MeterSphere Denial of Service Vulnerability

MeterSphere is MeterSphere open source one-stop open source continuous testing platform. MeterSphere 2.9.1 and previous versions of a denial of service vulnerability , the vulnerability stems from the submission of a very long password during login , it will force the system to perform a long...

CVE-2023-32699 MeterSphere denial of service vulnerability

MeterSphere is an open source continuous testing platform. Version 2.9.1 and prior are vulnerable to denial of service. ​The checkUserPassword method is used to check whether the password provided by the user matches the password saved in the database, and the CodingUtil.md5 method is used to...

curl: Incorrect handling of control code characters in cookies

A vulnerability found in curl. This security flaw happens when curl is used to retrieve and parse cookies from an HTTPS server, where it accepts cookies using control codes byte values below 32, and also when cookies that contain such control codes are later sent back to an HTTPS server, possibly...

Vulnerabilities fixed in Zoom

Zoom has fixed vulnerabilities in the Zoom client for various platforms. An unauthenticated remote malicious person could exploit the exploit the vulnerabilities to cause a denial-of-service. A local malicious person can grant themselves elevated privileges through vulnerabilities in the installe...

SUSE CVE-2020-9283

golang.org/x/crypto before v0.0.0-20200220183623-bac4c82f6975 for Go allows a panic during signature verification in the golang.org/x/crypto/ssh package. A client can attack an SSH server that accepts public keys. Also, a server can attack any SSH client...

SUSE CVE-2020-12662

Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records...

Images Optimize and Upload CF7 <= 2.1.4 - Unauthenticated Arbitrary File Deletion

The plugin does not validate the file to be deleted via an AJAX action available to unauthenticated users, which could allow them to delete arbitrary files on the server via path traversal attack. PoC 1. Install contact-form-7 dependency 2. Install the vulnerable plugin...

curl: CERTINFO never-ending busy-loop

A vulnerability was found in curl. This issue occurs due to an erroneous function. A malicious server could make curl within Network Security Services NSS get stuck in a never-ending busy loop when trying to retrieve that information. This flaw allows an Infinite Loop, affecting system availabili...

MGASA-2022-0447 Updated freerdp packages fix security vulnerability

In affected versions there is an out of bound read in ZGFX decoder component of FreeRDP. A malicious server can trick a FreeRDP based client to read out of bound data and try to decode it likely resulting in a crash. CVE-2022-39316 Affected versions of FreeRDP are missing a range check for input...

CVE-2021-36369

An issue was discovered in Dropbear through 2020.81. Due to a non-RFC-compliant check of the available authentication methods in the client-side SSH code, it is possible for an SSH server to change the login process in its favor. This attack can bypass additional security measures such as FIDO2...

Matrix 安全漏洞

Matrix is an ambitious new ecosystem for open federated instant messaging and VoIP. A security vulnerability in Matrix matrix-sdk-crypto prior to version 0.5 stems from a vulnerability that allows a malicious home server to insert a room key of questionable validity into the keystore under certai...

CVE-2022-36069

Poetry is a dependency manager for Python. When handling dependencies that come from a Git repository instead of a registry, Poetry uses various commands, such as git clone. These commands are constructed using user input e.g. the repository URL. When building the commands, Poetry correctly avoid...

CVE-2022-36070

Poetry is a dependency manager for Python. To handle dependencies that come from a Git repository, Poetry executes various commands, e.g. git config. These commands are being executed using the executable’s name and not its absolute path. This can lead to the execution of untrusted code due to th...

CVE-2022-36261

An arbitrary file deletion vulnerability was discovered in taocms 3.0.2, that allows attacker to delete file in server when request url admin.php?action=file&ctrl=del&path=/../../../test.txt...

CVE-2022-29154

An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The server chooses which files/directories are sent to the client. However, the rsync client performs insufficient validation of file names. A...

CVE-2022-34781

Missing permission checks in Jenkins XebiaLabs XL Release Plugin 22.0.0 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

CVE-2022-22784

The Zoom Client for Meetings for Android, iOS, Linux, MacOS, and Windows before version 5.10.0 failed to properly parse XML stanzas in XMPP messages. This can allow a malicious user to break out of the current XMPP message context and create a new message context to have the receiving users clien...

CVE-2021-42171

Zenario CMS 9.0.54156 is vulnerable to File Upload. The web server can be compromised by uploading and executing a web-shell which can run commands, browse system files, browse local resources, attack other servers, and exploit the local vulnerabilities, and so forth...

CVE-2021-42171

CVE-2021-42171 affects Zenario CMS 9.0.54156 and is a file-upload vulnerability that allows remote code execution. The root cause, per the sources, is lack of validation of uploaded files. Exploitation exists in public advisories (e.g., Exploit-DB) demonstrating an authenticated path to achieve R...

Path traversal

Path traversal vulnerability in GroupSession Free edition ver5.1.1 and earlier, GroupSession byCloud ver5.1.1 and earlier, and GroupSession ZION ver5.1.1 and earlier allows an attacker with an administrative privilege to obtain sensitive information stored in the hierarchy above the directory on...