CVE-2020-27840

A flaw was found in samba. Spaces used in a string around a domain name DN, while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory, resulting in a crash. The highest threat from this vulnerability is to system availability...

GHSA-PW54-MH39-W3HC Regular expression denial of service in npm-user-validate

This affects the package npm-user-validate before 1.0.1. The regex that validates user emails took exponentially longer to process long input strings beginning with @ characters...

jquery-plugin-query-object 安全漏洞

jquery-plugin-query-object is an application. It is used for query string modification and creation in jQuery. A security vulnerability exists in jquery-plugin-query-object 2.2.3, which stems from an improperly controlled modification of the object prototype property that allows a malicious user ...

GetSimple CMS My SMTP Contact 1.1.1 CSRF / Remote Code Execution

Exploit Title: GetSimple CMS My SMTP Contact Plugin = v1.1.1 - CSRF to RCE Exploit Author: Bobby Cooke boku Date: April 15th, 2021 Vendor Homepage: http://get-simple.info Software Link: http://get-simple.info/extend/download.php?file=files/18274/1221/my-smtp-contact1.1.1.zip&id=1221 Vendor:...

CVE-2021-23371

This affects the package chrono-node before 2.2.4. It hangs on a date-like string with lots of embedded spaces...

Npm chrono-node 安全漏洞

Npm chrono-node is an application from Npm USA. Used to handle most date/time formats and extract information from any given text. A security vulnerability exists in Chrono-node prior to version 2.2.4, which stems from the program hanging on date-like strings with a large number of embedded space...

CVE-2021-20021

A vulnerability in the SonicWall Email Security version 10.0.9.x allows an attacker to create an administrative account by sending a crafted HTTP request to the remote host. Recent assessments: wvu-r7 at April 28, 2021 11:04pm UTC reported: CVE-2021-20021 is being exploited in the wild to gain...

Froala Editor Cross-Site Scripting Vulnerability

Froala Editor is a Web-based WYSIWYG rich text editor . A cross-site scripting vulnerability exists in the hyperlink creation module in Froala Editor version 3.2.6. The vulnerability can be exploited to conduct cross-site scripting attacks via specially crafted base64 strings...

Qualcomm 芯片 缓冲区错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc., and from time to time are manufactured on the surface of semiconductor wafers. A security vulnerability exists in a number of Qualcomm products,...

froala editor 跨站脚本漏洞

Froala Editor is a Web-based WYSIWYG rich text editor . A cross-site scripting vulnerability exists in the hyperlink creation module in Froala Editor version 3.2.6. The vulnerability can be exploited to conduct cross-site scripting attacks via specially crafted base64 strings...

Input validation

Improper input validation of octal strings in netmask npm package v1.0.6 and below allows unauthenticated remote attackers to perform indeterminate SSRF, RFI, and LFI attacks on many of the dependent packages. A remote unauthenticated attacker can bypass packages relying on netmask to filter IPs...

CVE-2021-28918

CVE-2021-28918 affects the Node.js netmask module (v1.0.6 and earlier). The vulnerability is due to improper handling of mixed-format IP addresses, allowing a remote attacker to perform SSRF, RFI, and LFI via specially crafted octal literals and reach internal VPNs, LANs, intranets, or adjacent h...

The npm netmask vulnerability explained so you can actually understand it

The popular npm netmask library recently encountered a serious problem, explained as follows: The npm netmask package incorrectly evaluates individual ipv4 octets that contain octal strings as left-stripped integers, leading to an inordinate attack surface on hundreds of thousands of projects tha...

CVE-2021-29418

The netmask package before 2.0.1 for Node.js mishandles certain unexpected characters in an IP address string, such as an octal digit of 9. This in some situations allows attackers to bypass access control that is based on IP addresses. NOTE: this issue exists because of an incomplete fix for...

USN-4888-1 ldb vulnerabilities

Douglas Bagnall discovered that ldb, when used with Samba, incorrectly handled certain LDAP attributes. A remote attacker could possibly use this issue to cause the LDAP server to crash, resulting in a denial of service. CVE-2021-20277 Douglas Bagnall discovered that ldb, when used with Samba,...

Samba 缓冲区错误漏洞

Samba is a set of free software from the Samba team that enables UNIX series operating systems to connect to the SMB/CIFS network protocol of Microsoft Windows operating systems. The program supports sharing printers, transferring data files to each other, and so on. A security vulnerability exis...

RUSTSEC-2021-0041 Denial of service through parsing payloads with too big exponent

The parseduration::parse function allows for parsing duration strings with exponents like 5e5s where under the hood, the BigInt type along with the pow function are used for such payloads. Passing an arbitrarily big exponent makes the parseduration::parse function to process the payload for a ver...

USN-4788-1 iperf3 vulnerability

It was discovered that iperf mishandled certain UTF-8 and UTF-16 strings. A remote attacker could use this vulnerability to cause a denial of service or possibly execute arbitrary code...

GitHub Security Lab: [Java] CWE-598: Use of GET Request Method with Sensitive Query Strings

This bug was reported directly to GitHub Security Lab...

IBM APM 安全漏洞

IBM Application Performance Management APM is a suite of IT service management software from IBM in the United States. The software is primarily used to monitor and manage cloud, on-premise and hybrid applications, and IT infrastructure. A security vulnerability exists in IBM APM version 8.1.4,...