CVE-2024-41119

streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the visparams variable on line 80 in 8🏜️RasterDataVisualization.py takes user input, which is later used in the eval function on line 86, leading to remote code...

CVE-2024-41119

The CVE-2024-41119 entry concerns streamlit-geospatial. Affected component: the page 8_🏜️_Raster_Data_Visualization.py where the vis_params parameter accepts user input that is later used in eval(), enabling remote code execution prior to the fix (commit c4f81d9616d40c60584e36abb15300853a66e489). ...

CVE-2024-41115 Remote code execution in streamlit geospatial in pages/1_📷_Timelapse.py MODIS Ocean Color SMI option palette

streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the palette variable on line 488 in pages/1📷Timelapse.py takes user input, which is later used in the eval function on line 493, leading to remote code executio...

CVE-2024-41114 Remote code execution in streamlit geospatial in pages/1_📷_Timelapse.py MODIS Gap filled Land Surface Temperature Daily option

streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the palette variable on line 430 in pages/1📷Timelapse.py takes user input, which is later used in the eval function on line 435, leading to remote code executio...

PT-2024-29273 · Unknown · Streamlit-Geospatial

Name of the Vulnerable Software and Affected Versions: streamlit-geospatial versions prior to commit c4f81d9616d40c60584e36abb15300853a66e489 Description: The issue concerns the use of user input in the vis params variable, which is later executed by the eval function, leading to remote code...

CVE-2024-36903

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix potential uninit-value access in ip6makeskb As it was done in commit fc1092f51567 "ipv4: Fix uninit-value access in ipmakeskb" for IPv4, check FLOWIFLAGKNOWNNH on fl6-flowi6flags instead of testing HDRINCL on the socket...

CVE-2023-52874 x86/tdx: Zero out the missing RSI in TDX_HYPERCALL macro

In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Zero out the missing RSI in TDXHYPERCALL macro In the TDXHYPERCALL asm, after the TDCALL instruction returns from the untrusted VMM, the registers that the TDX guest shares to the VMM need to be cleared to avoid...

SUSE CVE-2024-30268

Cacti provides an operational monitoring and fault management framework. A reflected cross-site scripting vulnerability on the 1.3.x DEV branch allows attackers to obtain cookies of administrator and other users and fake their login using obtained cookies. This issue is fixed in commit...

PT-2024-20302 · Gnuboard · Gnuboard

Name of the Vulnerable Software and Affected Versions: Gnuboard g6 versions prior to the version including commit c2cc1f5069e00491ea48618d957332d90f6d40e4 Description: The issue concerns a Cross Site Scripting XSS problem. It is related to the board.py file. Recommendations: For Gnuboard g6...

BIT-TENSORFLOW-2021-29599 Division by zero in TFLite's implementation of `Split`

TensorFlow is an end-to-end open source platform for machine learning. The implementation of the Split TFLite operator is vulnerable to a division by zero errorhttps://github.com/tensorflow/tensorflow/blob/e2752089ef7ce9bcf3db0ec618ebd23ea119d0c7/tensorflow/lite/kernels/split.ccL63-L65. An attack...

DEBIAN-CVE-2023-48234

Vim is an open source command line text editor. When getting the count for a normal mode z command, it may overflow for large counts given. Impact is low, user interaction is required and a crash may not even happen in all situations. This issue has been addressed in commit 58f9befca1 which has...

CVE-2023-48233

Vim is an open source command line text editor. If the count after the :s command is larger than what fits into a signed long variable, abort with evaluetoolarge. Impact is low, user interaction is required and a crash may not even happen in all situations. This issue has been addressed in commit...

PT-2023-30463 · FFmpeg · Ffmpeg

Name of the Vulnerable Software and Affected Versions: Ffmpeg versions before github commit 4565747056a11356210ed8edcecb920105e40b60 Description: The issue allows a remote attacker to achieve an out-of-array write, execute arbitrary code, and cause a denial of service DoS via the ref pic list...

UBUNTU-CVE-2023-42821

The package github.com/gomarkdown/markdown is a Go library for parsing Markdown text and rendering as HTML. Prior to pseudoversion 0.0.0-20230922105210-14b16010c2ee, which corresponds with commit 14b16010c2ee7ff33a940a541d993bd043a88940, parsing malformed markdown input with parser that uses...

Sql injection

social-media-skeleton is an uncompleted social media project. A SQL injection vulnerability in the project allows UNION based injections, which indirectly leads to remote code execution. Commit 3cabdd35c3d874608883c9eaf9bf69b2014d25c1 contains a fix for this issue...

CVE-2023-39344 social-media-skeleton vulnerable to Pre-Auth SQLi leading to RCE

social-media-skeleton is an uncompleted social media project. A SQL injection vulnerability in the project allows UNION based injections, which indirectly leads to remote code execution. Commit 3cabdd35c3d874608883c9eaf9bf69b2014d25c1 contains a fix for this issue...

CVE-2023-34249 benjjvi/PyBB may send unsanitized request to SQL database

benjjvi/PyBB is an open source bulletin board. Prior to commit dcaeccd37198ecd3e41ea766d1099354b60d69c2, benjjvi/PyBB is vulnerable to SQL Injection. This vulnerability has been fixed as of commit dcaeccd37198ecd3e41ea766d1099354b60d69c2. As a workaround, a user may be able to update the software...

GHSA-9GXX-32P7-FF7M Modoboa has Weak Password Requirements

Modoboa 2.0.5 and prior allows users to set unsafe passwords, such as 1 or HACK. This issue is fixed in commit 130257c96a2392ada795785a91178e656e27015c and is part of version 2.1.0...

CVE-2023-28109 Play With Docker vulnerable to Authorization Bypass Through User-Controlled Key

Play With Docker is a browser-based Docker playground. Versions 0.0.2 and prior are vulnerable to domain hijacking. Because CORS configuration was not correct, an attacker could use play-with-docker.com as an example and set the origin header in an http request as evil-play-with-docker.com. The...

SUSE CVE-2018-1000028

Linux kernel version after commit bdcf0a423ea1 - 4.15-rc4+, 4.14.8+, 4.9.76+, 4.4.111+ contains a Incorrect Access Control vulnerability in NFS server nfsd that can result in remote users reading or writing files they should not be able to via NFS. This attack appear to be exploitable via NFS...