Arbitrary Code Execution

Overview Affected versions of this package are vulnerable to Arbitrary Code Execution in the way it reads debugging symbols, where reading a malicious symbols file may result in the exploitation of this vulnerability. Remediation Upgrade Microsoft.NETCore.App.Runtime.win-arm to version 6.0.13,...

Argo CD leaks repository credentials in user-facing error messages and in logs

Impact All versions of Argo CD starting with v2.6.0-rc1 have an output sanitization bug which leaks repository access credentials in error messages. These error messages are visible to the user, and they are logged. The error message is visible when a user attempts to create or update an...

Upgraded Q -> M from #55 [1674745091248]

Judge has assessed an item in Issue 55 as M risk. The relevant finding follows: minimum deposit amount for tokens with non standart decimals value are too high. 0.1 can be quite a lot for tokens with small totalAmount, so this requirement can become too restrictive. For example, WBTC token have 8...

GHSA-CM8H-Q92V-XCFC mercurius has Uncaught Exception when using subscriptions

Impact Any users of Mercurius until version v11.5.0 are subjected to a denial of service attack by sending a malformed packet over WebSocket to /graphql. Patches This was patched in https://github.com/mercurius-js/mercurius/pull/940. The patch was released as v11.5.0 and v8.13.2. Workarounds...

CodeIgniter4 Potential Session Handlers Vulnerability

Impact When an application uses 1 multiple session cookies e.g., one for user pages and one for admin pages and 2 a session handler is set to DatabaseHandler, MemcachedHandler, or RedisHandler, then if an attacker gets one session cookie e.g., one for user pages, they may be able to access pages...

RUSTSEC-2022-0070 Unsound API in `secp256k1` allows use-after-free and invalid deallocation from safe code

Because of incorrect bounds on method Secp256k1::preallocatedgennew it was possible to cause use-after-free from safe consumer code. It was also possible to "free" memory not allocated by the appropriate allocator. The method takes a place for storing the context as a mutable reference and return...

XSS to LFI in Runcode Feature

Description By default runcode santized document prefix but if html encode to...

GO-2022-1071 Denial of service in flux controllers in github.com/fluxcd modules

Flux controllers are vulnerable to a denial of service attack. Users that have permissions to change Flux's objects, either through a Flux source or directly within a cluster, can provide invalid data to fields .spec.interval or .spec.timeout and structured variations of these fields, causing the...

Fat Free CRM vulnerable to Remote Denial of Service via Tasks endpoint

Impact An authenticated user can perform a remote Denial of Service attack against Fat Free CRM. This vulnerability has been assigned the CVE identifier: CVE-2022-39281 Affected versions: All Not affected: None Fixed versions: 0.20.1 All users running an affected release should either upgrade or...

CVE-2022-3275

Command injection is possible in the puppetlabs-apt module prior to version 9.0.0. A malicious actor is able to exploit this vulnerability only if they are able to provide unsanitized input to the module. This condition is rare in most deployments of Puppet and Puppet Enterprise...

TensorFlow segfault TFLite converter on per-channel quantized transposed convolutions

Impact When converting transposed convolutions using per-channel weight quantization the converter segfaults and crashes the Python process. python import tensorflow as tf class QuantConv2DTransposedtf.keras.layers.Layer: def buildself, inputshape: self.kernel = self.addweight"kernel", 3, 3,...

System Informer - A Free, Powerful, Multi-Purpose Tool That Helps You Monitor System Resources, Debug Software And Detect Malware

System Informer A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. Brought to you by Winsider Seminars & Solutions, Inc. Project Website - Project Downloads System requirements Windows 7 or higher, 32-bit or 64-bit. Features A detailed...

CVE-2022-35583

wkhtmlTOpdf 0.12.6 is vulnerable to SSRF which allows an attacker to get initial access into the target's system by injecting iframe tag with initial asset IP address on it's source. This allows the attacker to takeover the whole infrastructure by accessing their internal assets...

CVE-2022-31574

The deepaliupadhyay/RealEstate repository through 2018-11-30 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

Buffer Overflow

Overview Affected versions of this package are vulnerable to Buffer Overflow. In tinyexr 1.0.1, there is a heap-based buffer over-read in tinyexr::DecodePixelData. Remediation Upgrade tinyexr to version 1.0.6 or higher. References - GitHub Issue...

Malicious code in github-issue-mirror (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 53c17384d1c768408fef8ecd20ce108799e6f4a49d07582146e2be615018530d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-3375 Malicious code in github-issue-mirror (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 53c17384d1c768408fef8ecd20ce108799e6f4a49d07582146e2be615018530d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Upgraded Q -> H from 25 [1655007954017]

Judge has assessed an item in Issue 25 as High risk. The relevant finding follows: Fees should have a boundary of 100% 10000: Otherwise the contract will try to transfer more than possible which will result in reverts: It might also be helpful the have an fixed upper boundary that doesn't allow t...

GHSA-4W8F-HJM9-XWGF Path Traversal in django-s3file

Impact It was possible to traverse the entire AWS S3 bucket and in most cases to access or delete files. The issue was discovered by the maintainer. There were no reports of the vulnerability being known to or exploited by a third party, before the release of the patch. If the AWSLOCATION setting...

Core dump when loading TFLite models with quantization in TensorFlow

Impact Certain TFLite models that were created using TFLite model converter would crash when loaded in the TFLite interpreter. The culprit is that during quantization the scale of values could be greater than 1 but code was always assuming sub-unit scaling. Thus, since code was calling...