Ubuntu 20.04 LTS : SSSD regression (USN-6156-2)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6156-2 advisory. USN-6156-1 fixed a vulnerability in SSSD. In certain environments, not all packages ended up being upgraded at the same time, resulting in authentication failures...

CVE-2023-21142

In multiple files, there is a possible way to access traces in the dev mode due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12...

CVE-2023-21142

In multiple files, there is a possible way to access traces in the dev mode due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12...

CVE-2023-21142

In multiple files, there is a possible way to access traces in the dev mode due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12...

Code Injection

nuxt is vulnerable to Code Injection. The vulnerability exists due to a lack of user input path validation in test-component-wrapper.ts which allows an attacker to inject and execute malicious code. Note that this vulnerability is only applicable if the server is ran on dev mode...

CVE-2023-21142

CVE-2023-21142 involves a permissions bypass that can allow access to traces in Android dev mode, causing local information disclosure without extra execution privileges. Affected products listed in sources include Android 11–13. Root cause centers on improper access controls for trace data in de...

PT-2023-17935

Name of the Vulnerable Software and Affected Versions Android versions Android-11 through Android-13 Description The issue allows access to traces in dev mode due to a permissions bypass, potentially leading to local information disclosure without requiring additional execution privileges. User...

CVE-2023-21142

In multiple files, there is a possible way to access traces in the dev mode due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12...

Sensitive Cookie Without Secure Flag

Description Access and login to the demo website: https://demo.openitcockpit.io/ Press F12 on your keyboard or right-click on the website to open dev-tool. At Application tab, choose Cookies and there are some sensitive cookies without Secure flag. CookieAuth, csrfToken Proof of Concept Link imag...

Sensitive Cookie Without HttpOnly Flag

Description Access and login to the demo website: https://demo.openitcockpit.io/ Press F12 on your keyboard or right-click on the website to open dev-tool. At Application tab, choose Cookies and there is CookieAuth sensitive cookie without HttpOnly flag. Proof of Concept Link image evidence:...

Debian DSA-5424-1 : php7.4 - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5424 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. The...

Debian DSA-5425-1 : php8.2 - security update

The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5425 advisory. It was discovered that PHP's implementation of SOAP HTTP Digest authentication performed insufficient error validation, which may result in a stack information leak or use...

GHSA-GC34-5V43-H7V8 nuxt Code Injection vulnerability

he Nuxt dev server between versions 3.4.0 and 3.4.3 is vulnerable to code injection when it is exposed publicly...

PT-2023-23680 · Nuxt · Nuxt

Name of the Vulnerable Software and Affected Versions: nuxt versions prior to 3.5.3 nuxt versions 3.4.0 through 3.4.3 Description: The issue concerns code injection in the Nuxt dev server. When the dev server is exposed publicly, it is vulnerable to code injection. This affects versions of nuxt...

Exploit for Improper Validation of Array Index in Linux Linux_Kernel

CVE-2023-2008 Proof of concept exploit for CVE-2023-2008, a b...

PT-2023-7049 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the macsec add dev function in the drivers/net/macsec.c module of the Linux kernel, which is associated with a double-free memory error. This could allow a remo...

(Pwn2Own) Apple macOS /dev/fd Race Condition Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the /dev/fd filesystem...

GHSA-353F-5XF4-QW67 Vite Server Options (server.fs.deny) can be bypassed using double forward-slash (//)

The issue involves a security vulnerability in Vite where the server options can be bypassed using a double forward slash //. This vulnerability poses a potential security risk as it can allow unauthorized access to sensitive directories and files. Steps to Fix. Update Vite: Ensure that you are...

Vite Server Options (server.fs.deny) can be bypassed using double forward-slash (//)

The issue involves a security vulnerability in Vite where the server options can be bypassed using a double forward slash //. This vulnerability poses a potential security risk as it can allow unauthorized access to sensitive directories and files. Steps to Fix. Update Vite: Ensure that you are...

Design/Logic Flaw

Vite provides frontend tooling. Prior to versions 2.9.16, 3.2.7, 4.0.5, 4.1.5, 4.2.3, and 4.3.9, Vite Server Options server.fs.deny can be bypassed using double forward-slash // allows any unauthenticated user to read file from the Vite root-path of the application including the default fs.deny...