CVE-2024-2756 __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix

Due to an incomplete fix to CVE-2022-31629 https://github.com/advisories/GHSA-c43m-486j-j32p , network and same-site attackers can set a standard insecure cookie in the victim's browser which is treated as a Host- or Secure- cookie by PHP applications...

UBUNTU-CVE-2024-32887

Sidekiq is simple, efficient background processing for Ruby. Sidekiq is reflected XSS vulnerability. The value of substr parameter is reflected in the response without any encoding, allowing an attacker to inject Javascript code into the response of the application. An attacker could exploit it t...

Fedora 38 : php (2024-39d50cc975)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-39d50cc975 advisory. PHP version 8.2.18 11 Apr 2024 Core: Fixed bug GH-13612 Corrupted memory in destructor with weak references. nielsdos Fixed bug GH-13784...

Stored Cross-site Scripting (XSS) in excalidraw's web embed component

Summary A stored XSS vulnerability in Excalidraw's web embeddable component. This allows arbitrary JavaScript to be run in the context of the domain where the editor is hosted. Poc Inserting an embed with the below url can be copy/pasted onto canvas to insert as embed will log 42 to the console:...

PHP 8.1.11 < 8.1.28, 8.2.x < 8.2.18, 8.3.x < 8.3.6 Security Update (GHSA-wpj3-hf5j-x4v4) - Linux

PHP is prone to a Host-/Secure- cookie bypass vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if...

Slackware Linux 15.0 / current php81 Multiple Vulnerabilities (SSA:2024-103-01)

The version of php81 installed on the remote host is prior to 8.1.28 / 8.3.6. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2024-103-01 advisory. - In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set ...

PHP 8.3.x < 8.3.6 Multiple Vulnerabilities

The version of PHP installed on the remote host is prior to 8.3.6. It is, therefore, affected by multiple vulnerabilities as referenced in the Version 8.3.6 advisory. - In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard...

PHP 8.2.x < 8.2.18 Multiple Vulnerabilities

The version of PHP installed on the remote host is prior to 8.2.18. It is, therefore, affected by multiple vulnerabilities as referenced in the Version 8.2.18 advisory. - In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard...

Hardware Vulnerability in Apple’s M-Series Chips

Its yet another hardware side-channel attack: The threat resides in the chips’ data memory-dependent prefetcher, a hardware optimization that predicts the memory addresses of data that running code is likely to access in the near future. By loading the contents into the CPU cache before it’s...

PYSEC-2024-49

Lektor before 3.3.11 does not sanitize DB path traversal. Thus, shell commands might be executed via a file that is added to the templates directory, if the victim's web browser accesses an untrusted website that uses JavaScript to send requests to localhost port 5000, and the web browser is...

CVE-2024-29203

Removed by vendor...

CVE-2024-29203

TinyMCE contains a cross-site scripting (XSS) vulnerability in its content insertion code that can allow iframe elements to execute malicious scripts. The issue is mitigated by upgrading to TinyMCE v6.8.1 or newer; multiple advisories also note that patches and later versions (e.g., 7.0.0+) addre...

CVE-2024-29203 TinyMCE Cross-Site Scripting (XSS) vulnerability in handling iframes

TinyMCE is an open source rich text editor. A cross-site scripting XSS vulnerability was discovered in TinyMCE’s content insertion code. This allowed iframe elements containing malicious code to execute when inserted into the editor. These iframe elements are restricted in their permissions by...

PT-2024-22395 · Lektor · Lektor

Name of the Vulnerable Software and Affected Versions: Lektor versions prior to 3.3.11 Description: The issue concerns the lack of sanitization of database path traversal in Lektor. This allows shell commands to be executed via a file added to the templates directory under specific conditions. Th...

EasyRanges 安全漏洞

EasyRanges is a small Julia package from the individual developer Éric Thiébaut. A security vulnerability exists in EasyRanges version 1.41, which stems from an issue with EasyRange that contains search paths for executables, which could lead to loading executables located in the same folder as t...

DEBIAN-CVE-2018-25100

The Mojolicious module before 7.66 for Perl may leak cookies in certain situations related to multiple similar cookies for the same domain. This affects Mojo::UserAgent::CookieJar...

AWS Patches Critical 'FlowFixation' Bug in Airflow Service to Prevent Session Hijacking

Cybersecurity researchers have shared details of a now-patched security vulnerability in Amazon Web Services AWS Managed Workflows for Apache Airflow MWAA that could be potentially exploited by a malicious actor to hijack victims' sessions and achieve remote code execution on underlying instances...

hw: Intel: Gather Data Sampling (GDS) side channel vulnerability

A Gather Data Sampling GDS transient execution side-channel vulnerability was found affecting certain Intel processors. This issue may allow a local attacker using gather instruction load from memory to infer stale data from previously used vector registers on the same physical core...

The vulnerability of the Mozilla Firefox browser is related to errors in processing SameSite cookies, which allows an attacker to compromise the integrity of the protected information.

The vulnerability of the Mozilla Firefox browser is related to errors in processing SameSite cookies when opening a website using the “firefox://” protocol handler. Exploiting this vulnerability can allow an attacker to compromise the integrity of protected information...

BIT-GITLAB-2021-39886

Permissions rules were not applied while issues were moved between projects of the same group in GitLab versions starting with 10.6 and up to 14.1.7 allowing users to read confidential Epic references...