CVE-2022-37144

The PlexTrac platform prior to API version 1.17.0 does not restrict excessive MFA TOTP submission attempts. An unauthenticated remote attacker in possession of a valid username and password can bruteforce their way past MFA protections to login as the targeted user...

Command Injection

libtinygltf is vulnerable to command injection. The vulnerability exists in the wordexp library function in tinygltf.h due to a lack of input sanitization allowing an attacker to inject and execute arbitrary codes via backticks...

Authentication Bypass

github.com/drakkan/sftpgo is vulnerable to authentication bypass attacks. The library authorizes recovery codes to be generated before enabling two-factor authentication which allows an attacker who knows the user's password to potentially generate some recovery codes and then bypass two-factor...

CVE-2022-36071

SFTPGo is configurable SFTP server with optional HTTP/S, FTP/S and WebDAV support. SFTPGo WebAdmin and WebClient support login using TOTP Time-based One Time Passwords as a secondary authentication factor. Because TOTPs are often configured on mobile devices that can be lost, stolen or damaged,...

Authentication flaw

SFTPGo is configurable SFTP server with optional HTTP/S, FTP/S and WebDAV support. SFTPGo WebAdmin and WebClient support login using TOTP Time-based One Time Passwords as a secondary authentication factor. Because TOTPs are often configured on mobile devices that can be lost, stolen or damaged,...

CVE-2022-36071 Recovery codes abuse in SFTPGo

SFTPGo is configurable SFTP server with optional HTTP/S, FTP/S and WebDAV support. SFTPGo WebAdmin and WebClient support login using TOTP Time-based One Time Passwords as a secondary authentication factor. Because TOTPs are often configured on mobile devices that can be lost, stolen or damaged,...

CVE-2022-36071 Recovery codes abuse in SFTPGo

SFTPGo is configurable SFTP server with optional HTTP/S, FTP/S and WebDAV support. SFTPGo WebAdmin and WebClient support login using TOTP Time-based One Time Passwords as a secondary authentication factor. Because TOTPs are often configured on mobile devices that can be lost, stolen or damaged,...

CVE-2022-36071

Vulnerability context (CVE-2022-36071): SFTPGo WebAdmin/WebClient allowed generation of recovery codes before two-factor authentication (2FA) was enabled, enabling an attacker who knew a user’s password to potentially generate recovery codes and bypass 2FA later. This affected versions 2.2.0 thro...

CVE-2022-36071 Recovery codes abuse in SFTPGo

SFTPGo is configurable SFTP server with optional HTTP/S, FTP/S and WebDAV support. SFTPGo WebAdmin and WebClient support login using TOTP Time-based One Time Passwords as a secondary authentication factor. Because TOTPs are often configured on mobile devices that can be lost, stolen or damaged,...

PT-2022-23159 · Sftpgo · Sftpgo

Name of the Vulnerable Software and Affected Versions: SFTPGo versions 2.2.0 through 2.3.3 Description: SFTPGo is a configurable SFTP server with optional HTTP/S, FTP/S, and WebDAV support. It supports login using TOTP Time-based One Time Passwords as a secondary authentication factor and also...

control code in cookie denial of service

When curl retrieves and parses cookies from an HTTPS server, it accepts cookies using control codes byte values below 32. When cookies that contain such control codes are later sent back to an HTTPS server, it might make the server return a 400 response. Effectively allowing a "sister site" to de...

curl 安全漏洞

curl is a tool for transferring data from or to a server. A security vulnerability exists in curl versions 4.9 through 7.84, which stems from the fact that when curl retrieves and parses a cookie from an HTTPS server, it accepts the cookie using a control code a value of less than 32 bytes, which...

WordPress Bitcoin Satoshi Tools plugin <= 1.7.0 - Unauthorized AJAX Call to Stored Cross-Site Scripting (XSS) vulnerability

Unauthorized AJAX Call to Stored Cross-Site Scripting XSS vulnerability discovered by Lana Codes in WordPress Bitcoin Satoshi Tools plugin versions = 1.7.0 Solution Deactivate and delete. This plugin has been closed as of August 29, 2022 and is not available for download. This closure is temporar...

UBUNTU-CVE-2022-35252

When curl is used to retrieve and parse cookies from a HTTPS server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings...

Inside the Shadow Evacuation of Kabul

In the last two weeks of the war, an ad hoc team armed with group chats, QR codes, and satellite maps launched a mad dash to save imperiled Afghan allies...

Playing Doom on a John Deere tractor with Sick Codes: Lock and Code S03E18

In 1993, the video game developers at id Software released Doom, a first-person shooter that placed a nameless protagonist into the fiery depths of hell, equipped with an arsenal of weapons to mow down imps, demons, lost souls, and the intimidating "Barons of Hell." In 2022, the hacker Sick Codes...

WordPress Better Delete Revision plugin <= 1.6.1 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability

Authenticated Reflected Cross-Site Scripting XSS vulnerability discovered by Lana Codes Patchstack Alliance in WordPress Better Delete Revision plugin versions = 1.6.1. Solution Deactivate and delete. This plugin has been closed as of August 26, 2022 and is not available for download. This closur...

ABB Zenon 路径遍历漏洞

ABB Zenon is a secure operational data management platform from ABB Switzerland. Easily connect machines, infrastructure and production assets. A security vulnerability exists in ABB Zenon version 8.20 and earlier, which stems from a relative path traversal vulnerability that allows a user to...

Exploit for Incorrect Conversion between Numeric Types in Apache Xalan-Java

Description Checks if CVE-2022-34169 is fixed on your machine...

CVE-2022-20321

In Settings, there is a possible way for an application without permissions to read content of WiFi QR codes due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product:...