YouDianCMS SQL注入漏洞

YouDianCMS is a website CMS. A SQL injection vulnerability exists in YoudianCMS v9.5.0, which originates from the lack of validation of the MailSendID parameter at /App/Lib/Action/Admin/MailAction.class.php against external SQL input. This vulnerability can be exploited by attackers to execute...

WordPress plugin Private Messages 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress Private Messages plugin 2.1.10 and earlier versions are vulnerable to cross-site request...

undertow: Double AJP response for 400 from EAP 7 results in CPING failures

A flaw was found in Undertow. For an AJP 400 response, EAP 7 is improperly sending two response packets, and those packets have the reuse flag set even though JBoss EAP closes the connection. A failure occurs when the connection is reused after a 400 by CPING since it reads in the second...

CVE-2021-35487

Nokia Broadcast Message Center through 11.1.0 allows an authenticated user to perform a Boolean Blind SQL Injection attack on the endpoint /owui/block/send-receive-updates for the Manage Alerts page via the extIdentifier HTTP POST parameter. This allows an attacker to obtain the database user,...

GHSA-RH4W-94HH-9943 MutexGuard::map can cause a data race in safe code

Affected versions of the crate had a Send/Sync implementation for MappedMutexGuard that only considered variance on T, while MappedMutexGuard dereferenced to U. This could of led to data races in safe Rust code when a closure used in MutexGuard::map returns U that is unrelated to T. The issue was...

MutexGuard::map can cause a data race in safe code

Affected versions of the crate had a Send/Sync implementation for MappedMutexGuard that only considered variance on T, while MappedMutexGuard dereferenced to U. This could of led to data races in safe Rust code when a closure used in MutexGuard::map returns U that is unrelated to T. The issue was...

The vulnerability of the Apache Tomcat application server arises from errors that occur when both the WebSocket connection is terminated and WebSocket messages are sent at the same time. This allows an attacker to disclose sensitive information or carry out other malicious actions.

The vulnerability of the Apache Tomcat application server is related to errors that occur when both the WebSocket connection is closed and a WebSocket message is sent. Exploiting this vulnerability allows a malicious actor to disclose sensitive information or cause other adverse effects...

GHSA-3GV7-3H64-78CM Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat

A bug in the handling of the pipelined requests in Apache Tomcat 9.0.0.M1 to 9.0.0.M18, 8.5.0 to 8.5.12, 8.0.0.RC1 to 8.0.42, 7.0.0 to 7.0.76, and 6.0.0 to 6.0.52, when send file was used, results in the pipelined request being lost when send file processing of the previous request completed. Thi...

Expected Behavior Violation in Apache Tomcat

In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the refactoring of the HTTP connectors introduced a regression in the send file processing. If the send file processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could result in t...

GHSA-9HG2-395J-83RM Expected Behavior Violation in Apache Tomcat

In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the refactoring of the HTTP connectors introduced a regression in the send file processing. If the send file processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could result in t...

CVE-2022-29738

Money Transfer Management System 1.0 is vulnerable to SQL Injection via /mtms/admin/?page=transaction/send&id=, id...

GHSA-694V-63FQ-FMR4 Path Traversal in scout-browser

Scout is a Variant Call Format VCF visualization interface. The Pypi package scout-browser is vulnerable to path traversal due to sendfile call in versions prior to 4.52...

CVE-2022-1554

Path Traversal due to sendfile call in GitHub repository clinical-genomics/scout prior to 4.52...

CVE-2022-24900 Absolute Path Traversal due to incorrect use of `send_file` call in Piano LED Visualizer

Piano LED Visualizer is software that allows LED lights to light up as a person plays a piano connected to a computer. Version 1.3 and prior are vulnerable to a path traversal attack. The os.path.join call is unsafe for use with untrusted input. When the os.path.join call encounters an absolute...

PT-2022-16970 · Flask +1 · Flask +1

Name of the Vulnerable Software and Affected Versions: Piano LED Visualizer versions 1.3 and prior Description: The issue concerns a path traversal attack. The os.path.join call is unsafe for use with untrusted input, as it ignores all parameters encountered before an absolute path and starts...

GSD-2022-1002203 ax25: fix UAF bug in ax25_send_control()

ax25: fix UAF bug in ax25sendcontrol This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.190 by commit eaa7eb23fa76db45f7da1b6192518705863d0ebe...

GSD-2022-1001749 ax25: fix UAF bug in ax25_send_control()

ax25: fix UAF bug in ax25sendcontrol This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.35 by commit 1bf8946d5826788c82971977245bcd3313678eac...

The vulnerability of the Rust stack generator library “Generator-rs” lies in improper type conversion, which allows attackers to trigger a service failure.

The vulnerability of the Rust generator library, Generator-rs, is related to the lack of restrictions on the use of types that are not of the Send type. Exploiting this vulnerability allows a remote attacker to cause a service failure...

CVE-2022-24125

The matchmaking servers of Bandai Namco FromSoftware Dark Souls III through 2022-03-19 allow remote attackers to send arbitrary push requests to clients via a RequestSendMessageToPlayers request. For example, ability to send a push message to hundreds of thousands of machines is only restricted o...

CVE-2022-24074

Whale Bridge, a default extension in Whale browser before 3.12.129.18, allowed to receive any SendMessage request from the content script itself that could lead to controlling Whale Bridge if the rendering process compromises...