TikTok: Instance Page DOS within Organization on TikTok Ads

A vulnerability was found on the Instance Page service of TikTok Ads, which would allow an Operator to perform a Denial of Service DoS on the Front End of only their own organization. We thank @arsenelupin for reporting this to our team...

CVE-2022-24961

In Portainer Agent before 2.11.1, an API server can continue running even if not associated with a Portainer instance in the past few days...

Unauthorized access to Class instance in Jinjava

Jinjava before 2.5.4 allow access to arbitrary classes by calling Java methods on objects passed into a Jinjava context. This could allow for abuse of the application class loader, including Arbitrary File Disclosure...

Veeam Service Provider Console fails to connect to restored VSPC database due to collation conflict

Challenge When attempting to connect Veeam Service Provider Console to an existing VSPC database the following error occurs: Implicit conversion of varchar value to varchar cannot be performed because the collation of the value is unresolved due to a collation conflict between "" and "" in add...

F5 NGINX Controller API Code Injection Vulnerability

The F5 NGINX Controller is a self-service, API-driven platform for managing NGINIX Plus that can be easily integrated into CI/CD workflows to accelerate application deployment and simplify application lifecycle management. user" or "admin" role access and authenticated attackers can use an...

The Bug Report - December 2021 Edition

The Bug Report - December 2021 By Philippe Laulheret · January 19, 2022 Your Cybersecurity Comic Relief Why am I here? If you’re reading these words, CONGRATULATIONS! You’ve made it to 2022! And even better, you found your way to ATR’s monthly security digest where we discuss our favorite...

CVE-2022-23131 Unsafe client-side session storage leading to authentication bypass/instance takeover via Zabbix Frontend with configured SAML

In the case of instances where the SAML SSO authentication is enabled non-default, session data can be modified by a malicious actor, because a user login stored in the session was not verified. Malicious unauthenticated actor may exploit this issue to escalate privileges and gain admin access to...

Improper Input Validation in chatwoot/chatwoot

Description This vulnerability impacts all fields sent to Chatwoot. Any field that has an excessive amount of characters in it will cause the agent's page to take an abnormal amount of time to load, often requiring the content to be removed before the page will load. In my example, I put 20000000...

GHSA-85RQ-HP8X-GHJQ Cross-Site Request Forgery in Jenkins Mailer Plugin

Jenkins Mailer Plugin prior to 408.vd726a1130320 and 1.34.2 does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read access to use the DNS used by the Jenkins instance to resolve an attacker-specified hostname. Additionally, this form...

CVE-2021-46148

MediaWiki prior to 1.35.5, 1.36.x prior to 1.36.3, and 1.37.x prior to 1.37.1 contains a CSRF flaw related to MassEditRegex that can be triggered by unprivileged users on testwiki SecurePoll instances. Affected software: MediaWiki; vulnerable component/function: MassEditRegex handling that enable...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

Log4ShellCVE-2021-44228 Demo !demo-scenariosimages/demo-...

CVE-2021-36780 Unauthorized data access from replicas through vulnerable instance manager pods

A Missing Authentication for Critical Function vulnerability in longhorn of SUSE Longhorn allows attackers to connect to a longhorn-engine replica instance granting it the ability to read and write data to and from a replica that they should not have access to. This issue affects: SUSE Longhorn...

Mozilla Firefox Security Advisory (MFSA2021-52) - Mac OS X

This host is missing a security update for Mozilla Firefox. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

Mozilla Firefox ESR Security Advisory (MFSA2021-53) - Mac OS X

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...

Denial Of Service (DoS)

thunderbird and firefox are vulnerable denial of service. The vulnerability exists due to a GC Rooting Failure When Calling Wasm Instance Methods...

Mozilla: GC rooting failure when calling wasm instance methods

The Mozilla Foundation Security Advisory describes this flaw as: Failure to correctly record the location of live pointers across wasm instance calls resulted in a GC occurring within the call not tracing those live pointers. This could have led to a use-after-free causing a potentially exploitab...

Mozilla: GC rooting failure when calling wasm instance methods

The Mozilla Foundation Security Advisory describes this flaw as: Failure to correctly record the location of live pointers across wasm instance calls resulted in a GC occurring within the call not tracing those live pointers. This could have led to a use-after-free causing a potentially exploitab...

Design/Logic Flaw

Failure to correctly record the location of live pointers across wasm instance calls resulted in a GC occurring within the call not tracing those live pointers. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Thunderbird 91.4.0, Firefox...

CVE-2021-43539

CVE-2021-43539 is a Mozilla Firefox/Thunderbird memory safety issue: GC rooting failure when calling wasm instance methods can cause a use-after-free and potentially exploitable crash. Connected sources confirm the flaw affects Firefox up to 95 and Thunderbird up to 91.4.0, linked advisories show...

CVE-2021-41090 Instance config inline secret exposure

Grafana Agent is a telemetry collector for sending metrics, logs, and trace data to the opinionated Grafana observability stack. Prior to versions 0.20.1 and 0.21.2, inline secrets defined within a metrics instance config are exposed in plaintext over two endpoints: metrics instance configs defin...