12 matches found
kernel: "Dirty Frag" ESP XFRM variant is a new universal Local Privilege Escalation (LPE) vulnerability in the Linux kernel
A flaw was found in the Linux kernel's xfrm-ESP and RxRPC subsystems. Unsafe in-place cryptographic processing of shared socket buffer fragments allows a low-privileged local attacker to corrupt page-cache contents of readable files, including sensitive system files, and gain root privileges. The...
GHSA-7JXJ-RPX7-PH2C Umbraco.Forms CDN may cache sensitive form uploads when processed by ImageSharp
Impact Protected files uploaded through Umbraco Forms may be served to unauthenticated users when a CDN or caching layer is present and ImageSharp processes the request. ImageSharp sets aggressive cache headers by default, which can cause intermediary caches to store and serve files that should...
Linux Distros Unpatched Vulnerability : CVE-2023-49088
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source operational monitoring and fault management framework. The fix applied for CVE-2023-39515 in version 1.2.25 is incomplete as it enables ...
CVE-2021-29004
rConfig 3.9.6 is affected by SQL Injection. A user must be authenticated to exploit the vulnerability. If --secure-file-priv in MySQL server is not set and the Mysql server is the same as rConfig, an attacker may successfully upload a webshell to the server and access it remotely...
CVE-2021-21370
TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1 it has been discovered that content elements of type menu are vulnerable to cross-site scripting when their referenced items get previewed in the page module. A valid...
CVE-2024-29833
The image upload component allows SVG files and the regular expression used to remove script tags can be bypassed by using a Cross Site Scripting payload which does not match the regular expression; one example of this is the inclusion of whitespace within the script tag. An attacker must target ...
Container Breakout (Leaky Vessels)
Overview Affected versions of this package are vulnerable to Container Breakout Leaky Vessels. Due to certain leaked file descriptors, an attacker could cause a newly-spawned container process from runc exec to have a working directory in the host filesystem namespace, allowing for a container...
CVE-2021-36843 WordPress Floating Social Media Icon plugin <= 4.3.5 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered in WordPress Floating Social Media Icon plugin versions = 4.3.5 Social Media Configuration form. Requires high role user like admin...
PT-2021-8242 · Rockwell Automation · Rockwell Automation Arena
Name of the Vulnerable Software and Affected Versions: Rockwell Automation Arena affected versions not specified Description: A third-party vulnerability exists in the Rockwell Automation Arena that could allow a threat actor to write beyond the boundaries of allocated memory in a DOE file. If...
CVE-2008-6800
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is not a security issue. It was originally created based on one vendor's misinterpretation of an upstream changelog comment that referred to a race condition in the winbind daemon aka winbindd in Samba...
MusicDaemon <= 0.0.3 v2 Remote DoS and /etc/shadow Stealer
No description provided by source. / MusicDaemon = 0.0.3 v2 Remote /etc/shadow Stealer / DoS Vulnerability discovered by: Tal0n 05-22-04 Exploit code by: Tal0n 05-22-04 Greets to: atomix, vile, ttl, foxtrot, uberuser, d4rkgr3y, blinded, wsxz, serinth, phreaked, h3x4gr4m, xaxisx, hex, phawnky,...
FreeBSD 3.3 - gdc Symlink
FreeBSD 3.3 - gdc Symlink source: https://www.securityfocus.com/bid/835/info It is possible to write debug ouput from gdc to a file /var/tmp/gdbdump. Unfortunately, gdc follows symbolic links which can be created in tmp and will overwrite any file on the system thanks to it being setiud root. Thi...