Wallabag user can disable 2FA unintentionally

Impact wallabag was discovered to contain a Cross-Site Request Forgery CSRF which allows attackers to arbitrarily disable 2FA through /config/otp/app/disable and /config/otp/email/disable. This vulnerability has a CVSSv3.1 score of 4.3. You should upgrade your instance to version 2.6.7 or higher...

GHSA-56FM-HFP3-X3W3 Wallabag user can disable 2FA unintentionally

Impact wallabag was discovered to contain a Cross-Site Request Forgery CSRF which allows attackers to arbitrarily disable 2FA through /config/otp/app/disable and /config/otp/email/disable. This vulnerability has a CVSSv3.1 score of 4.3. You should upgrade your instance to version 2.6.7 or higher...

Wallabag user can reset data unintentionally

Description wallabag was discovered to contain a Cross-Site Request Forgery CSRF which allows attackers to arbitrarily reset annotations, entries and tags, by the GET request to /reset/annotations, /reset/entries, /reset/tags, /reset/archived. This vulnerability has a CVSSv3.1 score of 4.3. You...

GHSA-GJVC-55FW-V6VQ Wallabag user can delete own API client unintentionally

Description wallabag was discovered to contain a Cross-Site Request Forgery CSRF which allows attackers to arbitrarily delete API key via /developer/client/delete/id This vulnerability has a CVSSv3.1 score of 6.5. You should immediately patch your instance to version 2.6.3 or higher if you have...

Wallabag user can delete own API client unintentionally

Description wallabag was discovered to contain a Cross-Site Request Forgery CSRF which allows attackers to arbitrarily delete API key via /developer/client/delete/id This vulnerability has a CVSSv3.1 score of 6.5. You should immediately patch your instance to version 2.6.3 or higher if you have...

GHSA-W766-3572-F2HV Pimcore Cross-site Scripting (XSS) vulnerability in Admin Translations

Impact Execute Javascript code on victim browsers and potentially steal cookies to takeover their account. Patches Update to version 10.5.21 or apply this patches manually https://github.com/pimcore/pimcore/commit/7e32cc28145274ddfc30fb791012d26c1278bd38.patch Workarounds Apply patches manually:...

GHSA-Q7CC-M6JW-M262 Pimcore Cross-site Scripting (XSS) in Predefined Properties delete

Impact This vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users to other malicious sites. Patches Update to version 10.5.21 or apply this patches manually...

GHSA-6QJM-39VH-729W Pimcore Cross-site Scripting in Predefined Asset Metadata module in Settings

Impact This vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users to other malicious sites. Patches Update to version 10.5.20 or apply this patch manually...

Cross-site Scripting (XSS) in UrlSlug Data type

Impact An attacker can use XSS to send a malicious script to an unsuspecting user. Patches Update to version 10.5.19 or apply this patch manually https://github.com/pimcore/pimcore/pull/14669.patch Workarounds Apply https://github.com/pimcore/pimcore/pull/14669.patch manually. References...

GHSA-QWX8-MXXX-MG96 wallabag contains Improper Authorization via export feature

Description The export feature lets a user export a single entry or a set of entries in a given format e.g. PDF, MOBI, TXT. For example, https://yourinstance.wallabag.org/export/45.pdf will export the entry with id 45 in PDF format. Since wallabag 2.0.0-alpha.1, this feature is vulnerable to an...

wallabag contains Improper Authorization via export feature

Description The export feature lets a user export a single entry or a set of entries in a given format e.g. PDF, MOBI, TXT. For example, https://yourinstance.wallabag.org/export/45.pdf will export the entry with id 45 in PDF format. Since wallabag 2.0.0-alpha.1, this feature is vulnerable to an...

v8n vulnerable to Inefficient Regular Expression Complexity

Impact Inefficient regular expression complexity of lowercase and uppercase regex could lead to a denial of service attack. With a formed payload 'a' + 'a'.repeati + 'A', only 32 characters payload could take 29443 ms time execution when testing lowercase. The same issue happens with uppercase...

CVE-2022-2345

Use After Free in GitHub repository vim/vim prior to 9.0.0046...

CVE-2022-1720

Buffer Over-read in function grabfilename in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution...

xss bypass of https://huntr.dev/bounties/4bc8f164-faf8-4096-aa00-e439fa976876/

Description xss bypass of https://huntr.dev/bounties/4bc8f164-faf8-4096-aa00-e439fa976876/ TESTED BROWSER google chrome Proof of Concept this bug has been fixed by setting text/xml content-type .\ But this can also be bypassed . Save bellow file as test.xml . Upload this and view the file and see...

minewebcms 1.15.2 Cross Site Scripting

Exploit Title: minewebcms 1.15.2 - Cross-site Scripting XSS Google Dork: NA Date: 02/20/2022 Exploit Author: Chetanya Sharma @AggressiveUser Vendor Homepage: https://mineweb.org/ Software Link: https://github.com/mineweb/minewebcms Version: 1.15.2 Tested on: KALI OS CVE : CVE-2022-1163...

Insecure temporary file in Tensorflow

Impact In multiple places, TensorFlow uses tempfile.mktemp to create temporary files. While this is acceptable in testing, in utilities and libraries it is dangerous as a different process can create the file between the check for the filename in mktemp and the actual creation of the file by a...

CVE-2021-4019

vim is vulnerable to Heap-based Buffer Overflow...

CVE-2021-3974

vim is vulnerable to Use After Free...

in bookstackapp/bookstack

Description The dompdf chroot option in Bookstack App is set to basepath, which is the Laravel root folder /var/www/bookstack. An attacker can hence load any image file in the Laravel folder /var/www/bookstack or its subdirectories via PDF exports. Proof of Concept 1: Place an image file in...