CVE-2024-27920 Unsigned code template execution through workflows in projectdiscovery/nuclei

projectdiscovery/nuclei is a fast and customisable vulnerability scanner based on simple YAML based DSL. A significant security oversight was identified in Nuclei v3, involving the execution of unsigned code templates through workflows. This vulnerability specifically affects users utilizing cust...

CVE-2024-27920

The CVE covers projectdiscovery/nuclei where unsigned code templates could be executed via workflows in Nuclei v3. root cause: oversight in workflow execution that allows executing unsigned templates. Impact: local execution with high severity per listed metrics; effects are mitigation-dependent ...

CVE-2024-27920 Unsigned code template execution through workflows in projectdiscovery/nuclei

projectdiscovery/nuclei is a fast and customisable vulnerability scanner based on simple YAML based DSL. A significant security oversight was identified in Nuclei v3, involving the execution of unsigned code templates through workflows. This vulnerability specifically affects users utilizing cust...

GHSA-W5WX-6G2R-R78Q Nuclei allows unsigned code template execution through workflows

Overview A significant security oversight was identified in Nuclei v3, involving the execution of unsigned code templates through workflows. This vulnerability specifically affects users utilizing custom workflows, potentially allowing the execution of malicious code on the user's system. This...

Nuclei allows unsigned code template execution through workflows

Overview A significant security oversight was identified in Nuclei v3, involving the execution of unsigned code templates through workflows. This vulnerability specifically affects users utilizing custom workflows, potentially allowing the execution of malicious code on the user's system. This...

CVE-2024-26540

A heap-based buffer overflow in Clmg before 3.3.3 can occur via a crafted file to cimglibrary::CImg::loadanalyze...

Nuclei Security Vulnerabilities

Nuclei is a customizable and fast vulnerability scanner based on YAML syntax templates. A security vulnerability exists in nuclei 3.0.0 and later, which stems from allowing the execution of unsigned code templates via a workflow, resulting in malicious code that can be executed on a user's system...

PT-2024-22137

Name of the Vulnerable Software and Affected Versions Nuclei versions prior to 3.2.0 Description A significant security oversight was identified in Nuclei, involving the execution of unsigned code templates through workflows. This issue specifically affects users utilizing custom workflows,...

Missing Critical Step In Authentication

Central Dogma is vulnerable to Missing Critical Step in Authentication. The vulnerability is due accepting unsigned SAML messages assertions, logout requests, etc. as they are when using SAML as the authentication mechanism instead of rejecting them. An attacker can forge a SAML message to...

SUSE CVE-2021-47040

In the Linux kernel, the following vulnerability has been resolved: iouring: fix overflows checks in provide buffers Colin reported before possible overflow and sign extension problems in ioprovidebuffersprep. As Linus pointed out previous attempt did nothing useful, see d81269fecb8ce "iouring: f...

CentOS 9 : shim-unsigned-x64-15.6-1.el9

The remote CentOS Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the shim-unsigned-x64-15.6-1.el9 build changelog. - A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot...

CentOS 9 : protobuf-c-1.3.3-13.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the protobuf-c-1.3.3-13.el9 build changelog. - protobuf-c before 1.4.1 has an unsigned integer overflow in parserequiredmember. CVE-2022-48468 Note that Nessus has not tested for this issue...

DEBIAN-CVE-2021-47040

In the Linux kernel, the following vulnerability has been resolved: iouring: fix overflows checks in provide buffers Colin reported before possible overflow and sign extension problems in ioprovidebuffersprep. As Linus pointed out previous attempt did nothing useful, see d81269fecb8ce "iouring: f...

UBUNTU-CVE-2021-47040

In the Linux kernel, the following vulnerability has been resolved: iouring: fix overflows checks in provide buffers Colin reported before possible overflow and sign extension problems in ioprovidebuffersprep. As Linus pointed out previous attempt did nothing useful, see d81269fecb8ce "iouring: f...

The vulnerability of the `apply_sao_internal<unsigned short>` function (sao.cc) in the h.265 Libde265 codec implementation allows a attacker to cause a service failure.

The vulnerability of the applysaointernal function sao.cc in the h.265 Libde265 implementation is related to writing beyond the buffer boundaries. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

GHSA-HX5Q-V6PJ-533R SAML authentication bypass due to missing validation on unsigned SAML messages

Impact When SAML is used as the authentication mechanism, Central Dogma accepts unsigned SAML messages assertions, logout requests, etc. as they are, rather than rejecting them by default. As a result, an attacker can forge a SAML message to authenticate themselves, despite the fact that such an...

GHSA-4M6J-23P2-8C54 Armeria SAML authentication bypass due to missing validation on unsigned SAML messages

Impact The SAML implementation provided by armeria-saml currently accepts unsigned SAML messages assertions, logout requests, etc. as they are, rather than rejecting them by default. As a result, an attacker can forge a SAML message to authenticate themselves, despite the fact that such an unsign...

PT-2024-40337 · Armeria +1 · Armeria +1

Name of the Vulnerable Software and Affected Versions: Central Dogma versions prior to 0.64.3 Description: The issue arises when SAML is used for authentication, as Central Dogma accepts unsigned SAML messages by default, instead of rejecting them. This allows an attacker to forge SAML messages f...

CVE-2024-1633 FIP Header Integer Overflow

During the secure boot, bl2 the second stage of the bootloader loops over images defined in the table “bl2memparamsdescs”. For each image, the bl2 reads the image length and destination from the image’s certificate. Because of the way of reading from the image, which base on 32-bit unsigned integ...

Buffer Overflow

libzephyr.so is vulnerable to Buffer overflow. The vulnerability is due to signed to unsigned conversion when passing a negative size to memcpy, which can lead to buffer overflow in the esp32ipmsend function...