61 matches found
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Permissive Regular Expression in tacquito
Impact The CVE is for a software vulnerability. Network admins who have deployed tacquito or versions of tacquito in their production environments and use tacquito to perform command authorization for network devices should be impacted. Tacquito code prior to commit...
GHSA-P5WF-CMR4-XRWR Permissive Regular Expression in tacquito
Impact The CVE is for a software vulnerability. Network admins who have deployed tacquito or versions of tacquito in their production environments and use tacquito to perform command authorization for network devices should be impacted. Tacquito code prior to commit...
Exploit for Embedded Malicious Code in Tukaani Xz
CVE-2024-3094-info - CVE-2024-3094 PoC Exploration https://gi...
GHSA-7J98-H7FP-4VWJ smarty Cross-site Scripting vulnerability in Javascript escaping
Impact An attacker could exploit this vulnerability to execute arbitrary JavaScript code in the context of the user's browser session. This may lead to unauthorized access to sensitive user data, manipulation of the web application's behavior, or unauthorized actions performed on behalf of the...
Exploit for Improper Initialization in Linux Linux_Kernel
!Dirty Pipehttps://forum.hackersploit.org/uploads/default/ori...
GitLab GitHub Repo Import Deserialization RCE
An authenticated user can import a repository from GitHub into GitLab. If a user attempts to import a repo from an attacker-controlled server, the server will reply with a Redis serialization protocol object in the nested defaultbranch. GitLab will cache this object and then deserialize it when...
GHSA-J3RV-W43Q-F9X2 React Editable Json Tree vulnerable to arbitrary code execution via function parsing
Impact Our library allows strings to be parsed as functions and stored as a specialized component, JsonFunctionValue. To do this, Javascript's eval function was used to execute strings that begin with "function" as Javascript. This was an oversight that unfortunately allows arbitrary code to be...
CVE-2022-31508
The idayrus/evoting repository before 2022-05-08 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31503
The orchest/orchest repository before 2022.05.0 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-1754 Integer Overflow or Wraparound in polonel/trudesk
Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.2...
Potential Captcha Validate Bypass in flask-session-captcha
Impact flask-session-captcha is a package which allows users to extend Flask by adding an image based captcha stored in a server side session. The captcha.validate function would return None if passed no value e.g. by submitting a request with an empty form. If implementing users were checking th...
GSD-2022-1000007 colors.js 1.4.1 has an infinite loop added by the primary developer
colors.js had an infinite loop added by the primary developer in version 1.4.1 and 6.6.6 which was released on GitHub and NPM which reports it as having 3,179 dependent packages that rely upon it. Additionally the GitHub repo was wiped of all files. This appears to have been done intentionally in...
GSD-2022-1000008 faker.js 6.6.6 is broken and the developer has wiped the original GitHub repo
faker.js had it's version updated to 6.6.6 in NPM which reports it as having 2,571 dependent packages that rely upon it and the GitHub repo has been wiped of content. This appears to have been done intentionally as the repo only has a single commit so it was likjely deleted, recreated and a singl...
Bugs Lurking in Cisco UC Provisioning Platform
The Akkadian Provisioning Manager, which is used as a third-party provisioning tool within Cisco Unified Communications environments, has three high-severity security vulnerabilities that can be chained together to enable remote code execution RCE with elevated privileges, researchers said. They...
Akkadian Provisioning Manager Multiple Vulnerabilities Disclosure (Fixed)
Over the course of routine security research, Rapid7 researchers discovered that the Akkadian Provisioning Manager version 4.50.18, a provisioning solution for a Cisco Unified Communications environment, has a trio of vulnerabilities, which, when combined, can lead to remote code execution on the...
h1-ctf: [H1-2006] CTF Writeup
H1-2006 CTF Writeup I am fairly new to CTFs - this is just my second CTF after H1-415 CTF, at which I didn't get far at all. I think the most valuable thing I can do for anyone who comes across this writeup, is to describe exactly what I was thinking at each step along the way, including all my...
h1-ctf: [H1-2006 2020] CTF Writeup
Summary: Multiple Vulnerabilities leading to full account takeover and access to restricted functions 1. Information Disclosure 2. Login 2FA Bypass 3. SSRF 4. Hardcoded validation 5. Sensitive information disclosure 6. Privilege Escalation 7. Payments 2FA Bypass through SSRF Steps To Reproduce: 0...
Shopify: CircleCI token in github repo allows for access to sensitive build information
While looking through some Shopify Github repos I came across the following CircleCI token: ca84774a88598f639b174d498c219163e04adbb2 in the js-buy-sdk repo. curl https://circleci.com/api/v1.1/me?circle-token=ca84774a88598f639b174d498c219163e04adbb2 returns information about the user which confirm...
Paragon Initiative Enterprises: Github repo's wiki publicly editable
Hello Team, Primablock Github repo's wiki page is publicly editable. This enables an attacker to edit the wiki pages of the affected repo's. Adding content that may link to malicious code libraries that would be installed and used by developers or information that may mislead users. Links:...