Password stored in plain text by Jenkins HP ALM Quality Center Plugin

HP ALM Quality Center Plugin 1.6 and earlier stores a password in plain text in its global configuration file org.jenkinsci.plugins.qc.QualityCenterIntegrationRecorder.xml. This password can be viewed by users with access to the Jenkins controller file system...

GHSA-G7W4-R4MG-GVHX XXE vulnerability in Jenkins RapidDeploy Plugin

RapidDeploy Plugin 4.2 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows a user able to control the input files for the 'RapidDeploy deployment package build' build or post-build step to have Jenkins parse a crafted file that uses external...

Magento Remote code execution through catalog attribute sets

In Magento Open Source prior to 1.9.4.3, and Magento Commerce prior to 1.14.4.3, an authenticated user with administrative privileges for editing attribute sets can execute arbitrary code through custom layout modification...

TotoLink A3100R Access Control Error Vulnerability (CNVD-2022-54651)

TotoLink A3100R is a series of wireless routers from TotoLink, Taiwan, China.TotoLink A3100R versions V4.1.2cu.5050B20200504 and V4.1.2cu.5247B20211129 are vulnerable to an access control error, which could be exploited by attackers to to obtain sensitive information via a crafted web request...

Input validation

Improper Input Validation in GitHub repository jgraph/drawio prior to 18.0.6...

Cross site scripting

Jenkins Multiselect parameter Plugin 1.3 and earlier does not escape the name and description of Multiselect parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

new packages: navilu-fonts

An update is available for navilu-fonts. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

new packages: librevenge

An update is available for librevenge. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

new packages: libgweather

An update is available for libgweather. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

new packages: libXp

An update is available for libXp. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Enterprise...

new packages: chrome-gnome-shell

An update is available for chrome-gnome-shell. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

GHSA-4FXW-G29W-R8MX Apache Solr Cross-site scripting Vulnerability

Cross-site scripting XSS vulnerability in webapp/web/js/scripts/schema-browser.js in the Admin UI in Apache Solr before 5.3 allows remote attackers to inject arbitrary web script or HTML via a crafted schema-browse URL...

InHand Networks InRouter302 OS Command Injection Vulnerability

InHand Networks InRouter Series is a series of routers from InHand Networks, Inc. InHand Networks InRouter302 version V3.5.4 contains an operating system command injection vulnerability that can be exploited by attackers to cause arbitrary command execution...

Apache Shiro Path Traversal vulnerability

Apache Shiro before 1.1.0, and JSecurity 0.9.x, does not canonicalize URI paths before comparing them to entries in the shiro.ini file, which allows remote attackers to bypass intended access restrictions via a crafted request, as demonstrated by the /./account/index.jsp URI...

Moodle SSRF Vulnerability

The editblog.php script allows a registered user to add external RSS feed resources. It was identified that this feature could be abused to be used as a SSRF attack vector by adding a malicious URL/TCP PORT in order to target internal network or an internet hosted server, bypassing firewall rules...

Process_Overwriting - Yet Another Variant Of Process Hollowing

Process Overwriting is a PE injection technique, closely related to Process Hollowing and Module Overloading Process Hollowing aka RunPE is an old and popular PE injection technique. It comes in has variety of flavors, but there are some steps in common: 1. Start by creating a process in a...

Powershell Exec, Windows Command Shell, Reverse UDP Stager with UUID Support

Execute an x86 payload from a command via PowerShell. Spawn a piped command shell staged. Connect back to the attacker with UUID Support Module Options msf use payload/cmd/windows/powershell/shell/reverseudp msf payloadreverseudp show actions ...actions... msf payloadreverseudp set ACTION msf...

Heap-based Buffer Overflow

Description Heap-based Buffer Overflow in msp430op Environment radare2 5.6.9 0 @ linux-x86-64 git. commit: 5.6.9 build: 2022-05-0112:17:49 Build export CC=gcc CXX=g++ CFLAGS="-fsanitize=address -static-libasan" CXXFLAGS="-fsanitize=address -static-libasan" LDFLAGS="-fsanitize=address...

realmd bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

ALBA-2022:1856 llvm-toolset:rhel8 bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...