PT-2022-18687 · Joomla · Joomla!

Name of the Vulnerable Software and Affected Versions: Joomla! versions 4.0.0 through 4.2.3 Description: An issue was discovered in Joomla! where sites with publicly enabled debug mode exposed data of previous requests. Recommendations: For Joomla! versions 4.0.0 through 4.2.3, disable the public...

Fedora: Security Advisory for libapreq2 (FEDORA-2022-cf658a432f)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 37 Update: libapreq2-2.17-1.fc37

libapreq is a shared library with associated modules for manipulating client request data via the Apache API. Functionality includes parsing of application/x-www-form-urlencoded and multipart/form-data content, as well as HTTP cookies...

tomcat: Request mix-up with h2c

A flaw was found in Apache Tomcat. When responding to new h2c connection requests, Apache Tomcat could duplicate request headers and a limited amount of request body from one request to another meaning user A and user B could both see the results of user A's request. The highest threat from this...

Improper Privilege Management in Spring Framework

In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a privilege escalation: by recreating the temporary storage directory, a locally authenticated malicious user can read or modify files that have been uploaded to the WebFl...

PT-2022-16271 · Joomla · Joomla!

Name of the Vulnerable Software and Affected Versions: Joomla! versions 4.0.0 through 4.1.0 Description: An issue was discovered in Joomla! where under specific circumstances, JInput pollutes method-specific input bags with $ REQUEST data. Recommendations: For Joomla! versions 4.0.0 through 4.1.0...

CVE-2022-23799

An issue was discovered in Joomla! 4.0.0 through 4.1.0. Under specific circumstances, JInput pollutes method-specific input bags with $REQUEST data...

Command injection in Parse Server through prototype pollution

Impact This is a Remote Code Execution RCE vulnerability in Parse Server. This vulnerability affects Parse Server in the default configuration with MongoDB. The main weakness that leads to RCE is the Prototype Pollution vulnerable code in the file DatabaseController.js, so it is likely to affect...

CVE-2021-43695

issabelPBX version 2.11 is affected by a Cross Site Scripting XSS vulnerability. In file page.backuprestore.php, the exit function will terminate the script and print the message to the user. The message will contain $REQUEST without sanitization, then there is a XSS vulnerability...

IssabelPbx 跨站脚本漏洞

IssabelPbx is an open source Gui Graphical User Interface from the Issabel Foundation. It is used to control and manage Asterisk Pbx. Issabel issabelPBX suffers from a cross-site scripting vulnerability that originates in the file page.backuprestore.php, where the exit function will terminate the...

SAP CommonCryptoLib代码问题漏洞

SAP CommonCryptoLib is a cryptographic library from SAP, a German company. A security vulnerability exists in SAP CommonCryptoLib version 8.5.38 and below, which stems from a null pointer reference vulnerability in the software. An unauthenticated attacker could use this vulnerability to send...

CVE-2021-22118

In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a privilege escalation: by recreating the temporary storage directory, a locally authenticated malicious user can read or modify files that have been uploaded to the WebFl...

CVE-2021-22118

In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a privilege escalation: by recreating the temporary storage directory, a locally authenticated malicious user can read or modify files that have been uploaded to the WebFl...

CVE-2021-22118

In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a privilege escalation: by recreating the temporary storage directory, a locally authenticated malicious user can read or modify files that have been uploaded to the WebFl...

CVE-2017-17675

BMC Remedy Mid Tier 9.1SP3 is affected by log hijacking. Remote logging can be accessed by unauthenticated users, allowing for an attacker to hijack the system logs. This data can include user names and HTTP data...

Apache Struts 2 Forced Multi OGNL Evaluation

The Apache Struts framework, when forced, performs double evaluation of attributes' values assigned to certain tags attributes such as id. It is therefore possible to pass in a value to Struts that will be evaluated again when a tag's attributes are rendered. With a carefully crafted request, thi...

CVE-2020-28917

An issue was discovered in the viewstatistics aka View frontend statistics extension before 2.0.1 for TYPO3. It saves all GET and POST data of TYPO3 frontend requests to the database. Depending on the extensions used on a TYPO3 website, sensitive data e.g., cleartext passwords if ext:felogin is...

jetty: double release of resource can lead to information disclosure

In Eclipse Jetty, versions 9.4.27.v20200227 to 9.4.29.v20200521, in case of too large response headers, Jetty throws an exception to produce an HTTP 431 error. When this happens, the ByteBuffer containing the HTTP response headers is released back to the ByteBufferPool twice. Because of this doub...

Design/Logic Flaw

In solidus before versions 2.8.6, 2.9.6, and 2.10.2, there is an bility to change order address without triggering address validations. This vulnerability allows a malicious customer to craft request data with parameters that allow changing the address of the current order without changing the...

UBUNTU-CVE-2019-17638

In Eclipse Jetty, versions 9.4.27.v20200227 to 9.4.29.v20200521, in case of too large response headers, Jetty throws an exception to produce an HTTP 431 error. When this happens, the ByteBuffer containing the HTTP response headers is released back to the ByteBufferPool twice. Because of this doub...