CVE-2023-30458

Summary: Medicine Tracker System 1.0 suffers a username enumeration in its login function: valid usernames leak via longer response times tied to password length. Impact: potential credential discovery over network with no direct exploitation details in the provided documents. Remediation (suppor...

CVE-2023-2210

A vulnerability has been found in Campcodes Coffee Shop POS System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/categories/viewcategory.php. The manipulation of the argument id leads to sql injection. The attack can be launched...

CVE-2023-2169 TaxoPress <= 3.6.4 - Authenticated (Editor+) Stored Cross-Site Scripting

The TaxoPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Related Posts functionality in versions up to, and including, 3.6.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with Editor+ permissions to...

Lack of removal of minters reduces chances of survival

Lines of code Vulnerability details Impact It is reasonable to assume there will be occasions of misbehaving minters that will threaten the functioning of the Frankencoin ecosystem and there is no way to disable any such minter without redeploying the contract. Ex. an attacker can deploy a...

Design/Logic Flaw

In Phoenix Contacts ENERGY AXC PU Web service an authenticated restricted user of the web frontend can access, read, write and create files throughout the file system using specially crafted URLs via the upload and download functionality of the web service. This may lead to full control of the...

CVE-2022-46389 Cross-Site Scripting (XSS) vulnerability found on logout functionality

There exists a reflected XSS within the logout functionality of ServiceNow versions lower than Quebec Patch 10 Hotfix 11b, Rome Patch 10 Hotfix 3b, San Diego Patch 9, Tokyo Patch 4, and Utah GA. This enables an unauthenticated remote attacker to execute arbitrary JavaScript code in the...

CVE-2022-46886

There exists an open redirect within the response list update functionality of ServiceNow. This allows attackers to redirect users to arbitrary domains when clicking on a URL within a service-now domain...

PrivatePool.change does not work with token with less than 4 decimals

Lines of code Vulnerability details PrivatePool.change does a call to changeFeeQuote to calculate the fee amount. It computes an exponent as ERC20baseToken.decimals - 4 File: src/PrivatePool.sol 731: function changeFeeQuoteuint256 inputAmount public view returns uint256 feeAmount, uint256...

Malicious file upload in Jira Server via anonymous sources

Affected versions of Atlassian Jira Server/DC allows an unauthenticated attacker to upload arbitrary files to Jira via file upload functionality in the fileupload url. However An attacker cannot control the filename or its location, which prevents the possibility of RCE. Files with name start...

ReraiseETHCrowdfund.sol: Multiple scenarios how pending votes might not be claimable which is a complete loss of funds for a user

Lines of code Vulnerability details Impact This issue is about how the ReraiseETHCrowdfund claim functionality can be broken. When the claim functionality is broken this means that a user cannot claim his voting power, resulting in a complete loss of funds. The claim functionality is not broken i...

PT-2023-6434 · Adobe · Acrobat Reader +1

Name of the Vulnerable Software and Affected Versions: Adobe Acrobat Reader versions 23.001.20093 and earlier Adobe Acrobat Reader versions 20.005.30441 and earlier Adobe Acrobat 2020 Adobe Acrobat Reader 2020 Description: The issue is related to a Use After Free vulnerability that could result i...

Code injection

A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2. Private Relay functionality did not match system settings...

CVE-2022-46716

A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2. Private Relay functionality did not match system settings...

CVE-2022-46716

A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2. Private Relay functionality did not match system settings...

Design/Logic Flaw

Ulearn version a5a7ca20de859051ea0470542844980a66dfc05d allows an attacker with administrator permissions to obtain remote code execution on the server through the image upload functionality. This occurs because the application does not validate that the uploaded image is actually an image...

CVE-2023-0670

Ulearn version a5a7ca20de859051ea0470542844980a66dfc05d allows an attacker with administrator permissions to obtain remote code execution on the server through the image upload functionality. This occurs because the application does not validate that the uploaded image is actually an image...

Important: Red Hat Security Advisory: tigervnc and xorg-x11-server security update

An update for tigervnc and xorg-x11-server is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

GHSA-5286-F2RF-35C2 Wagtail vulnerable to stored Cross-site Scripting attack via ModelAdmin views

Impact A stored cross-site scripting XSS vulnerability exists on ModelAdmin views within the Wagtail admin interface. A user with a limited-permission editor account for the Wagtail admin could potentially craft pages and documents that, when viewed by a user with higher privileges, could perform...

SUSE-SU-2023:1726-1 Security update for runc

This update for runc fixes the following issues: Update to runc v1.1.5: Security fixes: - CVE-2023-25809: Fixed rootless /sys/fs/cgroup is writable when cgroupns isn't unshared bnc1209884. - CVE-2023-27561: Fixed regression that reintroduced CVE-2019-19921 vulnerability bnc1208962. -...

CVE-2023-28836 Wagtail vulnerable to stored Cross-site Scripting attack via ModelAdmin views

Wagtail is an open source content management system built on Django. Starting in version 1.5 and prior to versions 4.1.4 and 4.2.2, a stored cross-site scripting XSS vulnerability exists on ModelAdmin views within the Wagtail admin interface. A user with a limited-permission editor account for th...