188 matches found
Incorrect Authorization
Apache Pulsar is vulnerable to Incorrect Authorization. The vulnerability is due to improper permission checks, which allows an attacker to perform operations such as unloading topics or triggering compaction. Additionally, the vulnerability allows an authenticated user to read, create, modify, a...
CVE-2024-26614
In the Linux kernel, the following vulnerability has been resolved: tcp: make sure init the acceptqueue's spinlocks once When I run syz's reproduction C program locally, it causes the following issue: pvqspinlock: lock 0xffff9d181cd5c660 has corrupted value 0x0! WARNING: CPU: 19 PID: 21160 at...
Information disclosure
A missing permission check in Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier allows attackers with Item/Read permission to trigger a build...
CVE-2024-28159
CVE-2024-28159 affects Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier. The issue is a missing permission check in the plugin, allowing attackers with Item/Read permission to trigger a build via an HTTP endpoint. This is the core risk described across multiple sources (NVD/Red...
CVE-2021-46934
In the Linux kernel, the following vulnerability has been resolved: i2c: validate user data in compat ioctl Wrong user data may cause warning in i2ctransfer, ex: zero msgs. Userspace should not be able to trigger warnings, so this patch adds validation checks for user data in compact ioctl to...
Team Members < 5.3.2 - Author+ Stored XSS
Description The plugin does not validate and escape some of its Team options attributes before outputting them back in a page/post where the related shortcode is embed, which could allow users with the author role and above to perform Stored Cross-Site Scripting attacks. 1. Create/edit a team and...
Mozilla: Failure to update user input timestamp
The Mozilla Foundation Security Advisory describes this flaw as: It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an incorrect timestamp used to prevent input after page load...
CVE-2023-35995
Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability...
CVE-2023-49920
Apache Airflow, version 2.7.0 through 2.7.3, has a vulnerability that allows an attacker to trigger a DAG in a GET request without CSRF validation. As a result, it was possible for a malicious website opened in the same browser - by the user who also had Airflow UI opened - to trigger the executi...
CVE-2023-49097 ZITADEL vulnerable account takeover via malicious host header injection
ZITADEL is an identity infrastructure system. ZITADEL uses the notification triggering requests Forwarded or X-Forwarded-Host header to build the button link sent in emails for confirming a password reset with the emailed code. If this header is overwritten and a user clicks the link to a malicio...
CVE-2023-49097 ZITADEL vulnerable account takeover via malicious host header injection
ZITADEL is an identity infrastructure system. ZITADEL uses the notification triggering requests Forwarded or X-Forwarded-Host header to build the button link sent in emails for confirming a password reset with the emailed code. If this header is overwritten and a user clicks the link to a malicio...
ZITADEL Account Takeover via Malicious Host Header Injection
Impact ZITADEL uses the notification triggering requests Forwarded or X-Forwarded-Host header to build the button link sent in emails for confirming a password reset with the emailed code. If this header is overwritten and a user clicks the link to a malicious site in the email, the secret code c...
CVE-2023-48240 XWiki Platform sends cookies to external images in rendered diff and is vulnerable to server side request forgery
XWiki Platform is a generic wiki platform. The rendered diff in XWiki embeds images to be able to compare the contents and not display a difference for an actually unchanged image. For this, XWiki requests all embedded images on the server side. These requests are also sent for images from other...
[SECURITY] Fedora 37 Update: watchman-2021.05.10.00-24.fc37
Watchman exists to watch files and record when they actually change. It can a lso trigger actions such as rebuilding assets when matching files change...
CVE-2023-40349
The CVE-2023-40349 entry concerns Jenkins Gogs Plugin (versions 1.0.15 and earlier). The vulnerability arises from improper initialization of the option intended to secure the webhook endpoint, allowing unauthenticated attackers to trigger builds of jobs. The advisory notes that the webhook endpo...
PT-2023-27406 · Jenkins · Jenkins Gogs Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Gogs Plugin versions 1.0.15 and earlier Description: The Jenkins Gogs Plugin improperly initializes an option to secure its webhook endpoint, allowing unauthenticated attackers to trigger builds of jobs. The plugin provides a webhook...
CVE-2022-47937
CVE-2022-47937 concerns the Apache Sling Commons JSON bundle. The vulnerability arises from improper input validation in the org.apache.sling.commons.json component, allowing a network attacker to trigger unexpected errors by sending specially crafted input. The bundled library is deprecated (sin...
Why Honeytokens Are the Future of Intrusion Detection
A few weeks ago, the 32nd edition of RSA, one of the world's largest cybersecurity conferences, wrapped up in San Francisco. Among the highlights, Kevin Mandia, CEO of Mandiant at Google Cloud, presented a retrospective on the state of cybersecurity. During his keynote, Mandia stated: "There are...
CVE-2023-30519
A missing permission check in Jenkins Quay.io trigger Plugin 0.1 and earlier allows unauthenticated attackers to trigger builds of jobs corresponding to the attacker-specified repository...
CVE-2023-30519
A missing permission check in Jenkins Quay.io trigger Plugin 0.1 and earlier allows unauthenticated attackers to trigger builds of jobs corresponding to the attacker-specified repository...