Lucene search
+L

355 matches found

Code423n4
Code423n4
added 2023/06/09 12:0 a.m.16 views

When deploying contracts in PermissionedNodeRegistry.deployWithdrawVault(), PermissionlessNodeRegistry.deployWithdrawVault(), an attacker can find out in advance the address of the future deployed contract and deploy his own at this address

Lines of code Vulnerability details Impact The address of the new contract depends solely on the salt parameter, which is calculated from user-provided data. Once a user's create transaction is broadcast, the parameters for calculating salt can be viewed by anyone viewing the public mempool. This...

6.8AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2023/05/23 8:15 p.m.3 views

CVE-2023-2703

Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Finex Media Competition Management System allows Retrieve Embedded Sensitive Data, Collect Data as Provided by Users. This issue affects Competition Management System: before 23.07...

7.5CVSS7.1AI score0.00565EPSS
Exploits0References3
OSV
OSV
added 2023/05/10 11:41 a.m.30 views

CVE-2023-1732 Improper random reading in CIRCL

When sampling randomness for a shared secret, the implementation of Kyber and FrodoKEM, did not check whether crypto/rand.Read returns an error. In rare deployment cases error thrown by the Read function, this could lead to a predictable shared secret. The tkn20 and blindrsa components did not...

5.3CVSS6.6AI score0.00386EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/04/05 12:0 a.m.15 views

CVE-2023-20102 Cisco Secure Network Analytics Remote Code Execution Vulnerability

A vulnerability in the web-based management interface of Cisco Secure Network Analytics could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system. This vulnerability is due to insufficient sanitization of user-provided data that is parsed into syst...

8.8CVSS7.9AI score0.01005EPSS
Exploits0References1
NVD
NVD
added 2023/04/03 2:15 p.m.45 views

CVE-2022-27665

Reflected XSS via AngularJS sandbox escape expressions exists in Progress Ipswitch WSFTP Server 8.6.0. This can lead to execution of malicious code and commands on the client due to improper handling of user-provided input. By inputting malicious payloads in the subdirectory searchbar or Add fold...

6.1CVSS7AI score0.33112EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/03/29 8:13 p.m.34 views

CVE-2023-28506 Stack buffer overflow in UniRPC service

Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a stack-based buffer overflow, where a string is copied into a buffer using a memcpy-like function and a user-provided length. This requires a valid login t...

8.9AI score0.00911EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/03/08 12:0 a.m.34 views

EulerOS 2.0 SP9 : sudo (EulerOS-SA-2023-1459)

According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Sudo before 1.9.12p2, the sudoedit aka -e feature mishandles extra arguments passed in the user- provided environment variables SUDOEDITOR,...

7.8CVSS8.2AI score0.55367EPSS
Exploits20References2
OSV
OSV
added 2023/02/24 6:48 p.m.58 views

GHSA-F598-MFPV-GMFX Sequelize - Default support for “raw attributes” when using parentheses

Impact Sequelize 6.28.2 and prior has a dangerous feature where using parentheses in the attribute option would make Sequelize use the string as-is in the SQL ts User.findAll attributes: 'countid', 'count' ; Produced sql SELECT countid AS "count" FROM "users" Patches This feature was deprecated i...

10CVSS9.3AI score0.00831EPSS
Exploits0References9
F5 Networks
F5 Networks
added 2023/02/20 8:51 a.m.53 views

K000132667: Sudo vulnerability CVE-2023-22809

Security Advisory Description In Sudo before 1.9.12p2, the sudoedit aka -e feature mishandles extra arguments passed in the user-provided environment variables SUDOEDITOR, VISUAL, and EDITOR, allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to...

7.8CVSS8.4AI score0.55367EPSS
Exploits20
Github Security Blog
Github Security Blog
added 2023/02/08 10:38 p.m.57 views

@sideway/formula contains Regular Expression Denial of Service (ReDoS) Vulnerability

Impact User-provided strings to formula's parser might lead to polynomial execution time. Patches Users should upgrade to 3.0.1+. Workarounds None...

6.5CVSS6.4AI score0.00611EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/01/24 12:0 a.m.48 views

AlmaLinux 8 : sudo (ALSA-2023:0284)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2023:0284 advisory. - In Sudo before 1.9.12p2, the sudoedit aka -e feature mishandles extra arguments passed in the user- provided environment variables SUDOEDITOR, VISUAL, and EDITOR...

