4172 matches found
Audiobookshelf Code Issue Vulnerability
Audiobookshelf is a self-hosted audiobook and podcast server from audiobookshelf open source. A code issue vulnerability exists in Audiobookshelf 2.4.3 and earlier versions, which stems from the ability of a user with updated privileges to read arbitrary files, delete arbitrary files, and send a...
SSRF & Credentials Leak
Summary nuxt-api-party allows developers to proxy requests to an API without exposing credentials to the client. A previous vulnerability allowed an attacker to change the baseURL of the request, potentially leading to credentials being leaked or SSRF. This vulnerability is similar, and was cause...
GHSA-3WFP-253J-5JXV SSRF & Credentials Leak
Summary nuxt-api-party allows developers to proxy requests to an API without exposing credentials to the client. A previous vulnerability allowed an attacker to change the baseURL of the request, potentially leading to credentials being leaked or SSRF. This vulnerability is similar, and was cause...
Html5 Video Player < 2.5.19 - Subscriber+ Stored XSS
Description The plugin does not sanitise and escape some of its player settings, which combined with missing capability checks around the plugin could allow any authenticated users, such as low as subscribers to perform Stored Cross-Site Scripting attacks against high privilege users like admins...
SUSE CVE-2023-45285
Using go get to fetch a module with the ".git" suffix may unexpectedly fallback to the insecure "git://" protocol if the module is unavailable via the secure "https://" and "git+ssh://" protocols, even if GOINSECURE is not set for said module. This only affects users who are not using the module...
AZL-32101 CVE-2023-45285 affecting package golang for versions less than 1.21.6-1
Using go get to fetch a module with the ".git" suffix may unexpectedly fallback to the insecure "git://" protocol if the module is unavailable via the secure "https://" and "git+ssh://" protocols, even if GOINSECURE is not set for said module. This only affects users who are not using the module...
AZL-32103 CVE-2023-45285 affecting package msft-golang for versions less than 1.22.3-1.
Using go get to fetch a module with the ".git" suffix may unexpectedly fallback to the insecure "git://" protocol if the module is unavailable via the secure "https://" and "git+ssh://" protocols, even if GOINSECURE is not set for said module. This only affects users who are not using the module...
AZL-79014 CVE-2023-45285 affecting package golang 1.25.7-1
Using go get to fetch a module with the ".git" suffix may unexpectedly fallback to the insecure "git://" protocol if the module is unavailable via the secure "https://" and "git+ssh://" protocols, even if GOINSECURE is not set for said module. This only affects users who are not using the module...
AZL-37438 CVE-2023-45285 affecting package golang for versions less than 1.21.6-1
Using go get to fetch a module with the ".git" suffix may unexpectedly fallback to the insecure "git://" protocol if the module is unavailable via the secure "https://" and "git+ssh://" protocols, even if GOINSECURE is not set for said module. This only affects users who are not using the module...
CVE-2023-45285
CVE-2023-45285 : Golang Go could allow a remote attacker to obtain sensitive information when using go get to fetch a module with the ".git" suffix. The vulnerability arises because, if the module is not available via secure https or git+ssh, the fetch may fall back to the insecure git:// protoco...
Google Golang Security Vulnerability
Google Golang is a static, strongly typed, compiled language from Google.The syntax of Go is close to C, but with differences in variable declarations.Go supports garbage collection.Go's parallel model is based on Tony Hall's Communicating Sequential Processes CSP, and other languages with a...
kernel: KVM: SEV-ES / SEV-SNP VMGEXIT double fetch vulnerability
A flaw was found in KVM AMD Secure Encrypted Virtualization SEV in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the VMGEXIT handler recursively. If an attacker manages to call the handler multiple time...
kernel: KVM: SEV-ES / SEV-SNP VMGEXIT double fetch vulnerability
A flaw was found in KVM AMD Secure Encrypted Virtualization SEV in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the VMGEXIT handler recursively. If an attacker manages to call the handler multiple time...
SUSE CVE-2023-46737
Cosign is a sigstore signing tool for OCI containers. Cosign is susceptible to a denial of service by an attacker controlled registry. An attacker who controls a remote registry can return a high number of attestations and/or signatures to Cosign and cause Cosign to enter a long loop resulting in...
kernel: KVM: SEV-ES / SEV-SNP VMGEXIT double fetch vulnerability
A flaw was found in KVM AMD Secure Encrypted Virtualization SEV in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the VMGEXIT handler recursively. If an attacker manages to call the handler multiple time...
Mageia: Security Advisory (MGASA-2023-0296)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 6.4.16 and fixes or adds mitigations for atleast the following security issues: A flaw was found in the Linux Kernel. The tun/tap sockets have their socket UID hardcoded to 0 due to a type confusion in their initialization function. While it will be...
CVE-2023-32786
In Langchain through 0.0.155, prompt injection allows an attacker to force the service to retrieve data from an arbitrary URL, essentially providing SSRF and potentially injecting content into downstream tasks...
React Developer Tools extension Improper Authorization vulnerability
The React Developer Tools extension registers a message listener with window.addEventListener'message', in a content script that is accessible to any webpage that is active in the browser. Within the listener is code that requests a URL derived from the received message via fetch. The URL is not...
GHSA-RXRC-RGV4-JPVX React Developer Tools extension Improper Authorization vulnerability
The React Developer Tools extension registers a message listener with window.addEventListener'message', in a content script that is accessible to any webpage that is active in the browser. Within the listener is code that requests a URL derived from the received message via fetch. The URL is not...