GHSA-3GXF-9R58-2GHG `openssl` `X509NameBuilder::build` returned object is not thread safe

OpenSSL has a modified bit that it can set on on X509NAME objects. If this bit is set then the object is not thread-safe even when it appears the code is not modifying the value. Thanks to David Benjamin Google for reporting this issue...

Denial Of Service (DoS)

net.minidev, json-smart is vulnerable to Denial Of Service DoS. The vulnerability exists because there is no nested depth checks for deeply nested JSON arrays or objects, which allows an attacker to crash the application via a malicious array with deeply nested elements...

RSA NetWitness Endpoint EDR Agent 12.x Incorrect Access Control / Code Execution

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/RSANETWITNESSEDRAGENTINCORRECTACCESSCONTROLCVE-2022-47529.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor RSA Security www.netwitness.com Product NetWitness Endpoint...

Security Bulletin: WebSphere Application Server traditional is vulnerable to a remote code execution vulnerability

Summary WebSphere Application Server, used by IBM Tivoli Network Manager ITNM IP Edition, is vulnerable to a remote code execution vulnerability. Vulnerability Details CVEID:CVE-2023-23477 DESCRIPTION: IBM WebSphere Application Server 8.5 and 9.0 traditional could allow a remote attacker to execu...

UBUNTU-CVE-2023-1370

Json-smart is a performance focused, JSON processor lib. When reaching a ‘‘ or ‘‘ character in the JSON input, the code parses an array or an object respectively. It was discovered that the code does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays a...

Stack overflow

Json-smart is a performance focused, JSON processor lib. When reaching a ‘‘ or ‘‘ character in the JSON input, the code parses an array or an object respectively. It was discovered that the code does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays a...

SUSE SLES12 Security Update : python-cffi (SUSE-SU-2023:0837-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0837-1 advisory. - cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions...

Solr: Code execution via entity expansion

It was found that Apache Lucene would accept an object from an unauthenticated user that could be manipulated through subsequent post requests. An attacker could use this flaw to assemble an object that could permit execution of arbitrary code if the server enabled Apache Solr's Config API...

The vulnerability of the NetAct network management system lies in the improper limitation of XML links to external objects. This allows attackers to gain unauthorized access to protected information or perform SSRF attacks.

The vulnerability of the NetAct network management system is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information or perform an SSRF attack...

CVE-2023-28115

Snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. Prior to version 1.4.2, Snappy is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the fileexists function. If an attacker can upload files of any...

PHAR deserialization allowing remote code execution

Description snappy is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the fileexists function. If an attacker can upload files of any type to the server he can pass in the phar:// protocol to unserialize the uploaded file and instantiate arbitra...

PHAR deserialization allowing remote code execution

Description snappy is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the fileexists function. If an attacker can upload files of any type to the server he can pass in the phar:// protocol to unserialize the uploaded file and instantiate arbitra...

ROS-20230317-03

A vulnerability in the Minio object store is related to improper enforcement of the bypass prohibition policy, with the removing a version identifier with the special header "X-Amz-Bypass-Governance-Retention: true". Exploitation of the vulnerability could allow an attacker acting remotely to gai...

The vulnerability of the Central Management Console (CMC) of the SAP Business Objects Business Intelligence Platform allows a perpetrator to execute arbitrary code and gain unauthorized access to protected information.

The vulnerability of the Central Management Console CMC of the SAP Business Objects Business Intelligence Platform relates to incorrect elimination of special elements in output data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code and gain unauthorized access to...

SAP Cloud SDK for AI Python has OS Command Injection when Program Objects Execution is Enabled

SAP Business Object Adaptive Job Server - versions 420, 430, allows remote execution of arbitrary commands on Unix, when program objects execution is enabled, to authenticated users with scheduling rights, using the BI Launchpad, Central Management Console or a custom application based on the...

GHSA-XXHH-59GH-6FFX SAP Cloud SDK for AI Python has OS Command Injection when Program Objects Execution is Enabled

SAP Business Object Adaptive Job Server - versions 420, 430, allows remote execution of arbitrary commands on Unix, when program objects execution is enabled, to authenticated users with scheduling rights, using the BI Launchpad, Central Management Console or a custom application based on the...

CVE-2023-27896

In SAP BusinessObjects Business Intelligence Platform - version 420, 430, an attacker can control a malicious BOE server, forcing the application server to connect to its own CMS, leading to a high impact on availability...

CVE-2023-27271

In SAP BusinessObjects Business Intelligence Platform Web Services - versions 420, 430, an attacker can control a malicious BOE server, forcing the application server to connect to its own admintools, leading to a high impact on availability...

CVE-2023-25616

In some scenario, SAP Business Objects Business Intelligence Platform CMC - versions 420, 430, Program Object execution can lead to code injection vulnerability which could allow an attacker to gain access to resources that are allowed by extra privileges. Successful attack could highly impact th...

PYSEC-2023-315

SAP Business Object Adaptive Job Server - versions 420, 430, allows remote execution of arbitrary commands on Unix, when program objects execution is enabled, to authenticated users with scheduling rights, using the BI Launchpad, Central Management Console or a custom application based on the...