Jetbrains JetBrains IntelliJ IDEA 安全漏洞

Jetbrains JetBrains IntelliJ IDEA is a Czech JetBrains integrated development environment for the Java language . A local code execution vulnerability exists in JetBrains IntelliJ IDEA versions prior to 2020.3.3. The vulnerability stems from an insufficient check when the VCS fetches the project...

Jetbrains JetBrains PyCharm 数据伪造问题漏洞

PyCharm is the Python integrated development environment from Czech software development company JetBrains. A local code execution vulnerability exists in PyCharm versions prior to 2020.3.4. The vulnerability stems from insufficient checks when the VCS fetches a project and can be exploited by an...

Path Traversal in Ansible

A flaw was found in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, and then choose a new destination path on the controller node. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable...

GHSA-GFR2-QPXH-QJ9M Path Traversal in Ansible

A flaw was found in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, and then choose a new destination path on the controller node. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable...

UBUNTU-CVE-2021-3481

A flaw was found in Qt. An out-of-bounds read vulnerability was found in QRadialFetchSimd in qt/qtbase/src/gui/painting/qdrawhelperp.h in Qt/Qtbase. While rendering and displaying a crafted Scalable Vector Graphics SVG file this flaw may lead to an unauthorized memory access. The highest threat...

DEBIAN-CVE-2021-21374

Nimble is a package manager for the Nim programming language. In Nim release versions before versions 1.2.10 and 1.4.4, "nimble refresh" fetches a list of Nimble packages over HTTPS without full verification of the SSL/TLS certificate due to the default setting of httpClient. An attacker able to...

Information Disclosure

webkitgtk4 is vulnerable to information disclosure. The vulnerability exists through a cross-origin issue with the fetch API...

CVE-2021-25864

node-red-contrib-huemagic 3.0.0 is affected by hue/assets/..%2F Directory Traversal.in the res.sendFile API, used in file hue-magic.js, to fetch an arbitrary file...

Exploit for Improper Access Control in Xen

kernelexploitfactory Keep updating...... Linux kernel CVE exploit analysis report and relative debug environment. You don't need to compile Linux kernel and configure your environment anymore. This repository is to extract all Linux kernel exploit and relative debug environment. The test is on...

Windows Exploitation Tricks: Trapping Virtual Memory Access

Posted by James Forshaw, Project Zero This blog is a continuation of my series of Windows exploitation tricks. This one describes an exploitation trick I’ve been trying to develop for years, succeeding mostly, more on that later on the latest versions of Windows 10. It’s a trick to trap access to...

PT-2020-17101 · WordPress · Woocommerce

Name of the Vulnerable Software and Affected Versions: WooCommerce plugin versions prior to 4.7.0 Description: The issue allows remote attackers to view the status of arbitrary orders via the order id parameter in a fetch order status action. This could potentially expose sensitive information...

WordPress plugin WooCommerce 权限许可和访问控制问题漏洞

WooCommerce is an open source WordPress e-commerce plugin. WooCommerce versions prior to 4.7.0 are vulnerable to privilege permission and access control issues, which can be exploited by a remote attacker to view the status of any order via the orderid parameter in the fetchorderstatus operation...

Arbitrary Code Execution

chromium is vulnerable to arbitrary code execution. The vulnerability exists through heap buffer overflow in background fetch that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page...

karaf: A remote client could create MBeans from arbitrary URLs

In Karaf, JMX authentication takes place using JAAS and authorization takes place using ACL files. By default, only an "admin" can actually invoke on an MBean. However there is a vulnerability there for someone who is not an admin, but has a "viewer" role. In the 'etc/jmx.acl.cfg', such as role c...

Security Bulletin: A security vulnerability in Node.js node-fetch module affects IBM Cloud Pak for Multicloud Management Infrastructure Management and Managed Service.

Summary Security Bulletin: A security vulnerability in Node.js node-fetch module affects IBM Cloud Pak for Multicloud Management Managed Service. Vulnerability Details CVEID: CVE-2020-15168 DESCRIPTION: Node.js node-fetch module is vulnerable to a denial of service, caused by the failure to honor...

Webscan - Browser-based Network Scanner And local-IP Detection

webscan is a browser-based network IP scanner and local IP detector. It detects IPs bound to the user/victim by listening on an RTP data channel via WebRTC and looping back to the port across any live IPs, as well as discovering all live IP addresses on valid subnets by monitoring for immediate...

SAP Fiori Launchpad Server-Side Request Forgery Vulnerability

SAP Fiori is SAP's user experience UX design system for SAP applications, which provides designers and developers with a set of tools and guidelines to quickly develop applications for any platform, providing a consistent, innovative experience for creators and users.SAP Fiori Launchpad is the SA...

new module: perl:5.30

An update is available for perl-Pod-Perldoc, perl-DBI, perl-Pod-Escapes, perl-Devel-PPPort, perl-Pod-Usage, perl-Sub-Exporter, perl-perlfaq, perl-Object-HashBase, perl-CPAN-Meta-YAML, perl-Digest, perl-podlators, perl-bignum, perl-Text-ParseWords, perl-Text-Template, perl-DBD-MySQL, perl-Text-Glo...

CVE-2020-7758

CVE-2020-7758 describes a path traversal vulnerability in browserless-chrome where user input from the workspace endpoint is used to construct a filePath, which is then fetched and returned, allowing an attacker to escape to arbitrary files on the server. Public sources in the connected docs cons...

kernel security and bug fix update

4.18.0-193.28.12.OL8 - Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x6...