PT-2024-19408 · Unknown · Group-Office

Name of the Vulnerable Software and Affected Versions: Group-Office versions prior to 6.8.29 Description: The issue is related to the file upload mechanism in Group-Office, allowing an attacker to execute arbitrary JavaScript code by embedding it within a file's name. For example, using a filenam...

EulerOS 2.0 SP10 : python-configobj (EulerOS-SA-2024-1070)

According to the versions of the python-configobj package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - All versions of the package configobj are vulnerable to Regular Expression Denial of Service ReDoS via the validate function, using...

DEBIAN-CVE-2023-0437

When calling bsonutf8validate on some inputs a loop with an exit condition that cannot be reached may occur, i.e. an infinite loop. This issue affects All MongoDB C Driver versions prior to versions 1.25.0...

UBUNTU-CVE-2023-0437

When calling bsonutf8validate on some inputs a loop with an exit condition that cannot be reached may occur, i.e. an infinite loop. This issue affects All MongoDB C Driver versions prior to versions 1.25.0...

CVE-2023-0437 MongoDB client C Driver may infinitely loop when validating certain BSON input data

When calling bsonutf8validate on some inputs a loop with an exit condition that cannot be reached may occur, i.e. an infinite loop. This issue affects All MongoDB C Driver versions prior to versions 1.25.0...

GHSA-XGPM-Q3MQ-46RQ PrestaShop some attribute not escaped in Validate::isCleanHTML method

Description Some event attributes are not detected by the isCleanHTML method Impact Some modules using the isCleanHTML method could be vulnerable to xss Patches 8.1.3, 1.7.8.11 Workarounds The best workaround is to use the HTMLPurifier library to sanitize html input coming from users. The library...

CVE-2023-48604 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...

Remote Code Execution (RCE)

Overview Affected versions of this package are vulnerable to Remote Code Execution RCE via the ValidateVersion function. An attacker with administrative access can set up a network share and supply a UNC path to the /System/MediaEncoder/Path endpoint, which points to an executable on the network...

CVE-2023-49607

Mattermost fails to validate the type of the "reminder" body request parameter allowing an attacker to crash the Playbook Plugin when updating the status dialog...

PT-2023-8278 · Ivanti · Ivanti Avalanche

Name of the Vulnerable Software and Affected Versions: Ivanti Avalanche affected versions not specified Description: The issue is related to a Server-Side Request Forgery SSRF in the Ivanti Avalanche Remote Control server. An unauthenticated attacker could send a specifically crafted web request ...

WordPress plugin Contact Form security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A security vulnerability exists in WordPress plugin...

Exploit for CVE-2023-38646

CVE-2023-38646 Metabase Pre-Auth RCE 11/26/2023 Metabase ope...

ShortCodes UI <= 1.9.8 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

mod_auth_openidc: Open Redirect in oidc_validate_redirect_url() using tab character

An open redirect vulnerability was found in modauthopenidc, an OpenID Certified™ authentication and authorization module for the Apache 2.x HTTP server. When providing a logout parameter to the redirect URI, the existing code in oidcvalidateredirecturl does not properly check for URLs that start...

The vulnerability of the Validate JSP File function in the IntelliJ IDEA integrated development environment allows attackers to load any JAR files they desire.

The vulnerability of the Validate JSP File function in the IntelliJ IDEA integrated development environment is related to the transmission of critical information in open text. Exploiting this vulnerability allows a malicious actor to download arbitrary JAR files remotely...

Rocky Linux 8 : nodejs:12 (RLSA-2021:0549)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:0549 advisory. - The utilities function in all versions = 0.5.0 of the deep-extend node module can be tricked into modifying the prototype of Object when the attacker...

Rocky Linux 8 : nodejs:10 (RLSA-2021:0548)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:0548 advisory. - Versions of the npm CLI prior to 6.14.6 are vulnerable to an information exposure vulnerability through log files. The CLI supports URLs like ://:@::/...

Design/Logic Flaw

Mattermost fails to properly validate requests to the Calls plugin, allowing an attacker sending a request without a User Agent header to cause a panic and crash the Calls plugin...

CVE-2023-5967 Denial of Service via crashing the Calls Plugin

Mattermost fails to properly validate requests to the Calls plugin, allowing an attacker sending a request without a User Agent header to cause a panic and crash the Calls plugin...

Rocky Linux 8 : nodejs:14 (RLSA-2021:0551)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:0551 advisory. - An issue was discovered in ajv.validate in Ajv aka Another JSON Schema Validator 6.12.2. A carefully crafted JSON schema could be provided that allows...