Synology DiskStation Manager SYNO.API.Encryption API Protection Mechanism Bypass (CVE-2017-9553)

A design flaw in SYNO.API.Encryption in Synology DiskStation Manager DSM before 6.1.3-15152 allows remote attackers to bypass the encryption protection mechanism via the crafted version parameter. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for...

GHSA-2W5J-QFVW-2HF5 ZITADEL's User Grant Deactivation not Working

Impact ZITADEL's user grants deactivation mechanism did not work correctly. Deactivated user grants were still provided in token, which could lead to unauthorized access to applications and resources. Additionally, the management and auth API always returned the state as active or did not provide...

CVE-2024-39912 Enumeration of valid usernames in web-auth/webauthn-lib

web-auth/webauthn-lib is an open source set of PHP libraries and a Symfony bundle to allow developers to integrate that authentication mechanism into their web applications. The ProfileBasedRequestOptionsBuilder method returns allowedCredentials without any credentials if no username was found...

CVE-2024-6153

Parallels Desktop Updater Protection Mechanism Failure Software Downgrade Vulnerability. This vulnerability allows local attackers to downgrade Parallels software on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target...

CVE-2022-48721

In the Linux kernel, the following vulnerability has been resolved: net/smc: Forward wakeup to smc socket waitqueue after fallback When we replace TCP with SMC and a fallback occurs, there may be some socket waitqueue entries remaining in smc socket-wq, such as eppollentries inserted by userspace...

CVE-2024-34451

Ghost through 5.85.1 allows remote attackers to bypass an authentication rate-limit protection mechanism by using many X-Forwarded-For headers with different values. NOTE: the vendor's position is that Ghost should be installed with a reverse proxy that allows only trusted X-Forwarded-For headers...

CVE-2021-47318

A vulnerability was found in the topologyscalefreqtick function in the Linux kernel's architecture topology management. This function may use a pointer to struct scalefreqdata that has already been cleared, leading to a use-after-free condition. This can happen because there is no mechanism to...

GHSA-FH7R-58Q4-6387 Zendframework URL Rewrite vulnerability

zend-diactoros and, by extension, Expressive, zend-http and, by extension, Zend Framework MVC projects, and zend-feed specifically, its PubSubHubbub sub-component each contain a potential URL rewrite exploit. In each case, marshaling a request URI includes logic that introspects HTTP request...

Fedora: Security Advisory (FEDORA-2024-28fde3feb7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Improper Restriction Of Excessive Authentication Attempts

github.com/zitadel/zitadel/ is vulnerable to Improper Restriction of Excessive Authentication Attempts. The vulnerability is due to the absence of a mechanism to restrict failed TOTP authentication attempts...

ROS-20240410-06

The vulnerability in the Sudo system administration program is related to a flaw in the mechanism for encoding or or shielding of output data. Exploitation of the vulnerability allows an attacker acting remotely gain access to sensitive data...

CVE-2024-31813

TOTOLINK EX200 V4.0.3c.7646B20201211 does not contain an authentication mechanism by default...

CVE-2024-31813

TOTOLINK EX200 V4.0.3c.7646B20201211 does not contain an authentication mechanism by default...

TikTok: Account Takeover via Authentication Bypass in TikTok Account Recovery

An improper authentication mechanism in TikTok's account recovery process was identified. The vulnerability was reported and has been completely fixed. There was no evidence of exploitation...

Incorrect Authorization

ZITADEL is vulnerable to Incorrect Authorization. The vulnerability is due to certain actions being able to set reserved claims managed by ZITADEL, such as urn:zitadel:iam:user:resourceowner:name. To address this, a protection mechanism has been introduced to prevent actions from altering claims...

Improper Restriction Of Excessive Authentication Attempts

github.com/argoproj/argo-cd/ is vulnerable to Improper Restriction Of Excessive Authentication Attempts. This vulnerability is due to a weak cache-based mechanism that allows attackers to bypass rate limit and brute force protections, which can result in account compromise...

CVE-2023-52431

The Plack::Middleware::XSRFBlock package before 0.0.19 for Perl allows attackers to bypass a CSRF protection mechanism via an empty form value and an empty cookie if signed cookies are disabled...

Deserialization of untrusted data

SOFARPC is a Java RPC framework. SOFARPC defaults to using the SOFA Hessian protocol to deserialize received data, while the SOFA Hessian protocol uses a blacklist mechanism to restrict deserialization of potentially dangerous classes for security protection. But, prior to version 5.12.0, there i...

CVE-2024-22195

Jinja is an extensible templating engine. Special placeholders in the template allow writing code similar to Python syntax. It is possible to inject arbitrary HTML attributes into the rendered HTML template, potentially leading to Cross-Site Scripting XSS. The Jinja xmlattr filter can be abused t...

Improper Authentication Vulnerability in Huawei Product (huawei-sa-20201216-01-vrp)

There is an improper authentication vulnerability in Huawei Products. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...