52493 matches found
GHSA-9GQX-53GP-C8G3 Duplicate Advisory: uutils coreutils allows users to bypass the --preserve-root safety mechanism
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-4c7q-4928-8445. This link is maintained to preserve external references. Original Description A vulnerability in the chmod utility of uutils coreutils allows users to bypass the --preserve-root safety mechanism...
Duplicate Advisory: uutils coreutils allows users to bypass the --preserve-root safety mechanism
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-4c7q-4928-8445. This link is maintained to preserve external references. Original Description A vulnerability in the chmod utility of uutils coreutils allows users to bypass the --preserve-root safety mechanism...
CVE-2026-24749
The Silverstripe Assets Module is a required component of Silverstripe Framework. In versions prior to 2.4.5 and 3.0.0-rc1 through 3.1.2, images rendered in templates or otherwise accessed via DBFile::getURL or DBFile::getSourceURL incorrectly add an access grant to the current session, which...
Silverstripe Assets Module has a DBFile::getURL() permission bypass
Impact Images rendered in templates or otherwise accessed via DBFile::getURL or DBFile::getSourceURL incorrectly add an access grant to the current session, which bypasses file permissions. This usually happens when creating an image variant, for example using a manipulation method like ScaleWidt...
CVE-2026-24749 Silverstripe Assets Module has a DBFile::getURL() permission bypass
The Silverstripe Assets Module is a required component of Silverstripe Framework. In versions prior to 2.4.5 and 3.0.0-rc1 through 3.1.2, images rendered in templates or otherwise accessed via DBFile::getURL or DBFile::getSourceURL incorrectly add an access grant to the current session, which...
Microsoft Windows UPnP 安全漏洞
Microsoft Windows UPnP is a device proxy provided by Microsoft Corporation. It serves as a proxy that allows Windows network connections to recognize the IP address of ZoneDirector. There are security vulnerabilities associated with Microsoft Windows UPnP. Attackers can exploit these...
CVE-2023-54362
Joomla VirtueMart Shopping-Cart 4.0.12 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the keyword parameter. Attackers can craft malicious URLs containing script payloads in the keyword parameter of the product-variants...
CVE-2023-54362 Joomla VirtueMart Shopping-Cart 4.0.12 Reflected XSS via keyword
Joomla VirtueMart Shopping-Cart 4.0.12 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the keyword parameter. Attackers can craft malicious URLs containing script payloads in the keyword parameter of the product-variants...
CVE-2023-54362
Joomla VirtueMart Shopping-Cart 4.0.12 is affected by a reflected XSS in the keyword parameter of the product-variants endpoint. The vulnerability allows an attacker to craft a URL containing a script payload that, when visited by a user, executes arbitrary JavaScript in the victim’s browser and ...
CVE-2023-54362
Joomla VirtueMart Shopping-Cart 4.0.12 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the keyword parameter. Attackers can craft malicious URLs containing script payloads in the keyword parameter of the product-variants...
CVE-2026-35583
Emissary is a P2P based data-driven workflow engine. Prior to 8.39.0, the configuration API endpoint /api/configuration/name validated configuration names using a blacklist approach that checked for , /, .., and trailing .. This could potentially be bypassed using URL-encoded variants,...
PT-2026-31729
Joomla VirtueMart Shopping-Cart 4.0.12 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the keyword parameter. Attackers can craft malicious URLs containing script payloads in the keyword parameter of the product-variants...
Hiding in the Tunnels: Unmasking the New Stealthy BPFDoor Variants
This is Rapid7's whitepaper discussing BPFDoor variants. Advanced persistent threats APTs are locked in a continuous arms race with network defenders. As static indicators of compromise IoCs for the notorious BPFDoor malware became widely deployed by security vendors, the threat actors went back ...
CVE-2026-3902
A flaw was found in Django. A remote attacker can exploit an ambiguous mapping of header variants with hyphens or underscores to a single version with underscores in ASGIRequest. This vulnerability allows the attacker to spoof headers, potentially leading to unauthorized actions or misdirection...
CVE-2026-35583 Emissary has a Path Traversal via Blacklist Bypass in Configuration API
Emissary is a P2P based data-driven workflow engine. Prior to 8.39.0, the configuration API endpoint /api/configuration/name validated configuration names using a blacklist approach that checked for , /, .., and trailing .. This could potentially be bypassed using URL-encoded variants,...
CVE-2026-35583
Emissary is a P2P based data-driven workflow engine. Prior to 8.39.0, the configuration API endpoint /api/configuration/name validated configuration names using a blacklist approach that checked for , /, .., and trailing .. This could potentially be bypassed using URL-encoded variants,...
CVE-2026-3902
CVE-2026-3902 affects Django: vulnerable in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30. The flaw in ASGIRequest allows a remote attacker to spoof headers by conflating hyphen and underscore variants, via an ambiguous header mapping. Exploitation status is not provided in the sourc...
CVE-2026-3902
An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30. ASGIRequest allows a remote attacker to spoof headers by exploiting an ambiguous mapping of two header variants with hyphens or with underscores to a single version with underscores. Earlier, unsupported Django...
PT-2026-30867
Name of the Vulnerable Software and Affected Versions Django versions 6.0 through 6.0.3, 5.2 through 5.2.12, and 4.2 through 4.2.29 Description The ASGIRequest component allows a remote attacker to spoof headers due to an ambiguous mapping of header variants with hyphens or with underscores to a...
PT-2026-30894
Name of the Vulnerable Software and Affected Versions Emissary versions prior to 8.39.0 Description Emissary is a P2P based data-driven workflow engine. Prior to version 8.39.0, the configuration API endpoint /api/configuration/name validated configuration names using a blacklist approach that...