openSUSE Security Advisory (SUSE-SU-2024:1923-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Unsafe Reflection in base Component class

Yii2 supports attaching Behaviors to Components by setting properties having the format 'as '. Internally this is done using the set magic method. If the value passed to this method is not an instance of the Behavior class, a new object is instantiated using Yii::createObject$value. However, ther...

Sidekiq vulnerable to a Reflected XSS in Queues Web Page

Description: During the source Code Review of the metrics.erb view of the Sidekiq Web UI, A reflected XSS vulnerability is discovered. The value of substr parameter is reflected in the response without any encoding, allowing an attacker to inject Javascript code into the response of the...

CVE-2024-29184 FreeScout Stored XSS to Privilege Escalation After CSP Bypass

FreeScout is a self-hosted help desk and shared mailbox. A Stored Cross-Site Scripting XSS vulnerability has been identified within the Signature Input Field of the FreeScout Application prior to version 1.8.128. Stored XSS occurs when user input is not properly sanitized and is stored on the...

Price inflation pump

Lines of code Vulnerability details Impact AfEth price can be inflated until severe rounding errors occur. Proof of concept Deposit in AfEth such that totalValue == 1 and thus 1 afEth is minted. Then AfEth.price will be in the open interval $1,2$ AfEth.price $= 1$ is extremely unlikely. Deposit i...

Authorization

The CMS Commander plugin for WordPress is vulnerable to authorization bypass due to the use of an insufficiently unique cryptographic signature on the 'cmscaddsite' function in versions up to, and including, 2.287. This makes it possible for unauthenticated attackers to the plugin to change the...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.04 : OpenSSL vulnerabilities (USN-6119-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6119-1 advisory. Matt Caswell discovered that OpenSSL incorrectly handled certain ASN.1 object identifiers. A remote attacker could possib...

[H-3] Any account can mint or burn an unlimited number of vault tokens and drain the Kangaroo Vault.

Lines of code Vulnerability details Impact This is a failure in setting up access control. Anyone could set the vault address to their address and call the mint/burn function to mint and burn vault tokens. The impact is severe since all the funds in Kangaroo vault can be withdrawn by anyone. Proo...

ConduitController: Smart Contract Initial Owner Vulnerability

Lines of code Vulnerability details Bug Description The createConduit function in the ConduitController smart contract is responsible for deploying new conduits, or contracts that allow registered callers or open "channels" to transfer approved ERC20/721/1155 tokens on their behalf. The function...

MAL-2022-1920 Malicious code in clever-goals-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 99ef7811241a80a34b41104fa6b735b5fba548a07d98a391da3d4aac2e1203fc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-6880 Malicious code in ux-tread-crc-code (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 432450703069dc92f37370ab884a44d4934decfae46baa2d56f140b65cef9d12 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

PYSEC-2021-637

TensorFlow is an open source platform for machine learning. In affected versions TensorFlow's savedmodelcli tool is vulnerable to a code injection as it calls eval on user supplied strings. This can be used by attackers to run arbitrary code on the plaform where the CLI tool runs. However, given...

SUSE: Security Advisory (SUSE-SU-2018:1691-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ruby on Rails vulnerable to code injection

Ruby on Rails before 1.1.5 allows remote attackers to execute Ruby code with "severe" or "serious" impact via a File Upload request with an HTTP header that modifies the LOADPATH variable, a different vulnerability than CVE-2006-4112...

Google Chrome < 44.0.2403.89 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 44.0.2403.89. It is, therefore, affected by multiple vulnerabilities as referenced in the 201507stable-channel-update21 advisory. - The Google V8 engine, as used in Google Chrome before 44.0.2403.89 and QtWebEngineCore ...

Zoph 0.9.1 - Multiple Vulnerabilities

Zoph 0.9.1 - Multiple Vulnerabilities ============================================= MGC ALERT 2014-005 - Original release date: March 5, 2014 - Last revised: November 18, 2014 - Discovered by: Manuel Garcia Cardenas - Severity: 10/10 CVSS Base Score ============================================= I...

Splunk 4.3.3 - Arbitrary File Read

Exploit Title: Splunk = 4.3.3 Reading Arbitrary Files Contents Date: 09/03/2012 Exploit Author: Marcio Almeida [email protected] Vendor Homepage: http://www.splunk.com/ Software Link: http://www.splunk.com/download?r=header Version: 4.3.3 and priors Tested on: Linux...

CVE-2022-46198

...