Arbitrary File Write

MindsDB is vulnerable to Arbitrary File Write. The vulnerability exists due to an unsafe extraction process in file.py which does not ensure relative file paths are escaped allowing an attacker to write arbitrary files outside the expected directory...

Multiplier must be capped to prevent expected payout exceeding ticket price

Lines of code Vulnerability details Impact Expected payout may be greater than ticket price, bankrupting the lottery. Proof of Concept ticketsSold determines the multiplier to be used when calculating non jackpot rewards LotteryMath.solL84: bonusMulti += excessPot EXCESSBONUSALLOCATION /...

NetScaler HTTP-ECV monitor probe fails and returns "404 Not Found" response code

The HTTP-ECV monitor fails and returns the 404 Not Found response code. For example, a monitor of the HTTP-ECV type was configured to monitor the status of a backend server using the following as the expected response string: "Response is Successful." The status of the related service was marked ...

GHSA-5X84-Q523-VVWR nosurf vulnerable to improper input validation

Due to improper validation of caller input, validation is silently disabled if the provided expected token is malformed, causing any user supplied token to be considered valid...

nosurf vulnerable to improper input validation

Due to improper validation of caller input, validation is silently disabled if the provided expected token is malformed, causing any user supplied token to be considered valid...

CVE-2020-36564

Due to improper validation of caller input, validation is silently disabled if the provided expected token is malformed, causing any user supplied token to be considered valid...

Input validation

Due to improper validation of caller input, validation is silently disabled if the provided expected token is malformed, causing any user supplied token to be considered valid...

Google Pixel 缓冲区错误漏洞

Google Pixel is a smartphone from the American company Google Google. Google Pixel has a security vulnerability. No information about this vulnerability is available at this time, so stay tuned to CNNVD or the manufacturer's announcement...

PT-2022-27526 · Apache · Apache Hama

Name of the Vulnerable Software and Affected Versions: Apache Hama affected versions not specified Description: The issue is related to missing input validation in Apache Hama, which may cause information disclosure through path traversal and cross-site scripting XSS. Since Apache Hama is...

Putting a word in quotes and having the > character in the summary allows scripts to execute

h3. Issue Summary If you have a summary with a word in double quotes, similar to "Something" and have the character. Then you can execute actions through tags in the summary This is reproducible on Data Center: Yes h3. Steps to Reproduce This can be reproduced when editing and creating an issue...

Divide before multiply may create unexpected values on interests

Lines of code Vulnerability details Divide before multiply may create unexpected values on interests Impact Solidity integer division might truncate. As a result, performing divide before multiply can sometimes create loss of precision. Details If for example we have an operation: 2/33 The expect...

Security Bulletin: Vulnerabilities in PostgreSQL, Node.js, and Data Tables from Spry Media may affect IBM Spectrum Protect Plus

Summary Vulnerabilities in PostgreSQL, Node.js, and Data Tables from Spry Media such as SQL injection, HTTP request smuggling, cross-site scripting, bypass of security restrictions, and weaker than expected security, may affect IBM Spectrum Protect Plus. Vulnerability Details CVEID: CVE-2021-2321...

CVE-2021-34731

A vulnerability in the web-based management interface of Cisco Prime Access Registrar could allow an authenticated, remote attacker to perform a stored cross-site scripting attack on an affected system. This vulnerability exists because the web-based management interface does not sufficiently...

CVE-2021-1832

Copied files may not have the expected file permissions. This issue is fixed in Security Update 2021-002 Catalina, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. The issue was addressed with improved permissions logic...

net/netfilter/nf_conntrack_standalone.c in the Linux kernel before 5.12.2 allows observation of changes in any net namespace because these changes are leaked into all other net namespaces. This is related to the NF_SYSCTL_CT_MAX NF_SYSCTL_CT_EXPECT_MAX and NF_SYSCTL_CT_BUCKETS sysctls.

...

PT-2021-12079 · Github.Com/Justinas/Nosurf +3 · Github.Com/Justinas/Nosurf +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue arises due to improper validation of caller input. If the provided expected token is malformed, validation is silently disabled, causing any...

CVE-2020-27260

Innokas Yhtymä Oy Vital Signs Monitor VC150 prior to Version 1.7.15 HL7 v2.x injection vulnerabilities exist in the affected products that allow physically proximate attackers with a connected barcode reader to inject HL7 v2.x segments into specific HL7 v2.x messages via multiple expected...

SUSE SLED15 / SLES15 Security Update : java-11-openjdk (SUSE-SU-2020:2143-1)

This update for java-11-openjdk fixes the following issues : Update to upstream tag jdk-11.0.8+10 July 2020 CPU, bsc1174157 - Security fixes : + JDK-8230613: Better ASCII conversions + JDK-8231800: Better listing of arrays + JDK-8232014: Expand DTD support + JDK-8233234: Better Zip Naming +...

Opening 404 page (page not found) without user session will open 404 page instead of opening login page.

h3. Issue Summary Opening a random page on Crowd with a user that is not authenticated will display "Page not found" 404 page instead of the login page. h3. Steps to Reproduce Make sure you are not logged in. Try to open BaseURL/ABC h3. Expected Results As you do not have session information you...

Metasploit Reverse Session Takeover Vulnerability

Exploit for multiple platform in category local exploits Exploit Title: Metasploit Reverse Session Takeover Exploit Author: Social Engineering Neo - @EngineeringNeo Software Link: https://www.metasploit.com/download Version: Metasploit Pro v4.17.67-dev Tested on: Linux & Windows Metasploit Revers...