Prototype Pollution

Overview querymen is a Querystring parser middleware for MongoDB, Express and Nodejs. Affected versions of this package are vulnerable to Prototype Pollution. The parameters of exported function handlertype, name, fn can be controlled by users without any sanitization. This could be abused for...

WAGO PFC100 and PFC200 Information Disclosure Vulnerability

The WAGO PFC 200 and WAGO PFC 100 are both programmable logic controllers PLCs from WAGO Germany. A security vulnerability exists in the Web-Based Management authentication feature in the WAGO PFC200 versions 03.00.3912 and 03.01.0713 and the WAGO PFC100 version 03.00.3912. The vulnerability can ...

CVE-2019-5134

An exploitable regular expression without anchors vulnerability exists in the Web-Based Management WBM authentication functionality of WAGO PFC200 versions 03.00.3912 and 03.01.0713, and WAGO PFC100 version 03.00.3912. A specially crafted authentication request can bypass regular expression...

Design/Logic Flaw

An exploitable regular expression without anchors vulnerability exists in the Web-Based Management WBM authentication functionality of WAGO PFC200 versions 03.00.3912 and 03.01.0713, and WAGO PFC100 version 03.00.3912. A specially crafted authentication request can bypass regular expression...

CVE-2019-5134

An exploitable regular expression without anchors vulnerability exists in the Web-Based Management WBM authentication functionality of WAGO PFC200 versions 03.00.3912 and 03.01.0713, and WAGO PFC100 version 03.00.3912. A specially crafted authentication request can bypass regular expression...

CVE-2019-5134

The CVE-2019-5134 issue affects WAGO PFC100/PFC200 Web-Based Management, where an exploitable regular-expression without anchors in the PasswordCorrect() path allows bypass of authentication filters. A crafted request can trigger a timing/disclosure vulnerability that may reveal or help reveal pa...

Arbitrary Code Execution

Overview fun-map is a functional utilities for pretending that JS objects are Clojure string maps. Affected versions of this package are vulnerable to Arbitrary Code Execution. The injection point is located in line 26 in the index file class.js; the members argument of the create function can be...

WAGO PFC100/200 Web-Based Management (WBM) Authentication Regex Information Disclosure Vulnerability

Summary An exploitable regular expression without anchors vulnerability exists in the Web-Based Management WBM authentication functionality of WAGO PFC100/200 controllers. A specially crafted authentication request can bypass regular expression filters, resulting in sensitive information...

Information Disclosure

parse-server is vulnerable to information disclosure. An insecure regular expression parsing of the sessionToken and token$regex variables allows an attacker to discover and retrieve valid accounts, or verify and reset another user's account...

HPE Intelligent Management Center Remote Code Execution (CVE-2019-5386)

An Expression Language injection vulnerability exists in HPE Intelligent Management Center. This vulnerability is due to insufficient handling of the beanName request parameter by the ViewBatchTaskResultDetailBean class. A remote, authenticated attacker can exploit this vulnerability by sending a...

HPE Intelligent Management Center Remote Code Execution (CVE-2019-5370)

An expression language injection vulnerability exists in HPE Intelligent Management Center. This vulnerability is due to insufficient handling of the beanName request parameter by the IctTableExportToCSVBean class...

HPE Intelligent Management Center Remote Code Execution (CVE-2019-11943)

An expression language injection vulnerability exists in HPE Intelligent Management Center. This vulnerability is due to insufficient handling of the beanName request parameter by the SoapConfigBean class. Successful exploitation results in the execution of arbitrary code under the security conte...

Prototype Pollution

Overview vega-util is a JavaScript utilities package for Vega. Affected versions of this package are vulnerable to Prototype Pollution. The vega.mergeConfig method within vega-util could be tricked into adding or modifying properties of Object.prototype. PoC by Snyk var util = require'vega-util'...

SUSE-SU-2020:0557-1 Security update for python36

This update for python36 fixes the following issues: Security issues fixed: - CVE-2019-9674: Improved the documentation to reflect the dangers of zip-bombs bsc1162825. - CVE-2020-8492: Fixed a regular expression in urrlib that was prone to denial of service via HTTP bsc1162367. Non-security issue...

OPENSUSE-SU-2020:0274-1 Security update for python3

This update for python3 fixes the following issues: Security issues fixed: - CVE-2019-9674: Improved the documentation to reflect the dangers of zip-bombs bsc1162825. - CVE-2020-8492: Fixed a regular expression in urrlib that was prone to denial of service via HTTP bsc1162367. Non-security issue...

SUSE SLED15 / SLES15 Security Update : python (SUSE-SU-2020:0510-1)

This update for python fixes the following issues : Security issues fixed : CVE-2019-9674: Improved the documentation, warning about dangers of zip-bombs bsc1162825. CVE-2020-8492: Fixed a regular expression in urrlib that was prone to denial of service via HTTP bsc1162367. Note that Tenable...

Server-Side Template Injection

dropwizard-validation is vulnerable to server-side template injection. The vulnerability exists as ViolationCollector does not sanitize Java Expression Language EL expressions and accepts malicious Java EL expressions to be passed into the server-side template in the self-validating feature,...

CVE-2020-5245

Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature. The issue has been fixed in...

CVE-2020-5245

Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature. The issue has been fixed in...

Security feature bypass

Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature. The issue has been fixed in...