Two New Security Flaws Reported in Ghost CMS Blogging Software

Cybersecurity researchers have detailed two security flaws in the JavaScript-based blogging platform known as Ghost, one of which could be abused to elevate privileges via specially crafted HTTP requests. Ghost is an open source blogging platform that's used in more than 52,600 live websites, mos...

PT-2022-26007 · Ghost Foundation · Ghost

Name of the Vulnerable Software and Affected Versions: Ghost Foundation Ghost versions 4.46.0 through 4.48.7 Ghost Foundation Ghost versions 5.0.0 through 5.22.6 Ghost Foundation Ghost version 5.9.4 Description: An authentication bypass vulnerability exists in the newsletter subscription...

The vulnerability of the “Main” function in the microprogramming software of the TOTOLink A810R router allows a intruder to execute arbitrary commands.

The vulnerability of the “Main” function in the microprogramming software for the TOTOLink A810R router is related to the lack of measures for cleaning input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands through the QUERYSTRING parameter...

ZEIT Next.js 代码问题漏洞

ZEIT Next.js is an open source web application framework from ZEIT based on Vue.js, Node.js, Webpack and Babel.js. NextAuth.js is the authentication for Next.js. A code issue vulnerability exists in Next.js NextAuth.js versions prior to 3.29.5 and prior to 4.5.0 that stems from a lack of validati...

CVE-2022-1357

The affected On-Premise cnMaestro allows an unauthenticated attacker to access the cnMaestro server and execute arbitrary code in the privileges of the web server. This lack of validation could allow an attacker to append arbitrary data to the logger command...

squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. The filename is not validated for traversal outside of the destination directory and thus allows writing to locations outside of the destination.

...

CVE-2021-36982

AIMANAGER before B115 on MONITORAPP Application Insight Web Application Firewall AIWAF devices with Manager 2.1.0 allows OS Command Injection because of missing input validation on one of the parameters of an HTTP request...

IBM Cloud Pak for Applications 跨站脚本漏洞

IBM Cloud Pak for Applications is an application from IBM America, Inc. It provides a cloud-native development solution that delivers value quickly. A cross-site scripting vulnerability exists in IBM Cloud Pak for Applications, which stems from the product's lack of effective validation of...

GHSA-RGVQ-PCVF-HX75 Heap OOB and null pointer dereference in `RaggedTensorToTensor`

Impact Due to lack of validation in tf.rawops.RaggedTensorToTensor, an attacker can exploit an undefined behavior if input arguments are empty: python import tensorflow as tf shape = tf.constant-1, -1, shape=2, dtype=tf.int64 values = tf.constant, shape=0, dtype=tf.int64 defaultvalue =...

PYSEC-2021-733

TensorFlow is an end-to-end open source platform for machine learning. Incomplete validation in SparseAdd results in allowing attackers to exploit undefined behavior dereferencing null pointers as well as write outside of bounds of heap allocated data. The...

PYSEC-2021-246

TensorFlow is an end-to-end open source platform for machine learning. Incomplete validation in SparseAdd results in allowing attackers to exploit undefined behavior dereferencing null pointers as well as write outside of bounds of heap allocated data. The...

PT-2020-12973 · Inductive Automation · Ignition 7 Gateway +1

Name of the Vulnerable Software and Affected Versions: Ignition 8 Gateway versions prior to 8.0.10 Ignition 7 Gateway versions prior to 7.9.14 Description: The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data, allowing a...

PT-2018-13677 · Kamailio +2 · Kamailio +2

Name of the Vulnerable Software and Affected Versions: Kamailio versions prior to 5.0.7 Kamailio versions 5.1.x prior to 5.1.4 Description: A crafted SIP message with an invalid Via header can cause a segmentation fault and crash Kamailio due to missing input validation in the crcitt string array...

Foxit Reader setTimeOut Information Disclosure Vulnerability

Foxit Reader is a small PDF document viewer and printing program. Foxit Reader has a security vulnerability in the handling of the setTimeOut method, which can be exploited by an attacker to obtain sensitive information or even execute arbitrary code due to a lack of validation before performing ...

CVE-2018-5273

In Malwarebytes Premium 3.3.1.2183, the driver file FARFLT.SYS allows local users to cause a denial of service BSOD or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e014. NOTE: the vendor reported that they "have not been able to reproduce the issu...