spring-boot-admin 代码注入漏洞

spring-boot-admin is an open source based on Spring boot Mybatis backend management system , with user management , menu management and role management 3 functions , permission control to the button level . A code injection vulnerability exists in spring-boot-admin versions prior to 2.6.10 and...

CVE-2022-46162 Discourse BBCode plugin vulnerable to arbitrary CSS injection

discourse-bbcode is the official BBCode plugin for Discourse. Prior to commit 91478f5, CSS injection can occur when rendering content generated with the discourse-bccode plugin. This vulnerability only affects sites which have the discourse-bbcode plugin installed and enabled. This issue is patch...

SUSE-SU-2022:4260-1 Security update for busybox

This update for busybox fixes the following issues: - CVE-2014-9645: Fixed loading of unwanted module with / in module names bsc914660. - Enable switchroot With this change virtme --force-initramfs works as expected. - Enable udhcpc Update to 1.35.0: - awk: fix printf %%, fix read beyond end of...

Arbitrary Command Execution

Overview Affected versions of this package are vulnerable to Arbitrary Command Execution via the customGitFetch feature, which is enabled by default. Remediation Upgrade github.com/sourcegraph/sourcegraph-public-snapshot/cmd/gitserver/server to version 4.1.0 or higher. References - GitHub Commit ...

CVE-2022-40129

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 12.0.1.12430. A specially-crafted PDF document can trigger the reuse of previously freed memory via misusing Optional Content Group API, which can lead to arbitrary code execution. An attacker...

CVE-2022-37332

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 12.0.1.12430. A specially-crafted PDF document can trigger the reuse of previously freed memory via misusing media player API, which can lead to arbitrary code execution. An attacker needs to...

CVE-2022-45163

An information-disclosure vulnerability exists on select NXP devices when configured in Serial Download Protocol SDP mode: i.MX RT 1010, i.MX RT 1015, i.MX RT 1020, i.MX RT 1050, i.MX RT 1060, i.MX 6 Family, i.MX 7Dual/Solo, i.MX 7ULP, i.MX 8M Quad, i.MX 8M Mini, and Vybrid. In a device...

Information disclosure

An information-disclosure vulnerability exists on select NXP devices when configured in Serial Download Protocol SDP mode: i.MX RT 1010, i.MX RT 1015, i.MX RT 1020, i.MX RT 1050, i.MX RT 1060, i.MX 6 Family, i.MX 7Dual/Solo, i.MX 7ULP, i.MX 8M Quad, i.MX 8M Mini, and Vybrid. In a device...

foreman: foreman: OAuth secret exposure via unauthenticated access to the GraphQL API

A disclosure of sensitive information flaw was found in foreman via the GraphQL API. If the introspection feature is enabled, it is possible for attackers to retrieve sensitive admin authentication keys which could result in a compromise of the entire product's API...

FreeBSD : krb5 -- Integer overflow vulnerabilities in PAC parsing (094e4a5b-6511-11ed-8c5e-206a8a720317)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 094e4a5b-6511-11ed-8c5e-206a8a720317 advisory. - The Kerberos libraries used by Samba provide a mechanism for authenticating a user or service by mean...

PT-2022-35166 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.3 Description: The issue is related to the thunderbolt net functionality in the Linux Kernel, where DMA paths are enabled before rings are enabled. This could potentially lead to security vulnerabilities,...

8x8: Directory Listing at https://█.█.█.█

@shuvam321 reported to us an enabled Directory Listing at https://█.█.█.█/cobbler/ & https://█.█.█.█/cblr/. The directories exposed open source files related to the Spacewalk project. The server instance was initially installed as a preview of a Spacewalk. No sensitive information had been...

GHSA-5M7G-PJ8W-7593 Vela Insecure Defaults

Impact Some current default configurations for Vela allow exploitation and container breakouts. Default Privileged Images Running Vela plugins as privileged Docker containers allows a malicious user to easily break out of the container and gain access to the worker host operating system. On a fre...

kernel: scsi: lpfc: Fix call trace observed during I/O with CMF enabled

A vulnerability has been identified in the lpfc module within the Linux kernel. This flaw occurs because the driver attempts to access per-CPU data from a preemptible context using an incorrect function. This improper handling of critical data can lead to system instability and result in a...

CVE-2022-33187 : Brocade SANnav before v2.2.1 logs usernames and encoded passwords in debug-enabled logs

Brocade SANnav before v2.2.1 logs usernames and encoded passwords in debug-enabled logs. The vulnerability could allow an attacker with admin privilege to read sensitive information. Products Affected Brocade SANnav versions before v2.2.1 Products Confirmed Not Affected No other Brocade Fibre...

CVE-2022-41214

CVE-2022-41214 affects SAP NetWeaver Application Server ABAP and ABAP Platform. The root cause, as described across multiple sources, is insufficient input validation that enables a user with high privileges to invoke a remote-enabled function to delete a file that would normally be restricted. S...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow if callback functions are enabled via the WOLFSSLCALLBACKS flag. A malicious TLS 1.3 client or network attacker can trigger a buffer over-read on the heap of 5 bytes. Note: WOLFSSLCALLBACKS is only intended fo...

DEBIAN-CVE-2022-42905

In wolfSSL before 5.5.2, if callback functions are enabled via the WOLFSSLCALLBACKS flag, then a malicious TLS 1.3 client or network attacker can trigger a buffer over-read on the heap of 5 bytes. WOLFSSLCALLBACKS is only intended for debugging...

[Important] [Security] Virtuozzo ReadyKernel patch 148.0 for Virtuozzo Hybrid Server 7.5

The cumulative Virtuozzo ReadyKernel patch was updated with security fixes. The patch applies to all supported kernels of Virtuozzo Hybrid Server 7.5. Vulnerability id: PSBM-141577 3.10.0-1160.21.1.vz7.174.13 to 3.10.0-1160.53.1.vz7.185.3 Potential deadlock when lazytime-enabled mounted ploop is...

ORing Net IAP-420+ 安全漏洞

The ORing Net IAP-420+ is a wireless access point from China Power ORing. A security vulnerability exists in the ORing Net IAP-420+ version 2.0m, which stems from a telnet server that is enabled by default and cannot be permanently disabled, which can be used to connect to the device and obtain a...