GSD-2023-1002155 net: mdio: validate parameter addr in mdiobus_get_phy()

net: mdio: validate parameter addr in mdiobusgetphy This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.166 by commit...

CVE-2023-0062

The EAN for WooCommerce WordPress plugin before 4.4.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

List Pages Shortcode < 1.7.6 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC list-page...

CVE-2022-45172

An issue was discovered in LIVEBOX Collaboration vDesk before v018. Broken Access Control can occur under the /api/v1/registration/validateEmail endpoint, the /api/v1/vdeskintegration/user/adduser endpoint, and the /api/v1/registration/changePasswordUser endpoint. The web application is affected ...

CVE-2023-22482

A flaw was found in ArgoCD. GitOps is vulnerable to an improper authorization bug where the API may accept invalid tokens. ID providers include an audience claim in signed tokens, which may be used to restrict which services can accept the token. ArgoCD doesn't properly validate the audience clai...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the validateprotocol function in extensions/autolink.c, which exposes malloc metadata. NOTE: The maintainers believe this is harmless. PoC sh echo "to:[email protected]" | ./src/cmark-gfm -e autolink Remediation...

UBUNTU-CVE-2023-22485

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. In versions prior 0.29.0.gfm.7, a crafted markdown document can trigger an out-of-bounds read in the validateprotocol function. We believe this bug is harmless in practice, because the out-of-bounds...

CVE-2023-22485 cmark-gfm out-of-bounds read in validate_protocol

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. In versions prior 0.29.0.gfm.7, a crafted markdown document can trigger an out-of-bounds read in the validateprotocol function. We believe this bug is harmless in practice, because the out-of-bounds...

PT-2023-18536 · Cmark-Gfm +1 · Cmark-Gfm +1

Name of the Vulnerable Software and Affected Versions: cmark-gfm versions prior to 0.29.0.gfm.7 Description: The issue is related to a crafted markdown document that can trigger an out-of-bounds read in the validate protocol function. This bug is believed to be harmless in practice because the...

GSD-2023-1001270 drm/vmwgfx: Validate the box size for the snooped cursor

drm/vmwgfx: Validate the box size for the snooped cursor This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commit...

GSD-2023-1000176 tipc: re-fetch skb cb after tipc_msg_validate

tipc: re-fetch skb cb after tipcmsgvalidate This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.82 by commit...

CVE-2022-23814

Failure to validate addresses provided by software to BIOS commands may result in a potential loss of integrity of guest memory in a confidential compute environment...

GHSA-WQQV-JCFR-9F5G PocketMine-MP has improperly handled dye colour IDs in banner NBT, leading to server crash

Impact DyeColorIdMap-fromId did not account for the possibility that it might be given invalid input. This means that an undefined offset error would occur whenever this happened. This code is indirectly called during Banner-deserializeCompoundTag, which is invoked when deserializing any item NBT...

PT-2022-9029 · Openmrs · Openmrs Appointment Scheduling Module

Name of the Vulnerable Software and Affected Versions: OpenMRS Appointment Scheduling Module versions up to 1.12.x Description: A problematic issue has been found, affecting the validateFieldName function of the AppointmentTypeValidator.java file. This leads to cross-site scripting and can be...

CVE-2022-47895

In JetBrains IntelliJ IDEA before 2022.3.1 the "Validate JSP File" action used the HTTP protocol to download required JAR files...

CVE-2022-47895

In JetBrains IntelliJ IDEA before 2022.3.1 the "Validate JSP File" action used the HTTP protocol to download required JAR files...

CVE-2022-47895

In JetBrains IntelliJ IDEA before 2022.3.1 the "Validate JSP File" action used the HTTP protocol to download required JAR files...

CVE-2022-47895

JetBrains IntelliJ IDEA before 2022.3.1 is affected by CVE-2022-47895 through the "Validate JSP File" action, which uses HTTP to download required JAR files. The underlying issue enables a scenario where an attacker could influence the download of JARs, potentially enabling exploitation via deser...

PT-2022-7094 · Jetbrains · Intellij Idea

Name of the Vulnerable Software and Affected Versions: JetBrains IntelliJ IDEA versions prior to 2022.3.1 Description: The issue is related to the "Validate JSP File" action in IntelliJ IDEA, which used the HTTP protocol to download required JAR files. This allows a remote attacker to download...

JetBrains IntelliJ IDEA 安全漏洞

JetBrains IntelliJ IDEA is an integrated development environment for the Java language from the Czech company JetBrains. A security vulnerability exists in JetBrains IntelliJ IDEA prior to version 2022.3.1, which is caused by the "Validate JSP file" operation using the HTTP protocol to download t...