hull.js Code Injection Vulnerability

Versions of the library from 0.2.2 to 1.0.9 are vulnerable to the arbitrary code execution due to unsafe usage of new Function... in the module that handles points format. Applications passing the 3rd parameter to the hull function without sanitising may be impacted. The vulnerability has been...

GO-2024-3299 Traefik's X-Forwarded-Prefix Header still allows for Open Redirect in github.com/traefik/traefik

Traefik's X-Forwarded-Prefix Header still allows for Open Redirect in github.com/traefik/traefik...

GO-2024-3303 Argo Workflows Allows Access to Archived Workflows with Fake Token in `client` mode in github.com/argoproj/argo-workflows

Argo Workflows Allows Access to Archived Workflows with Fake Token in client mode in github.com/argoproj/argo-workflows...

Ibexa Admin UI vulnerable to Cross-site Scripting in a field that is used in the Content name pattern

Impact The Content name pattern is used to build Content names from one or more fields. An XSS vulnerability has been found in this mechanism. Content edit permission is required to exploit it. After the fix, any existing injected XSS will not run. Patches - See "Patched versions. -...

GHSA-2X65-FPCH-2FCM SimpleSAMLphp xml-common XXE vulnerability

Summary When loading an untrusted XML document, for example the SAMLResponse, it's possible to induce an XXE. $options is defined as: https://github.com/simplesamlphp/xml-common/blob/v1.19.0/src/DOMDocumentFactory.phpL39 including the DTDLoad option, which allows an attacker to read file contents...

Traefik's X-Forwarded-Prefix Header still allows for Open Redirect

Impact There is a vulnerability in Traefik that allows the client to provide the X-Forwarded-Prefix header from an untrusted source. Patches - https://github.com/traefik/traefik/releases/tag/v2.11.14 - https://github.com/traefik/traefik/releases/tag/v3.2.1 Workarounds No workaround. For more...

Laravel 11.0 Cross Site Scripting

/! - VULNERABILITY: Cross Site Scripting Laravel version 11.0 - Authenticated Persistent XSS - GOOGLE DORK: inurl:.com/?q= - GOOGLE DORK: Site:.com/?q= - DATE: 2024-12-01 - SECURITY RESEARCHER: E1.Coders - VENDOR: LARAVEL https://laravel.com/ - SOFTWARE LINK:...

CVE-2024-53859

go-gh is a Go module for interacting with the gh utility and the GitHub API from the command line. A security vulnerability has been identified in go-gh that could leak authentication tokens intended for GitHub hosts to non-GitHub hosts when within a codespace. go-gh sources authentication tokens...

CVE-2024-53858

The gh cli is GitHub’s official command line tool. A security vulnerability has been identified in the GitHub CLI that could leak authentication tokens when cloning repositories containing git submodules hosted outside of GitHub.com and ghe.com. This vulnerability stems from several gh commands...

`auth.TokenForHost` violates GitHub host security boundary when sourcing authentication token within a codespace

Summary A security vulnerability has been identified in go-gh that could leak authentication tokens intended for GitHub hosts to non-GitHub hosts when within a codespace. Details go-gh sources authentication tokens from different environment variables depending on the host involved: - GITHUBTOKEN...

CVE-2024-53858 Recursive repository cloning can leak authentication tokens to non-GitHub submodule hosts in the gh cli

The gh cli is GitHub’s official command line tool. A security vulnerability has been identified in the GitHub CLI that could leak authentication tokens when cloning repositories containing git submodules hosted outside of GitHub.com and ghe.com. This vulnerability stems from several gh commands...

CVE-2024-53859 go-gh `auth.TokenForHost` violates GitHub host security boundary within a codespace

go-gh is a Go module for interacting with the gh utility and the GitHub API from the command line. A security vulnerability has been identified in go-gh that could leak authentication tokens intended for GitHub hosts to non-GitHub hosts when within a codespace. go-gh sources authentication tokens...

CVE-2024-53859

go-gh is a Go module for interacting with the gh utility and the GitHub API from the command line. A security vulnerability has been identified in go-gh that could leak authentication tokens intended for GitHub hosts to non-GitHub hosts when within a codespace. go-gh sources authentication tokens...

GO-2024-3289 OpenShift Console Server Side Request Forgery vulnerability in github.com/openshift/console

OpenShift Console Server Side Request Forgery vulnerability in github.com/openshift/console...

GO-2024-3288 Taurus multi-party-sig has OT-based ECDSA protocol implementation flaws in github.com/taurusgroup/multi-party-sig

Taurus multi-party-sig has OT-based ECDSA protocol implementation flaws in github.com/taurusgroup/multi-party-sig...

Artifact poisoning vulnerability in action-download-artifact v5 and earlier

Summary In versions of dawidd6/action-download-artifact before v6, a repository's forks were also searched by default when attempting to find matching artifacts. This could be exploited by an unprivileged attacker to introduce compromised artifacts such as malicious executables into a privileged...

GHSA-5XR6-XHWW-33M4 Artifact poisoning vulnerability in action-download-artifact v5 and earlier

Summary In versions of dawidd6/action-download-artifact before v6, a repository's forks were also searched by default when attempting to find matching artifacts. This could be exploited by an unprivileged attacker to introduce compromised artifacts such as malicious executables into a privileged...

Exploit for Untrusted Pointer Dereference in Microsoft

CVE-2024-35250-BOF The Beacon Object File BOF implementati...

CVE-2024-11619

A vulnerability, which was classified as problematic, has been found in macrozheng mall up to 1.0.3. Affected by this issue is some unknown functionality of the component JWT Token Handler. The manipulation leads to use of default cryptographic key. The complexity of an attack is rather high. The...

CVE-2024-11619

The CVE-2024-11619 issue affects macrozheng mall up to version 1.0.3, specifically the JWT Token Handler component. Root cause: use of a default cryptographic key, which can compromise confidentiality/integrity if exploited. Exploitation complexity is described as high and exploitation is difficu...