GHSA-VXQ2-P937-3PX3 Pinned entity creation form shows wrong data

Impact Logged in user can access page state data of pinned pages of other users by pageId hash. Patch patch --- src/Oro/Bundle/NavigationBundle/Controller/Api/PagestateController.php +++ src/Oro/Bundle/NavigationBundle/Controller/Api/PagestateController.php @@ -158,6 +158,13 @@...

SUSE-SU-2024:0961-1 Security update for zziplib

This update for zziplib fixes the following issues: - CVE-2020-18770: Fixed denial-of-service in function zzipdiskentrytofileheader in mmapped.c bsc1214577...

CVE-2024-29036

Saleor Storefront is software for building e-commerce experiences. Prior to commit 579241e75a5eb332ccf26e0bcdd54befa33f4783, when any user authenticates in the storefront, anonymous users are able to access their data. The session is leaked through cache and can be accessed by anyone. Users shoul...

CVE-2024-21652 Argo CD vulnerable to Bypassing of Brute Force Protection via Application Crash and In-Memory Data Loss

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Prior to versions 2.8.13, 2.9.9, and 2.10.4, an attacker can exploit a chain of vulnerabilities, including a Denial of Service DoS flaw and in-memory data storage weakness, to effectively bypass the application's brute forc...

CVE-2023-34980

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 4.5.4.2627...

Multiple vulnerabilities in SKYSEA Client View

Overview SKYSEA Client View provided by Sky Co.,LTD. is an Enterprise IT Asset Management Tool. SKYSEA Client View contains multiple vulnerabilities listed below. Improper access control in the specific folder CWE-276 - CVE-2024-21805 Improper access control in the resident process CWE-749 -...

CVE-2024-20023

In flashc, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541638; Issue ID: ALPS08541638...

PT-2024-18740 · Unknown · Little Kernel

Name of the Vulnerable Software and Affected Versions: Little Kernel in bootloader versions prior to SMR Mar-2024 Release 1 Description: A heap overflow issue in Little Kernel in bootloader allows local privileged attackers to execute arbitrary code. This issue persists even after reboots and...

CVE-2023-52480 ksmbd: fix race condition between session lookup and expire

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix race condition between session lookup and expire Thread A + Thread B ksmbdsessionlookup | smb2sesssetup sess = xaload | | | xaerase&conn-sessions, sess-id; | | ksmbdsessiondestroysess -- kfreesess | // UAF! |...

CVE-2021-46926

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: intel-sdw-acpi: harden detection of controller The existing code currently sets a pointer to an ACPI handle before checking that it's actually a SoundWire controller. This can lead to issues where the graph walk...

PT-2024-13049 · Liferay · Liferay Dxp +1

Name of the Vulnerable Software and Affected Versions: Liferay Portal versions 7.4.3.8 through 7.4.3.97 Liferay DXP 2023.Q3 before patch 5 Liferay DXP versions 7.4 update 4 through 92 Description: A reflected cross-site scripting XSS issue exists in the Language Override edit screen, allowing...

PT-2024-19594 · Strangebee · Thehive

Name of the Vulnerable Software and Affected Versions: StrangeBee TheHive versions 5.1.0 through 5.1.9 StrangeBee TheHive versions 5.2.0 through 5.2.8 Description: The issue concerns a Cross Site Scripting XSS vulnerability in the case attachment functionality. This allows an attacker to upload a...

CLSA-2023-1701971779 microcode_ctl: Fix of CVE-2023-23583

Update Intel CPU microcode to microcode-20231114 release, addresses CVE-2023-23583 INTEL-SA-00950: - Update of 06-6a-06/0x87 ICX-SP D0 microcode in 06-6a-06 from revision 0xd0003a5 up to 0xd0003b9; - Update of 06-6c-01/0x10 ICL-D B0 microcode in 06-6c-01 from revision 0x1000230 up to 0x1000268; -...

CVE-2023-49097 ZITADEL vulnerable account takeover via malicious host header injection

ZITADEL is an identity infrastructure system. ZITADEL uses the notification triggering requests Forwarded or X-Forwarded-Host header to build the button link sent in emails for confirming a password reset with the emailed code. If this header is overwritten and a user clicks the link to a malicio...

AZL-32051 CVE-2023-49083 affecting package python-cryptography for versions less than 3.3.2-6

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Calling loadpempkcs7certificates or loadderpkcs7certificates could lead to a NULL-pointer dereference and segfault. Exploitation of this vulnerability poses a serious risk of Denial of Service...

aiohttp's ClientSession is vulnerable to CRLF injection via method

Summary Improper validation makes it possible for an attacker to modify the HTTP request e.g. insert a new header or even create a new HTTP request if the attacker controls the HTTP method. Details The vulnerability occurs only if the attacker can control the HTTP method GET, POST etc. of the...

CVE-2023-48701 Statamic CMS vulnerable to Cross-site Scripting via uploaded assets

Statamic CMS is a Laravel and Git powered content management system CMS. Prior to versions 3.4.15 an 4.36.0, HTML files crafted to look like images may be uploaded regardless of mime validation. This is only applicable on front-end forms using the "Forms" feature containing an assets field, or...

GHSA-48M6-WM5P-RR6H Insufficient covariance check makes self_cell unsound

All public versions prior to 1.02 used an insufficient check to ensure that users correctly marked the dependent type as either covariant or notcovariant. This allowed users to mark a dependent as covariant even though its type was not covariant but invariant, for certain invariant types involvin...

PT-2023-29808 · Unknown · Phpgurukul Teacher Subject Allocation Management System

Name of the Vulnerable Software and Affected Versions: phpgurukul Teacher Subject Allocation Management System version 1.0 Description: The issue concerns a Cross Site Scripting XSS vulnerability. This vulnerability allows attackers to run arbitrary code via the adminname and email parameters in...

GHSA-83J2-QHX2-P7JC PrestaShop blockreassurance BO User can remove any file from server when adding a and deleting a block

Impact When adding a block in blockreassurance module, a BO user can modify the http request and give the path of any file in the project instead of an image. When deleting the block from the BO, the file will be deleted. It is possible to make the website completely unavailable by removing...