7.8CVSS8.2AI score0.55367EPSS
Exploits20References2
Tenable Nessus
Tenable Nessus
added 2023/01/23 12:0 a.m.37 views

RHEL 8 : sudo (RHSA-2023:0283)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:0283 advisory. The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged...

7.8CVSS8.4AI score0.55367EPSS
Exploits20References4
Positive Technologies
Positive Technologies
added 2023/01/18 12:0 a.m.6 views

PT-2023-1077 · Sudo +11 · Sudo +11

Name of the Vulnerable Software and Affected Versions: Sudo versions 1.8.0 through 1.9.12p1 Description: The issue is related to the sudoedit feature in Sudo, which mishandles extra arguments passed in user-provided environment variables, such as SUDO EDITOR, VISUAL, and EDITOR. This allows a loc...

9.8CVSS6.6AI score0.55367EPSS
Exploits30References268
NVD
NVD
added 2023/01/03 7:15 p.m.19 views

CVE-2022-45143

The JsonErrorReportValve in Apache Tomcat 8.5.83, 9.0.40 to 9.0.68 and 10.1.0-M1 to 10.1.1 did not escape the type, message or description values. In some circumstances these are constructed from user provided data and it was therefore possible for users to supply values that invalidated or...

7.5CVSS7.5AI score0.02505EPSS
Exploits0References3
Prion
Prion
added 2023/01/03 7:15 p.m.34 views

Design/Logic Flaw

The JsonErrorReportValve in Apache Tomcat 8.5.83, 9.0.40 to 9.0.68 and 10.1.0-M1 to 10.1.1 did not escape the type, message or description values. In some circumstances these are constructed from user provided data and it was therefore possible for users to supply values that invalidated or...

5CVSS7.3AI score0.02505EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2023/01/03 6:12 p.m.122 views

CVE-2022-45143

The JsonErrorReportValve in Apache Tomcat 8.5.83, 9.0.40 to 9.0.68 and 10.1.0-M1 to 10.1.1 did not escape the type, message or description values. In some circumstances these are constructed from user provided data and it was therefore possible for users to supply values that invalidated or...

7.5CVSS8.3AI score0.02505EPSS
Exploits0
OSV
OSV
added 2023/01/03 6:12 p.m.19 views

CVE-2022-45143 Apache Tomcat: JsonErrorReportValve escaping

The JsonErrorReportValve in Apache Tomcat 8.5.83, 9.0.40 to 9.0.68 and 10.1.0-M1 to 10.1.1 did not escape the type, message or description values. In some circumstances these are constructed from user provided data and it was therefore possible for users to supply values that invalidated or...

7.5CVSS6.9AI score0.02505EPSS
Exploits0References5
Kitploit
Kitploit
added 2022/11/28 1:30 p.m.22 views

EvilTree - A Remake Of The Classic "Tree" Command With The Additional Feature Of Searching For User Provided Keywords/Regex In Files, Highlighting Those That Contain Matche

A standalone python3 remake of the classic "tree" command with the additional feature of searching for user provided keywords/regex in files, highlighting those that contain matches. Created for two main reasons: While searching for secrets in files of nested directory structures, being able to...

7.1AI score
Exploits0References4
Apache Tomcat
Apache Tomcat
added 2022/11/14 12:0 a.m.48 views

Fixed in Apache Tomcat 10.1.2

Low: Apache Tomcat JsonErrorReportValve injection CVE-2022-45143 The JsonErrorReportValve did not escape the type, message or description values. In some circumstances these are constructed from user provided data and it was therefore possible for users to supply values that invalidated or...

7.5CVSS7.5AI score0.02505EPSS
Exploits0Affected Software1
Check Point Advisories
Check Point Advisories
added 2022/10/31 12:0 a.m.44 views

Jenkins GitLab Plugin Cross-Site Scripting (CVE-2022-34777)

A stored cross-site scripting vulnerability exists in Jenkins GitLab Plugin. This vulnerability is due to insufficient validation of user provided fields in the build cause of webhook triggered builds...

3.5CVSS1.5AI score0.72518EPSS
Exploits0
Rows per page
Query Builder