Exploit for Improper Input Validation in Paloaltonetworks Pan-Os

CVE-2024-3400 Simple Python code to check for arbitrary upload...

GitHub: View private repository NWO of deploy key via internal LFS API

The vulnerability allowed an attacker to enumerate the names of private repositories that utilized deploy keys in GitHub Enterprise Server. The vulnerability did not provide unauthorized access to any repository content besides the repository names. This vulnerability affected all versions of...

Denial Of Service

github.com/traefik/traefik is vulnerable to Denial Of Service. The vulnerability is due to a lack of header frame limits, allowing an attacker to send excessive CONTINUATION frames which causes the endpoint to read arbitrary amounts of header data without proper memory allocation limits...

GO-2024-2667 Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2

Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2...

Sensitive Information Disclosure

github.com/apache/solr-operator is vulnerable to Sensitive Information Disclosure. The vulnerability is due to the operator's mishandling of authentication credentials in log files, which could expose sensitive information such as usernames and passwords...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : vim (SUSE-SU-2024:1287-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1287-1 advisory. - Use After Free in GitHub repository vim/vim prior to 9.0.1857. CVE-2023-4750 - Vim is an open...

Cross-site Scripting (XSS)

github.com/tiagorlampert/chaos is vulnerable to Cross-site Scripting XSS. The vulnerability is due to the sendCommandHandler function accepting unsanitized input via the output parameter and passing it along to the DOM, which results in a payload being executed by a user sending a request to the...

Exploit for CVE-2024-24576

PoC exploit for CVE-2024-24576, a vulnerability in a specific pr...

Sensitive Data Exposure

github.com/kopia/kopiais vulnerable to Sensitive Data Exposure. This vulnerability is due to the "repository status" CLI command with JSON output containing sensitive storage connection credentials which are inadvertently exposed to the console...

XZ backdoor story – Initial analysis

On March 29, 2024, a single message on the Openwall OSS-security mailing list marked an important discovery for the information security, open source and Linux communities: the discovery of a malicious backdoor in XZ. XZ is a compression utility integrated into many popular distributions of Linux...

Ray OS 2.6.3 Command Injection

Exploit Title: Ray OS v2.6.3 - Command Injection RCEUnauthorized Description: The Ray Project dashboard contains a CPU profiling page, and the format parameter is not validated before being inserted into a system command executed in a shell, allowing for arbitrary command execution. If the system...

Ray OS v2.6.3 - Command Injection Exploit

Exploit Title: Ray OS v2.6.3 - Command Injection RCEUnauthorized Description: The Ray Project dashboard contains a CPU profiling page, and the format parameter is not validated before being inserted into a system command executed in a shell, allowing for arbitrary command execution. If the system...

PopojiCMS Version 2.0.1 - Remote Command Execution

Exploit Title: PopojiCMS Version : 2.0.1 Remote Command Execution Date: 27/11/2023 Exploit Author: tmrswrr Vendor Homepage: https://www.popojicms.org/ Software Link: https://github.com/PopojiCMS/PopojiCMS/archive/refs/tags/v2.0.1.zip Version: Version : 2.0.1 Tested on:...

Python's PyPI Reveals Its Secrets

GitGuardian is famous for its annual State of Secrets Sprawl report. In their 2023 report, they found over 10 million exposed passwords, API keys, and other credentials exposed in public GitHub commits. The takeaways in their 2024 report did not just highlight 12.8 million new exposed secrets in...

GHSA-HP8H-7X69-4WMV zcap has incomplete expiration checks in capability chains.

Impact When invoking a capability with a chain depth of 2, i.e., it is delegated directly from the root capability, the expires property is not properly checked against the current date or other date param. This can allow invocations outside of the original intended time period. A zcap still cann...

XWiki Platform CSRF remote code execution through the realtime HTML Converter API

Impact When the realtime editor is installed in XWiki, it allows arbitrary remote code execution with the interaction of an admin user with programming right. More precisely, by getting an admin user to either visit a crafted URL or to view an image with this URL that could be in a comment, the...

XWiki Platform: Remote code execution from account via SearchSuggestSourceSheet

Impact Any user with edit right on any page can execute any code on the server by adding an object of type XWiki.SearchSuggestSourceClass to their user profile or any other page. This compromises the confidentiality, integrity and availability of the whole XWiki installation. To reproduce on an...

yt-dlp: `--exec` command injection when using `%q` in yt-dlp on Windows (Bypass of CVE-2023-40581)

Summary The patch that addressed CVE-2023-40581 attempted to prevent RCE when using --exec with %q by replacing double quotes with two double quotes. However, this escaping is not sufficient, and still allows expansion of environment variables. Support for output template expansion in --exec, alo...

Security Bulletin: Multiple Security Vulnerabilities were found in Open Source libraries used to deploy IBM Security Verify Access Appliances (CVE-2024-31871, CVE-2024-31872, CVE-2024-31873, CVE-2024-31874)

Summary An Open Source repository of python deployment scripts for ISVA Appliance is published on GitHub at https://github.com/IBM-Security/ibmsecurity. Vulnerabilities reported in the public repository have been addressed. Vulnerability Details CVEID:CVE-2024-31872 DESCRIPTION: IBM Security Veri...

Beware: GitHub's Fake Popularity Scam Tricking Developers into Downloading Malware

Threat actors are now taking advantage of GitHub's search functionality to trick unsuspecting users looking for popular repositories into downloading spurious counterparts that serve malware. The latest assault on the open-source software supply chain involves concealing malicious code within...