168 matches found
GHSA-PR98-23F8-JWXV QOS.CH logback-core Expression Language Injection vulnerability
ACE vulnerability in JaninoEventEvaluator by QOS.CH logback-core up to and including version 1.5.12 in Java applications allows attackers to execute arbitrary code by compromising an existing logback configuration file or by injecting an environment variable before program execution. Malicious...
UBUNTU-CVE-2024-12798
ACE vulnerability in JaninoEventEvaluator by QOS.CH logback-core upto including version 0.1 to 1.3.14 and 1.4.0 to 1.5.12 in Java applications allows attacker to execute arbitrary code by compromising an existing logback configuration file or by injecting an environment variable before program...
ComfyUI_AceNodes 安全漏洞
ComfyUIAceNodes is a utility node for ComfyUI by Kaifeng Xu, a personal developer. A security vulnerability exists in ComfyUIAceNodes, which originates when the entry point function of the ACEExpressionEval node accepts arbitrary user-controlled data, which allows the user to create a workflow th...
Lack of unique constraint validation allows overwriting evaluators
Description The application allows the creation of evaluators without enforcing a unique constraint on the combination of projectId and slug. This allows an attacker to overwrite existing data by submitting a POST request with the same slug as an existing evaluator. Since the backend lacks databa...
Lack of proper access control on endpoint to delete evaluators
Description The /v1/evaluators/ route allows users to delete evaluators of a project by sending a DELETE request. However, the route lacks proper access control, such as middleware to ensure that only users with appropriate roles can delete evaluator data. The current implementation: Does not...
Decidim 跨站脚本漏洞
Decidim is an open source participatory democracy framework from Decidim, written in Ruby on Rails. A cross-site scripting vulnerability exists in Decidim versions 0.27.6 and earlier and 0.28.1 and earlier, which stems from a cross-site scripting attack in the administrator panel if an...
Citrix Virtual Apps and Desktop - Director and Monitor Service
Introduction This article is a summary of the top support articles related to Citrix Director. The most commonly used support articles and guides are below. Director is a monitoring and troubleshooting console for Citrix Virtual Apps and Desktops. Top Knowledge Content Troubleshooting Common...
PT-2024-14103 · Hertzbeat · Hertzbeat
Name of the Vulnerable Software and Affected Versions: Hertzbeat versions prior to 1.4.1 Description: Hertzbeat is a real-time monitoring system. In CalculateAlarm.java, AviatorEvaluator is used to directly execute the expression function, and no security policy is configured, resulting in...
CVE-2023-30692
Improper input validation vulnerability in Evaluator prior to SMR Oct-2023 Release 1 allows local attackers to launch privileged activities...
CVE-2023-30692
Improper input validation vulnerability in Evaluator prior to SMR Oct-2023 Release 1 allows local attackers to launch privileged activities...
Input validation
Improper input validation vulnerability in Evaluator prior to SMR Oct-2023 Release 1 allows local attackers to launch privileged activities...
CVE-2023-30692
Improper input validation vulnerability in Evaluator prior to SMR Oct-2023 Release 1 allows local attackers to launch privileged activities...
CVE-2023-30692
CVE-2023-30692 affects Samsung SMR Oct-2023 Release 1: Evaluator with improper input validation, enabling local attackers to launch privileged activities. Affected: Evaluator versions prior to SMR Oct-2023 Release 1. Impact: local privilege escalation; exploitation details are not provided in the...
CVE-2023-30692
Improper input validation vulnerability in Evaluator prior to SMR Oct-2023 Release 1 allows local attackers to launch privileged activities...
SAMSUNG Mobile devices security vulnerability
SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc. from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices SMR Oct-2023 Release 1 version, which stems from an incorrect input validation vulnerability ...
Medium: janino
Issue Overview: janino 3.1.9 and earlier are subject to denial of service DOS attacks when using the expression evaluator.guess parameter name method. If the parser runs on user-supplied input, an attacker could supply content that causes the parser to crash due to a stack overflow. CVE-2023-3354...
GHSA-WGVX-9RH5-4G4M Jenkins Benchmark Evaluator Plugin vulnerable to cross-site request forgery
Jenkins Benchmark Evaluator Plugin 1.0.1 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified URL and to check for the existence of directories, .csv, and .ycsb files on the...
GHSA-5G87-44P9-V4J7 Jenkins Benchmark Evaluator Plugin missing permission check
Jenkins Benchmark Evaluator Plugin 1.0.1 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified URL and to check for the existence of directories, .csv, and .ycsb files on the...
Jenkins Benchmark Evaluator Plugin vulnerable to cross-site request forgery
Jenkins Benchmark Evaluator Plugin 1.0.1 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified URL and to check for the existence of directories, .csv, and .ycsb files on the...
Jenkins Benchmark Evaluator Plugin missing permission check
Jenkins Benchmark Evaluator Plugin 1.0.1 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified URL and to check for the existence of directories, .csv, and .ycsb files on the...