CLSA-2022-1671123868 rpm: Fix of 2 CVEs

CVE-2021-35939: validate intermediate symlinks during installation - CVE-2021-35938: set file metadata via fd-based ops for everything but symlinks - Fix file descriptor leak recently introduced in rpmPackageFilesInstall...

PT-2022-26184 · Unknown · Bigbluebutton

Name of the Vulnerable Software and Affected Versions: BigBlueButton versions prior to 2.4.3 Description: The issue is related to Insufficient Verification of Data Authenticity, resulting in Denial of Service. An attacker can make a Meteor call to validateAuthToken using a victim's userId,...

Code injection

Browsershot version 3.57.3 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate that the JS content imported from an external source passed to the Browsershot::html method does not contain URLs that use the file:// protoc...

Exchange's _returnDust() does not validate return value of call() to send excess ETH to sender.

Lines of code Vulnerability details Impact When a caller to Exchange's execute or bulkExecute includes more ETH than is required to complete the transactions, returnDust is intended to return this excess back to the caller. However, returnDust does not validate that the call it performs to return...

PT-2022-35578 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.150 Description: The issue concerns an error in the length of the VALIDATE NEGOTIATE INFO message in the cifs component. The actual impact and potential for attack have not been proven yet. Recommendations...

Cross site scripting

SalonERP version 3.0.2 allows an external attacker to steal the cookie of arbitrary users. This is possible because the application does not correctly validate the page parameter against XSS attacks...

Code injection

Relatedcode's Messenger version 7bcd20b allows an authenticated external attacker to access existing chats in the workspaces of any user of the application. This is possible because the application does not validate permissions correctly...

StandardPolicyERC1155.sol doesn't validate the order.amount properly.

Lines of code Vulnerability details Impact StandardPolicyERC1155.sol doesn't validate the order.amount properly. This contract is used to check a policy for matching orders of ERC1155 tokens. But it doesn't check the amount of ERC1155 token properly and traders might lose their funds unexpectedly...

Rockwell Automation Factory Talk VantagePoint SQL Injection Vulnerability

Rockwell Automation Factory Talk VantagePoint is an advanced industrial application ecosystem from Rockwell Automation, Inc. The SQL injection vulnerability in Rockwell Automation Factory Talk VantagePoint stems from a failure to properly validate SQL statements entered by users when retrieving...

OESA-2022-1971 python-oauthlib security update

Security Fixes: OAuthLib is an implementation of the OAuth request-signing logic for Python 3.6+. In OAuthLib versions 3.1.1 until 3.2.1, an attacker providing malicious redirect uri can cause denial of service. An attacker can also leverage usage of urivalidate functions depending where it is...

RHEL 7 : rh-nodejs10-nodejs (RHSA-2021:0521)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0521 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...

RHEL 7 : rh-nodejs14-nodejs (RHSA-2021:0421)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0421 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...

UBUNTU-CVE-2022-36087

OAuthLib is an implementation of the OAuth request-signing logic for Python 3.6+. In OAuthLib versions 3.1.1 until 3.2.1, an attacker providing malicious redirect uri can cause denial of service. An attacker can also leverage usage of urivalidate functions depending where it is used. OAuthLib...

CVE-2022-39810

An issue was discovered in WSO2 Enterprise Integrator 6.4.0. A Reflected Cross-Site Scripting XSS vulnerability has been identified in the Management Console under /carbon/ndatasource/validateconnection/ajaxprocessor.jsp via the driver parameter. Session hijacking or similar attacks would not be...

CVE-2022-36087 OAuthLib vulnerable DoS when attacker provides malicious IPV6 URI

OAuthLib is an implementation of the OAuth request-signing logic for Python 3.6+. In OAuthLib versions 3.1.1 until 3.2.1, an attacker providing malicious redirect uri can cause denial of service. An attacker can also leverage usage of urivalidate functions depending where it is used. OAuthLib...

Ubuntu: Security Advisory (USN-4163-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Broken Link Checker < 1.11.17 - Admin+ PHAR Deserialization

The plugin does not validate a parameter, which could allow high privilege users such as admin to perform PHAR deserialisation when a suitable gadget chain is also present...

Malicious relayer can execute stale transactions by spoofing validator weights/threshold in proof

Lines of code Vulnerability details Impact Transaction is submit with wrong validator information, allowing stale commands to be executed Proof of Concept This vulnerability is a result of allowing msg.sender to provide key information identifying operators. First we need to understand how the...

Solana Pay 安全漏洞

Solana Pay is a standard protocol and a set of reference implementations from the Solana Foundation in Switzerland. It enables developers to integrate decentralized payments into their applications and services. A security vulnerability exists in Solana Pay versions prior to 0.2.1 that stems from...

PT-2022-23023 · Solana · Solana Pay

Name of the Vulnerable Software and Affected Versions: Solana Pay versions prior to 0.2.1 Description: Solana Pay is a protocol that enables developers to incorporate decentralized payments into their apps and services. When a Solana Pay transaction is located using a reference key, it may be...