Race Condition

wiremock is vulnerable toa Race Condition. The vulnerability is due to the render function when DNS server's address expire between initial validation and an outbound network request, potentially leading to unintended access to prohibited domains...

OESA-2023-1489 qt5-qtbase security update

Qt is a software toolkit for developing applications. Security Fixes: Qt before 6.4.3 allows a denial of service via a crafted string when the SQL ODBC driver plugin is used and the size of SQLTCHAR is 4. The affected versions are 5.x before 5.15.13, 6.x before 6.2.8, and 6.3.x before...

Nextcloud Notes 跨站脚本漏洞

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A cross-site scripting vulnerability exists in Nextcloud Notes version 4.4.0 up to and including 4.8.0, which stems from the fact that when a notes file is...

ROS-2-2191

2.2191 Remote Code Execution in Mozilla Firefox CVE-2021-29952 1. Vulnerability Description: The vulnerability is caused by a race condition in Web Render components and could potentially be exploited for malicious code execution.IDENT of the Information Security Threat Data Bank of the FSTEC of...

OESA-2023-1387 qt5-qtbase security update

Qt is a software toolkit for developing applications. Security Fixes: An issue was discovered in Qt before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. Qt Network incorrectly parses the strict-transport-security HSTS header, allowing unencrypted connections to be established,...

CVE-2023-34414

The error page for sites with invalid TLS certificates was missing the activation-delay Firefox uses to protect prompts and permission dialogs from attacks that exploit human response time delays. If a malicious page elicited user clicks in precise locations immediately before navigating to a sit...

webkitgtk: heap-use-after-free in WebCore::RenderLayer::updateDescendantDependentFlags()

A use-after-free vulnerability in WebCore::RenderLayer::updateDescendantDependentFlags in WebKitGTK before 2.36.8 allows attackers to execute code remotely...

webkitgtk: heap-use-after-free in WebCore::RenderLayer::setNextSibling()

A use-after-free vulnerability in WebCore::RenderLayer::setNextSibling in WebKitGTK before 2.36.8 allows attackers to execute code remotely...

webkitgtk: heap-use-after-free in WebCore::RenderLayer::repaintBlockSelectionGaps()

A use-after-free vulnerability in WebCore::RenderLayer::repaintBlockSelectionGaps in WebKitGTK before 2.36.8 allows attackers to execute code remotely...

Server-Side Template Injection(SSTI)

com.ibeetl:beetl is vulnerable to Server-Side Template InjectionSSTI. A remote attacker is able to cause server-side template injection due to insufficient checks in render function via a crafted payload...

Rockwell Automation ArmorStart ST 跨站脚本漏洞

Rockwell Automation ArmorStart ST is a simple and cost-effective solution for machine-side control architectures from Rockwell Automation. A cross-site scripting vulnerability exists in Rockwell Automation ArmorStart ST, which can be exploited by an attacker to view and modify sensitive data or...

kernel: drm/virtio: improper return value check in virtio_gpu_object_shmem_init()

In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpuobject.c misinterprets the drmgemshmemgetsgtable return value expects it to be NULL in the error case, whereas it is actually an error pointer...

webkitgtk: heap-use-after-free in WebCore::RenderLayer::repaintBlockSelectionGaps()

A use-after-free vulnerability in WebCore::RenderLayer::repaintBlockSelectionGaps in WebKitGTK before 2.36.8 allows attackers to execute code remotely...

webkitgtk: heap-use-after-free in WebCore::RenderLayer::setNextSibling()

A use-after-free vulnerability in WebCore::RenderLayer::setNextSibling in WebKitGTK before 2.36.8 allows attackers to execute code remotely...

CVE-2023-29827

ejs v3.1.9 is vulnerable to server-side template injection. If the ejs file is controllable, template injection can be implemented through the configuration settings of the closeDelimiter parameter. NOTE: this is disputed by the vendor because the render function is not intended to be used with...

Server-side template injection in beetl

An issue in the render function of beetl v3.15.0 allows attackers to execute server-side template injection SSTI via a crafted payload...

CVE-2023-30331

An issue in the render function of beetl v3.15.0 allows attackers to execute server-side template injection SSTI via a crafted payload...

CVE-2023-30331

An issue in the render function of beetl v3.15.0 allows attackers to execute server-side template injection SSTI via a crafted payload...

CVE-2023-30331

An issue in the render function of beetl v3.15.0 allows attackers to execute server-side template injection SSTI via a crafted payload...

CVE-2023-29827

ejs v3.1.9 is vulnerable to server-side template injection. If the ejs file is controllable, template injection can be implemented through the configuration settings of the closeDelimiter parameter. NOTE: this is disputed by the vendor because the render function is not intended to be used with...