385 matches found
GHSA-338X-HFX8-VX9X Apache Karaf Cave: Cave SSRF and arbitrary file access
This issue affects all versions of Apache Karaf Cave. As this project is retired, there are no plans to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users. NOTE: This vulnerability only affects products that ar...
IBM Integration Bus 跨站请求伪造漏洞
IBM Integration Bus IBM WebSphere Message Broker is an enterprise service bus ESB product from International Business Machines IBM. The product provides connectivity and common data transformation for Service Oriented Architecture SOA environments and non-SOA environments. A cross-site request...
BIT-DISCOURSE-2022-21684 User can bypass approval when invited to Discourse
Discourse is an open source discussion platform. Versions prior to 2.7.13 in stable, 2.8.0.beta11 in beta, and 2.8.0.beta11 in tests-passed allow some users to log in to a community before they should be able to do so. A user invited via email to a forum with mustapproveusers enabled is going to ...
BIT-GHOST-2022-28397
An arbitrary file upload vulnerability in the file upload module of Ghost CMS v4.42.0 allows attackers to execute arbitrary code via a crafted file. NOTE: Vendor states as detailed in Ghost's security documentation, files can only be uploaded and published by trusted users, this is intentional...
PT-2024-2109 · Jenkins · Jenkins Html Publisher Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins HTML Publisher Plugin versions 1.32 and earlier Description: The issue exists due to the lack of protection for the web page structure. This can be exploited by a remote attacker to conduct cross-site scripting attacks. The...
CVE-2023-47718
IBM Maximo Asset Management 7.6.1.3 and Manage Component 8.10 through 8.11 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 271843...
libgit2: Privilege Escalation Vulnerability
Background libgit2 is a portable, pure C implementation of the Git core methods provided as a re-entrant linkable library with a solid API. Description A vulnerability has been discovered in libgit2. Please review the CVE identifier referenced below for details. Impact Usages of a malicious craft...
GHSA-7HFX-H3J3-RWQ4 D-Tale server-side request forgery through Web uploads
Impact Users hosting D-Tale publicly can be vulnerable to server-side request forgery SSRF allowing attackers to access files on the server. Patches Users should upgrade to version 3.9.0 where the "Load From the Web" input is turned off by default. You can find out more information on how to turn...
CVE-2024-21642 D-Tale server-side request forgery through Web uploads
D-Tale is a visualizer for Pandas data structures. Users hosting versions D-Tale prior to 3.9.0 publicly can be vulnerable to server-side request forgery SSRF, allowing attackers to access files on the server. Users should upgrade to version 3.9.0, where the Load From the Web input is turned off ...
CVE-2024-21642 D-Tale server-side request forgery through Web uploads
D-Tale is a visualizer for Pandas data structures. Users hosting versions D-Tale prior to 3.9.0 publicly can be vulnerable to server-side request forgery SSRF, allowing attackers to access files on the server. Users should upgrade to version 3.9.0, where the Load From the Web input is turned off ...
CVE-2023-38268
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 260585...
baserCMS 跨站请求伪造漏洞
baserCMS is an enterprise-level content management system CMS from the baserCMS team. A cross-site request forgery vulnerability exists in baserCMS versions prior to 4.8.0, which stems from the content preview feature not adequately verifying whether a request comes from a trusted user. This...
CVE-2023-46134
D-Tale is the combination of a Flask back-end and a React front-end to view & analyze Pandas data structures. Prior to version 3.7.0, users hosting D-Tale publicly can be vulnerable to remote code execution, allowing attackers to run malicious code on the server. This issue has been patched in...
CVE-2023-46134 D-Tale vulnerable to Remote Code Execution through the Custom Filter Input
D-Tale is the combination of a Flask back-end and a React front-end to view & analyze Pandas data structures. Prior to version 3.7.0, users hosting D-Tale publicly can be vulnerable to remote code execution, allowing attackers to run malicious code on the server. This issue has been patched in...
GHSA-JQ6C-R9XF-QXJM dtale vulnerable to Remote Code Execution through the Custom Filter Input
Impact Users hosting D-Tale publicly can be vulnerable to remote code execution allowing attackers to run malicious code on the server. Patches Users should upgrade to version 3.7.0 where the "Custom Filter" input is turned off by default. You can find out more information on how to turn it back ...
Deserialization Of Untrusted Data
Apache Airflow Spark Provider is vulnerable to deserialization of untrusted data. The vulnerability occurs when an authorized Airflow user configures Spark hooks on an Airflow node pointing it to a malicious Spark server in an Airflow deployment causing arbitrary code to be run on that Airflow...
CVE-2023-40195
Deserialization of Untrusted Data, Inclusion of Functionality from Untrusted Control Sphere vulnerability in Apache Software Foundation Apache Airflow Spark Provider. When the Apache Spark provider is installed on an Airflow deployment, an Airflow user that is authorized to configure Spark hooks...
CVE-2023-32360
A vulnerability was found in OpenPrinting CUPS. Unauthorized users are permitted to fetch documents over local or remote networks, leading to confidentiality breach. Mitigation The user can either set 'PreserveJobFiles No' in cupsd.conf which will completely shut off the saving the job files,...
PT-2023-26171 · Indico · Indico
Name of the Vulnerable Software and Affected Versions: Indico versions prior to 3.2.6 Description: There is a Cross-Site-Scripting issue in confirmation prompts used when deleting content from Indico. Exploitation requires someone with at least submission privileges and then someone else to attem...
Privilege escalation
Bludit v3.14.1 was discovered to contain an arbitrary file upload vulnerability in the component /admin/new-content. This vulnerability allows attackers to execute arbitrary web scripts or HTML via uploading a crafted SVG file. NOTE: the product's security model is that users are trusted by the...