4422 matches found
Design/Logic Flaw
An arbitrary file upload vulnerability in the file upload module of Ghost CMS v4.42.0 allows attackers to execute arbitrary code via a crafted file. NOTE: Vendor states as detailed in Ghost's security documentation, files can only be uploaded and published by trusted users, this is intentional...
Remote code execution
DISPUTED An arbitrary file upload vulnerability in the file upload module of Ghost v4.39.0 allows attackers to execute arbitrary code via a crafted SVG file. NOTE: Vendor states that as outlined in Ghost's security documentation, upload of SVGs is only possible by trusted authenticated users. The...
CVE-2022-28397
An arbitrary file upload vulnerability in the file upload module of Ghost CMS v4.42.0 allows attackers to execute arbitrary code via a crafted file. NOTE: Vendor states as detailed in Ghost's security documentation, files can only be uploaded and published by trusted users, this is intentional...
CVE-2022-27139
An arbitrary file upload vulnerability in the file upload module of Ghost v4.39.0 allows attackers to execute arbitrary code via a crafted SVG file. NOTE: Vendor states that as outlined in Ghost's security documentation, upload of SVGs is only possible by trusted authenticated users. The uploadin...
Security Bulletin: Operations Dashboard is vulnerable to Go CVE-2022-23773
Summary Operations Dashboard is vulnerable to Go CVE-2022-23773 with details below Vulnerability Details CVEID: CVE-2022-23773 DESCRIPTION: An unspecified error with not treating branches with semantic-version names as releases in cmd/go in Golang Go has an unknown impact and attack vector. CVSS...
GHSA-29F8-Q7MF-7CQJ Logic error in Apache Pinot
In 0.9.3 or older versions of Apache Pinot segment upload path allowed segment directories to be imported into pinot tables. In pinot installations that allow open access to the controller a specially crafted request can potentially be exploited to cause disruption in pinot service. Pinot release...
[SECURITY] Fedora 35 Update: python-pillow-8.3.2-3.fc35
Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt, devel developmen...
UBUNTU-CVE-2022-1185
A denial of service vulnerability when rendering RDoc files in GitLab CE/EE versions 10 to 14.7.7, 14.8.0 to 14.8.5, and 14.9.0 to 14.9.2 allows an attacker to crash the GitLab web application with a maliciously crafted RDoc file...
CVE-2022-24191
In HTMLDOC 1.9.14, an infinite loop in the gifreadlzw function can lead to a pointer arbitrarily pointing to heap memory and resulting in a buffer overflow...
PT-2022-16532 · Htmldoc +5 · Htmldoc +5
Name of the Vulnerable Software and Affected Versions: HTMLDOC version 1.9.14 Description: The issue is caused by an infinite loop in the gif read lzw function, which can lead to a pointer arbitrarily pointing to heap memory, resulting in a buffer overflow. Recommendations: For HTMLDOC version...
USN-5344-1 libdbd-mysql-perl vulnerabilities
It was discovered that the DBD::mysql module, when configured with server-side prepared statement support, was susceptible to operations that would result in improper memory access. An attacker could possibly use this issue to cause DBD::mysql to crash, resulting in a denial of service...
Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring instances may be vulnerable to denial of service due to CVE-2022-21680
Summary Node.js module marked is used by IBM App Connect Enterprise Certified Container when creating an API-based Designer flow. IBM App Connect Enterprise Certified Container DesignerAuthoring instances may be vulnerable to regular expression denial of service. This bulletin provides patch...
Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationServers that use Designer flows may be vulnerable to loss of confidentiality due to CVE-2022-24772
Summary Node.js module node-forge is used by IBM App Connect Enterprise Certified Container by the connectors in a Designer flow to communicate with the connected SaaS application. IBM App Connect Enterprise Certified Container IntegrationServers that run Designer flows containing connectors may ...
Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationServers that use Designer flows may be vulnerable to loss of confidentiality due to CVE-2022-24771
Summary Node.js module node-forge is used by IBM App Connect Enterprise Certified Container by the connectors in a Designer flow to communicate with the connected SaaS application. IBM App Connect Enterprise Certified Container IntegrationServers that run Designer flows containing connectors may ...
Security Bulletin: IBM App Connect Enterprise Certified Container may be vulnerable to HTTP request smuggling due to CVE-2021-22960
Summary Node.js is used by IBM App Connect Enterprise Certified Container for running, authoring and managing flows. All IBM App Connect Enterprise Certified Container operands may be vulnerable to CVE-2021-22960. This bulletin provides patch information to address the reported vulnerability...
Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationServers that use Designer flows may be vulnerable to loss of confidentiality due to CVE-2022-24773
Summary Node.js module node-forge is used by IBM App Connect Enterprise Certified Container by the connectors in a Designer flow to communicate with the connected SaaS application. IBM App Connect Enterprise Certified Container IntegrationServers that run Designer flows containing connectors may ...
Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in XStream
Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of XStream. Vulnerability Details CVEID: CVE-2021-43859 DESCRIPTION: XStream is vulnerable to a denial of service, caused by improper input validation. By injecting highly recursive collections or maps, a remote...
Citrix Endpoint Management (aka XenMobile Server) 10.14.0 Rolling Patch 5
Package name: xms10.14.0.10521.bin For: XenMobile Server 10.14.0 Deployment type: On-premises only Replaces: xms10.14.0.10424.bin, xms10.14.0.10303.bin, xms10.14.0.10206.bin, and xms10.14.0.10118.bin Date: March 2022 Languages supported: English US Important notes about this update As a best...
Ostorlab - A Security Scanning Platform That Enables Running Complex Security Scanning Tasks Involving Multiple Tools In An Easy, Scalable And Distributed Way
The Sales Pitch If this is the first time you are visiting the Ostorlab Github page, here is the sales pitch. Security testing requires often chaining tools together, taking the output from one, mangling it, filtering it and then pushing it to another tool. Several tools have tried to make the...
Fedora: Security Advisory for flac (FEDORA-2022-ee96acc54f)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...