EUVD-2022-6864

Malicious code in bioql PyPI...

openSIS 9.1 - SQLi (Authenticated)

Exploit Title: openSIS 9.1 - SQLi Authenticated Google Dork: intext:"openSIS is a product" Date: 09.09.2024 Exploit Author: Devrim Dıragumandan d0ub1edd Vendor Homepage: https://www.os4ed.com/ Software Link: https://github.com/OS4ED/openSIS-Classic/releases/tag/V9.1 Version: 9.1 Tested on: Linux ...

@blakeembrey/template vulnerable to code injection when attacker controls template input

Impact It is possible to inject and run code within the template if the attacker has access to write the template name. js const template = require'@blakeembrey/template'; template"Hello name!", "exploit && = console.log'success'; && function pwned"; Patches Upgrade to 1.2.0. Workarounds Don't pa...

CVE-2024-29195

The CVE-2024-29195 advisory concerns the azure-c-shared-utility C library used by the Azure IoT C SDK for AMQP/MQTT communication. The described issue is an integer wraparound/under-allocation/heap buffer overflow stemming from vulnerable parameter checking in the buffer length handling, which co...

Denial of Service issue in quinn-proto

Impact Receiving unknown QUIC frames in a QUIC packet could result in a panic. Patches The problem has been fixed in 0.9.5 and 0.10.5 maintenance releases. References Fixed in https://github.com/quinn-rs/quinn/pull/1667, backported in https://github.com/quinn-rs/quinn/pull/1668 and...

GHSA-F28G-86HC-823Q Tokenizer vulnerable to client brute-force of token secrets

Impact Authorized clients, having an injectprocessor secret, could brute-force the secret token value by abusing the fmt parameter to the Proxy-Tokenizer header. Patches This was fixed in https://github.com/superfly/tokenizer/pull/8 and further mitigated in...

CVE-2023-31064 Apache InLong: Insecurity direct object references cancelling applications

Files or Directories Accessible to External Parties vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0. the user in InLong could cancel an application that doesn't belongs to it. Users are advised to upgrade to Apache InLong's 1.7....

CVE-2023-31098

CVE-2023-31098 concerns Apache InLong, affected in versions 1.1.0 through 1.6.0. The underlying issue is weak password requirements: the application does not enforce sufficient password complexity, enabling attackers to guess passwords and gain account access. The risk is described as a high impa...

RSSHub SSRF vulnerability

Summary RSSHub is vulnerable to Server-Side Request Forgery SSRF attacks. This vulnerability allows an attacker to send arbitrary HTTP requests from the server to other servers or resources on the network. Description An attacker can exploit this vulnerability by sending a request to the affected...

Webmin < 2.003 XSS Vulnerability

Webmin is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:webmin:webmin";...

S3 storage write is not aborted on errors leading to unbounded memory usage

Impact Anyone using storage.blob.s3 introduced in 0.5.0 with storage.imapsql. storage.imapsql localmailboxes ... msgstore s3 ... Patches The relevant commit is pushed to master and will be included in the 0.5.1 release. No special handling of the issue has been done due to the small amount of...

Authentication granted to all firewalls instead of just one

Description ----------- When an application defines multiple firewalls, the authenticated token delivered by one of the firewalls is available to all other firewalls. This can be abused when the application defines different providers for different parts of an application. In such a situation, a...

Fedora 31 : dino (2019-2555c77f63)

Update dino to a96c8014, which addresses three CVEs. CVE-2019-16235 ============== Dino did not properly check the source of message carbons. https://nvd.nist.gov/vuln/detail/CVE-2019-16235 Fixed in https://github.com/dino/dino/commit/e84f2c49567e86d2a261ea264d65c4adc5 49c930 CVE-2019-16236...

Kimai 2 - Persistent Cross-Site Scripting

Exploit Title: Kimai 2- persistent cross-site scripting XSS Date: 07/15/2019 Exploit Author: osamaalaa Vendor Homepage: link Software Link: https://github.com/kevinpapst/kimai2 Fixed on Github : https://github.com/kevinpapst/kimai2/pull/962 Version: 2 1-Normal user will try to add timesheet from...

Kimai 2 - Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Kimai 2- persistent cross-site scripting XSS Exploit Author: osamaalaa Vendor Homepage: link Software Link: https://github.com/kevinpapst/kimai2 Fixed on Github : https://github.com/kevinpapst/kimai2/pull/962 Version: 2 1-Normal...

YARA <= 3.8.1 Multiple Vulnerabilities

YARA is prone to multiple vulnerabilities. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribu...

TestLink 1.9.14 Cross Site Scripting

Information ================================= Name: Persistent XSS Vulnerability in TestLink 1.9.14 Affected Software: TestLink Affected Versions: 1.9.14 and possibly below Vendor Homepage: http://testlink.org/ Severity: High Status: Fixed Vulnerability Type: =================================...

Struts2 then exposed S2-0 2 0 patch bypass vulnerability – evil regular expressions-vulnerability warning-the black bar safety net

4 on 2 to 4 November, the network exposed in the article“Security researchers noted that the Apache Struts2 vulnerability Bulletin S2-0 2 0, in process repair CVE-2 0 1 4-0 0 9 4 bug fixes program vulnerability exists, resulting patch is completely bypassed.” Affected products: Struts 2.0.0 –...