Authentication Bypass

Astro is vulnerable to an authentication bypass. The vulnerability is due to improper handling of double URL encoding in middleware pathname checks, which allows an unauthenticated attacker to bypass path-based authentication and gain unauthorized access to protected routes...

PT-2025-5798 · Ibm · Ibm App Connect Enterprise

Name of the Vulnerable Software and Affected Versions: IBM App Connect enterprise versions 12.0.1.0 through 12.0.12.10 IBM App Connect enterprise versions 13.0.1.0 through 13.0.2.1 Description: The issue allows an authenticated user to write to an arbitrary file on the system during bar...

SUSE CVE-2018-11233

In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, code to sanity-check pathnames on NTFS can result in reading out-of-bounds memory...

CVE-2019-12277

Blogifier 2.3 before 2019-05-11 does not properly restrict APIs, as demonstrated by missing checks for .. in a pathname...

CVE-2019-12277

Blogifier 2.3 before 2019-05-11 does not properly restrict APIs, as demonstrated by missing checks for .. in a pathname...

USN-3671-1 git vulnerabilities

Etienne Stalmans discovered that git did not properly validate git submodules files. A remote attacker could possibly use this to craft a git repo that causes arbitrary code execution when "git clone --recurse-submodules" is used. CVE-2018-11235 It was discovered that an integer overflow existed ...