CVE-2023-32688

parse-server-push-adapter is the official Push Notification adapter for Parse Server. The Parse Server Push Adapter can crash Parse Server due to an invalid push notification payload. This issue has been patched in version 4.1.3...

Design/Logic Flaw

parse-server-push-adapter is the official Push Notification adapter for Parse Server. The Parse Server Push Adapter can crash Parse Server due to an invalid push notification payload. This issue has been patched in version 4.1.3...

CVE-2023-32688 Invalid push request payload crashes Parse Server

parse-server-push-adapter is the official Push Notification adapter for Parse Server. The Parse Server Push Adapter can crash Parse Server due to an invalid push notification payload. This issue has been patched in version 4.1.3...

CVE-2023-32688 Invalid push request payload crashes Parse Server

parse-server-push-adapter is the official Push Notification adapter for Parse Server. The Parse Server Push Adapter can crash Parse Server due to an invalid push notification payload. This issue has been patched in version 4.1.3...

CVE-2023-32688

CVE-2023-32688 concerns parse-server-push-adapter, the Push Notification adapter for Parse Server. The issue arises from an invalid push notification payload that can crash Parse Server. A fix was released in version 4.1.3, mitigating the crash by correcting payload handling. Connected sources co...

CVE-2023-32688 Invalid push request payload crashes Parse Server

parse-server-push-adapter is the official Push Notification adapter for Parse Server. The Parse Server Push Adapter can crash Parse Server due to an invalid push notification payload. This issue has been patched in version 4.1.3...

parse-server 输入验证错误漏洞

parse-server is an open source Backend-as-a-Service BaaS framework that is primarily used for application backend processing. A security vulnerability exists in versions prior to parse-server-push-adapter 4.1.3, which stems from an invalid push notification causing an excessive load that could...

Denial Of Services (DoS)

@parse/push-adapter is vulnerable to Denial Of Services DoS. The vulnerability exists because the library does not properly validate the push notification payload, which allows an attacker to crash the parse server by providing an invalid push notification payload...

CVE-2023-31747

Wondershare Filmora 12 Build 12.2.1.2088 was discovered to contain an unquoted service path vulnerability via the component NativePushService. This vulnerability allows attackers to launch processes with elevated privileges...

PT-2023-23445 · Wondershare · Wondershare Filmora

Name of the Vulnerable Software and Affected Versions: Wondershare Filmora 12 Build 12.2.1.2088 Description: The issue is related to an unquoted service path vulnerability via the NativePushService component. This allows attackers to launch processes with elevated privileges. Recommendations: For...

Invalid push request payload crashes Parse Server

Impact The Parse Server Push Adapter can crash Parse Server due to an invalid push notification payload. Patches Invalid push notification payload is caught and an logged. Workarounds n/a References -...

@evocodes/parse-server (>=2.2.11 <=2.2.27), @m1r4ge/parse-server (>=2.2.7 <=2.2.11) +36 more potentially affected by CVE-2023-32688 via parse-server-push-adapter (>=1.0.4 <=1.3.0)

parse-server-push-adapter NPM version =1.0.4, =2.2.11, =2.2.7, =2.2.7, =0.1.7, =0.0.1, =1.0.0, =2.2.3, =2.3.8, =2.2.18-mod, =2.2.25, =2.2.17, =2.3.3 and more Source cves: CVE-2023-32688 Source advisory: OSV:GHSA-MXHG-RVWX-X993...

GHSA-MXHG-RVWX-X993 Invalid push request payload crashes Parse Server

Impact The Parse Server Push Adapter can crash Parse Server due to an invalid push notification payload. Patches Invalid push notification payload is caught and an logged. Workarounds n/a References -...

PT-2023-23963 · Unknown · Parse-Server-Push-Adapter

Name of the Vulnerable Software and Affected Versions: parse-server-push-adapter versions prior to 4.1.3 Description: The Parse Server Push Adapter can crash Parse Server due to an invalid push notification payload. Recommendations: For versions prior to 4.1.3, update to version 4.1.3 to resolve...

CVE-2023-33001

Jenkins HashiCorp Vault Plugin 360.v0a1c04cf807d and earlier does not properly mask i.e., replace with asterisks credentials in the build log when push mode for durable task logging is enabled...

CVE-2023-33001

Jenkins HashiCorp Vault Plugin 360.v0a1c04cf807d and earlier does not properly mask i.e., replace with asterisks credentials in the build log when push mode for durable task logging is enabled...

CVE-2023-33001

Jenkins HashiCorp Vault Plugin 360.v0a1c04cf807d and earlier does not properly mask i.e., replace with asterisks credentials in the build log when push mode for durable task logging is enabled...

kernel: NULL pointer dereference in rawv6_push_pending_frames

A NULL pointer dereference flaw was found in rawv6pushpendingframes in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash...

Jenkins HashiCorp Vault Plugin 日志信息泄露漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

CVE-2023-20930

In pushDynamicShortcut of ShortcutPackage.java, there is a possible way to get the device into a boot loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersion...