GHSA-3WFP-253J-5JXV SSRF & Credentials Leak

Summary nuxt-api-party allows developers to proxy requests to an API without exposing credentials to the client. A previous vulnerability allowed an attacker to change the baseURL of the request, potentially leading to credentials being leaked or SSRF. This vulnerability is similar, and was cause...

snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode

A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service...

FreeBSD-SA-23:17.pf

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-23:17.pf Security Advisory The FreeBSD Project Topic: TCP spoofing vulnerability in pf4 Category: core Module: pf Announced: 2023-12-05 Credits: Yuxiang Yang, A...

FreeBSD : FreeBSD -- TCP spoofing vulnerability in pf(4) (9cbbc506-93c1-11ee-8e38-002590c1f29c)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 9cbbc506-93c1-11ee-8e38-002590c1f29c advisory. - As part of its stateful TCP connection tracking implementation, pf performs sequence number validatio...

CVE-2023-5768

A vulnerability exists in the HCI IEC 60870-5-104 that affects the RTU500 series product versions listed below. Incomplete or wrong received APDU frame layout may cause blocking on link layer. Error reason was an endless blocking when reading incoming frames on link layer with wrong length...

PT-2023-8765 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a NULL pointer dereference in the Linux kernel's drm/amd/display module. Specifically, during the hibernate sequence, the source context might not have a clk mg...

OESA-2023-1855 microcode_ctl security update

This is a tool to transform and deploy microcode update for x86 CPUs. Security Fixes: Sequence of processor instructions leads to unexpected behavior for some IntelR Processors may allow an authenticated user to potentially enable escalation of privilege and/or information disclosure and/or denia...

Adobe RoboHelp 安全漏洞

Adobe RoboHelp Server is a server-based application for FrameMaker and RoboHelp enterprise users. A path traversal vulnerability exists in Adobe RoboHelp Server, which can be exploited by an attacker to execute arbitrary code on the system by sending a specially crafted URL request that contains...

CVE-2023-47347

Buffer Overflow vulnerability in free5gc 3.3.0 allows attackers to cause a denial of service via crafted PFCP messages whose Sequence Number is mutated to overflow bytes...

CVE-2023-47347

Buffer Overflow vulnerability in free5gc 3.3.0 allows attackers to cause a denial of service via crafted PFCP messages whose Sequence Number is mutated to overflow bytes...

Buffer overflow

Buffer Overflow vulnerability in free5gc 3.3.0 allows attackers to cause a denial of service via crafted PFCP messages whose Sequence Number is mutated to overflow bytes...

First depositor will get twice more minted token for the same amount deposited

Lines of code Vulnerability details Impact The initial depositor stands to gain an unfair amount of RSETH tokens compared to later depositors, as a result of the fixed exchange rate of 1 ether when no RSETH supply exists i.e., no minted tokens are available. Consequently, the first deposit will...

PT-2023-30423 · Free5Gc · Free5Gc

Name of the Vulnerable Software and Affected Versions: free5gc version 3.3.0 Description: The issue allows attackers to cause a denial of service via crafted PFCP messages whose Sequence Number is mutated to overflow bytes. This can be achieved by exploiting a Buffer Overflow vulnerability...

CVE-2023-47347

CVE-2023-47347 affects free5gc version 3.3.0. The root cause is a Buffer Overflow in PFCP message handling, allowing an attacker to cause a denial of service when the PFCP Sequence Number is crafted to overflow bytes. The PT-2023-30423 entry confirms the impact as DoS via crafted PFCP messages an...

free5GC Security Vulnerabilities

free5GC is an open source project for 5th Generation 5G mobile core networks open sourced by free5GC. A security vulnerability exists in free5GC version 3.3.0, which originates from an attacker being able to cause a denial of service using a specially crafted PFCP message mutated to an overflow...

The vulnerability of the OPNsense operating system, related to the lack of measures taken to protect the structure of web pages, allows attackers to execute cross-site scripting attacks.

The vulnerability of the OPNsense operating system is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks using the “sequence” parameter...

CVE-2023-23583

Sequence of processor instructions leads to unexpected behavior for some IntelR Processors may allow an authenticated user to potentially enable escalation of privilege and/or information disclosure and/or denial of service via local access...

The vulnerability of the Dovecot mail server arises from improper elimination of sequence numbers of control and meta-characters, allowing attackers to gain access to confidential data and compromise its integrity.

The vulnerability of the Dovecot mail server is related to improper elimination of sequence control and meta-characters. Exploiting this vulnerability allows a remote attacker to gain access to confidential data and compromise its integrity...

kernel: netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one

In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one Eric Dumazet says: nfconntrackdccppacket has an unique: dh = skbheaderpointerskb, dataoff, sizeofdh, &dh; And nothing more is 'pulled' from the...

kernel: wifi: ath9k: Fix use-after-free in ath9k_hif_usb_disconnect()

A use-after-free flaw was discovered in the ath9k USB Wi-Fi driver in the Linux kernel. During the disconnect and deinitialization sequence ath9khifusbdisconnect, the driver could attempt to access its private data drvpriv after it has already been freed by the hardware teardown call...