GO-2024-2615 Username enumeration in github.com/IceWhaleTech/CasaOS-UserService

CasaOS-UserService is vulnerable to a username enumeration issue, when an attacker can enumerate the CasaOS username using the application response. If the username is incorrect, the application gives the error 'User does not exist'. If the password is incorrect, the application gives the error...

Alert: Cybercriminals Deploying VCURMS and STRRAT Trojans via AWS and GitHub

A new phishing campaign has been observed delivering remote access trojans RAT such as VCURMS and STRRAT by means of a malicious Java-based downloader. "The attackers stored malware on public services like Amazon Web Services AWS and GitHub, employing a commercial protector to avoid detection of...

Improper Input Validation

github.com/cosmos/cosmos-sdk is vulnerable to Improper Input Validation. The vulnerability is due to inadequate validation in the ValidateVoteExtensions function within abciutils.go. This flaw allows attackers to exploit the ValidateVoteExtensions helper function by inferring total voting power...

Exploit for CVE-2024-28741

NorthStar C2 agent RCE via stored XSS Agent RCE PoC for CVE-20...

2024.1 IPU OOB - Intel® Xeon® D Processor Advisory

Summary: A potential security vulnerability in some Intel® Xeon® D Processors with Intel® Software Guard Extensions SGX may allow information disclosure. Intel is releasing microcode updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2023-43490 Description:...

GO-2024-2618 Authentication token leak in github.com/cloudevents/sdk-go/v2

Using cloudevents.WithRoundTripper to create a cloudevents.Client with an authenticated http.RoundTripper causes the go-sdk to leak credentials to arbitrary endpoints. When the transport is populated with an authenticated transport, http.DefaultClient is modified with the authenticated transport...

GO-2024-2616 Path traversal and user privilege escalation in github.com/IceWhaleTech/CasaOS-UserService

The UserService API contains a path traversal vulnerability that allows an attacker to obtain any file on the system, including the user database and system configuration. This can lead to privilege escalation and compromise of the system...

GO-2024-2605 SQL injection in github.com/jackc/pgx/v4

SQL injection is possible when the database uses the non-default simple protocol, a minus sign directly precedes a numeric placeholder followed by a string placeholder on the same line, and both parameter values are user-controlled...

GO-2024-2604 CORS Filter bypass in github.com/zeromicro/go-zero

The CORS Filter feature in go-zero allows users to specify an array of domains allowed in the CORS policy. However, the isOriginAllowed function uses strings.HasSuffix to check the origin, which can lead to a bypass via a domain like "evil-victim.com". This vulnerability is capable of breaking CO...

Hyperledger: Docker Secret Disclosure via GitHub Actions Cache Poisoning

The vulnerability involved the disclosure of Docker secrets through GitHub Actions cache poisoning. The issue was reported and subsequently resolved...

Exploit for Authentication Bypass Using an Alternate Path or Channel in Jetbrains Teamcity

Cyberspace Mapping Dork Fofa app="JETBRAINS-TeamCity...

Fedora: Security Advisory for junit (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: junit-4.13.2-6.fc40

JUnit is a regression testing framework written by Erich Gamma and Kent Beck. It is used by the developer who implements unit tests in Java. JUnit is Open Source Software, released under the Common Public License Version 1.0 and hosted on GitHub...

Insufficiently Protected Credentials

github.com/cloudevents/sdk-go/v2 is vulnerable to Insufficiently Protected Credentials. The vulnerability is due to the improper use of cloudevents.WithRoundTripper, allowing the leakage of credentials to arbitrary endpoints when creating a cloudevents.Client with an authenticated http.RoundTripp...

[SECURITY] Fedora 38 Update: golang-github-tdewolff-parse-2.7.12-1.fc38

Go parsers for web formats...

[SECURITY] Fedora 38 Update: golang-github-tdewolff-argp-0-0.1.20240227git719bbce.fc38

GNU command line argument parser...

SUSE SLES12 Security Update : vim (SUSE-SU-2024:0783-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0783-1 advisory. - Use After Free in GitHub repository vim/vim prior to 9.0.1857. CVE-2023-4750 - Vim is an open source command line text editor. Wh...

CVE-2024-27918 Coder's OIDC authentication allows email with partially matching domain to register

Coder allows oragnizations to provision remote development environments via Terraform. Prior to versions 2.6.1, 2.7.3, and 2.8.4, a vulnerability in Coder's OIDC authentication could allow an attacker to bypass the CODEROIDCEMAILDOMAIN verification and create an account with an email not in the...

CVE-2024-27916 `GetRepositoryByName`, `DeleteRepositoryByName` and `GetArtifactByName` allow access of arbitrary repositories in Minder by any authenticated user

Minder is a software supply chain security platform. Prior to version 0.0.33, a Minder user can use the endpoints GetRepositoryByName, DeleteRepositoryByName, and GetArtifactByName to access any repository in the database, irrespective of who owns the repo and any permissions present. The databas...

BIT-GITLAB-2020-13326

A vulnerability was discovered in GitLab versions prior to 13.1. Under certain conditions the restriction for Github project import could be bypassed...