admin privileges. Several ...

kernel: buffer overflow in ceph file net/ceph/messenger_v2.c

An flaw was found in net/ceph/messengerv2.c in the Linux Kernel. An integer signing error leads to a buffer overflow and remote code execution via HELLO or one of the AUTH frames. This issue occurs due to an untrusted length taken from a TCP packet in cephdecode32...

The vulnerability of the Red Hat Ansible configuration management system lies in the lack of protective measures for SQL query structures, allowing attackers to compromise the integrity and accessibility of protected information.

The vulnerability of the Red Hat Ansible configuration management system lies in the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to compromise the integrity and accessibility of the protected information by using the...

Cross site scripting

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Devaldi Ltd flowpaper plugin = 1.9.9 versions...

CVE-2023-32578

CVE-2023-32578 is a Stored XSS against Twinpictures Column-Matic plugin