BIT-GITLAB-2024-4660 Missing Authorization in GitLab

An issue has been discovered in GitLab EE affecting all versions starting from 11.2 before 17.1.7, all versions starting from 17.2 before 17.2.5, all versions starting from 17.3 before 17.3.2. It was possible for a guest to read the source code of a private project by using group templates...

PT-2024-07: Reading arbitrary files via API in PT Application Inspector (PT AI)

The vulnerability was identified in PT AI affecting versions 4.3.1 to 4.7.2. The vulnerability can be exploited by an attacker with network access to the PT AI control server to read source code files of other user's projects. The vulnerability can be exploited for privilege escalation...

CVE-2024-21913 Rockwell Automation Arena Simulation Vulnerable To Memory Corruption

A heap-based memory buffer overflow vulnerability in Rockwell Automation Arena Simulation software could potentially allow a malicious user to insert unauthorized code into the software by overstepping the memory boundaries, which triggers an access violation. Once inside, the threat actor can ru...

GHSA-6V6W-H8M6-7MV2 Apache Airflow: DAG Code and Import Error Permissions Ignored

Apache Airflow, versions before 2.8.2, has a vulnerability that allows authenticated users to view DAG code and import errors of DAGs they do not have permission to view through the API and the UI. Users of Apache Airflow are recommended to upgrade to version 2.8.2 or newer to mitigate the risk...

MachineSense FeverWarn Access Control Error Vulnerability

MachineSense FeverWarn is a temperature detection device from MachineSense. MachineSense FeverWarn suffers from an access control error vulnerability. An attacker could exploit the vulnerability to view source code, secret credentials, and more...

Improper Authorization

apache-airflow is vulnerable to Improper Authorization. The vulnerability is due to missing access control check while accessing DAG code. An authenticated user can access source code of DAG to which they don't have access to...

Apache Airflow: Bypass permission verification to read code of other dags

Apache Airflow, versions before 2.8.1, have a vulnerability that allows an authenticated user to access the source code of a DAG to which they don't have access. This vulnerability is considered low since it requires an authenticated user to exploit it. Users are recommended to upgrade to version...

CVE-2023-50944

Apache Airflow, versions before 2.8.1, have a vulnerability that allows an authenticated user to access the source code of a DAG to which they don't have access. This vulnerability is considered low since it requires an authenticated user to exploit it. Users are recommended to upgrade to version...

Russian SVR-Linked APT29 Targets JetBrains TeamCity Servers in Ongoing Attacks

Threat actors affiliated with the Russian Foreign Intelligence Service SVR have targeted unpatched JetBrains TeamCity servers in widespread attacks since September 2023. The activity has been tied to a nation-state group known as APT29, which is also tracked as BlueBravo, Cloaked Ursa, Cozy Bear,...

IBM Security Verify Governance Security Breach

IBM Security Verify Governance is an intelligent identity access platform from International Business Machines IBM, Inc. provides organizations with a platform to analyze, define and control user access and access risk. A security vulnerability exists in IBM Security Verify Governance version 10....

EulerOS Virtualization 2.11.1 : libarchive (EulerOS-SA-2023-2045)

According to the versions of the libarchive package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL...

Harmonic NSG 9000-6G 安全漏洞

The Harmonic NSG 9000-6G is a highly integrated digital video solution from Harmonic. A security vulnerability exists in the Harmonic NSG 9000-6G that originates from a remote user being able to obtain source code by directly requesting a special path...

CVE-2023-33477

In Harmonic NSG 9000-6G devices, an authenticated remote user can obtain source code by directly requesting a special path...

PT-2023-9258

Name of the Vulnerable Software and Affected Versions Gogs versions through 0.13.0 Description The issue is related to argument injection during the previewing of changes, which can allow a remote attacker to execute arbitrary commands. Unprivileged user accounts can write to arbitrary files on t...

SUSE CVE-2016-4002

Buffer overflow in the mipsnetreceive function in hw/net/mipsnet.c in QEMU, when the guest NIC is configured to accept large packets, allows remote attackers to cause a denial of service memory corruption and QEMU crash or possibly execute arbitrary code via a packet larger than 1514 bytes...

CVE-2022-41479

The DevExpress Resource Handler ASPxHttpHandlerModule in DevExpress ASP.NET Web Forms Build v19.2.3 does not verify the referenced objects in the /DXR.axd?r= HTTP GET parameter. This leads to an Insecure Direct Object References IDOR vulnerability which allows attackers to access the application...

DevExpress ASP.NET Web Forms 安全漏洞

DevExpress ASP.NET Web Forms is a Web Forms control from DevExpress, USA. A security vulnerability exists in DevExpress ASP.NET Web Forms Build v19.2.3. An attacker can exploit the vulnerability to gain access to the application's source code...

CVE-2022-41479

CVE-2022-41479 affects DevExpress ASP.NET Web Forms Build v19.2.3. The DevExpress Resource Handler (ASPxHttpHandlerModule) does not verify objects referenced by the /DXR.axd?r= HTTP GET parameter, causing an Insecure Direct Object References (IDOR) that can expose the application source code (ven...

GHSA-CR6P-23CF-W9G9 UnsafeAccessor 1.4.0 until 1.7.0 has no security checking for UnsafeAccess.getInstance()

Overview Affected versions have no limit to using unsafe-accessor. Can be ignored if SecurityCheck.AccessLimiter not setup Details If UA was loaded as a named module, the internal data of UA will be protected by JVM and others can only access UA via UA's standard api. Main application can setup...

CVE-2022-31139 No security checking for UnsafeAccess.getInstance() in UnsafeAccessor

UnsafeAccessor UA is a bridge to access jdk.internal.misc.Unsafe & sun.misc.Unsafe. Normally, if UA is loaded as a named module, the internal data of UA is protected by JVM and others can only access UA via UA's standard API. The main application can set up SecurityCheck.AccessLimiter for UA to...