CVE-2023-3390 affecting package kernel for versions less than 5.15.122.1-2

CVE-2023-3390 affecting package kernel for versions less than 5.15.122.1-2. A patched version of the package is available...

CVE-2023-2124 affecting package kernel for versions less than 5.15.122.1-2

CVE-2023-2124 affecting package kernel for versions less than 5.15.122.1-2. A patched version of the package is available...

CVE-2023-38197 affecting package qt5-qtbase for versions less than 5.12.11-9

CVE-2023-38197 affecting package qt5-qtbase for versions less than 5.12.11-9. A patched version of the package is available...

CVE-2023-38684 Discourse vulnerable to ossible DDoS due to unbounded limits in various controller actions

Discourse is an open source discussion platform. Prior to version 3.0.6 of the stable branch and version 3.1.0.beta7 of the beta and tests-passed branches, in multiple controller actions, Discourse accepts limit params but does not impose any upper bound on the values being accepted. Without an...

CVE-2023-34256 affecting package kernel for versions less than 5.15.116.1-1

CVE-2023-34256 affecting package kernel for versions less than 5.15.116.1-1. A patched version of the package is available...

CVE-2023-32061 Discourse Topic Creation Page Allows iFrame Tag without Restrictions

Discourse is an open source discussion platform. Prior to version 3.0.4 of the stable branch and version 3.1.0.beta5 of the beta and tests-passed branches, the lack of restrictions on the iFrame tag makes it easy for an attacker to exploit the vulnerability and hide subsequent comments from other...

CVE-2023-33189

CVE-2023-33189 affects Pomerium, an identity and context-aware access proxy. The vulnerability arises from incorrect authorization decisions when handling specially crafted requests, enabling total impact on confidentiality, integrity, and availability per CVSS assessments. Affected versions incl...

PT-2023-20536 · Pimcore · Pimcore

Name of the Vulnerable Software and Affected Versions: pimcore/pimcore versions prior to 10.5.21 Description: This issue allows for Cross-site Scripting XSS, which can potentially steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users...

Design/Logic Flaw

Laminas Diactoros provides PSR HTTP Message implementations. In versions 2.18.0 and prior, 2.19.0, 2.20.0, 2.21.0, 2.22.0, 2.23.0, 2.24.0, and 2.25.0, users who create HTTP requests or responses using laminas/laminas-diactoros, when providing a newline at the start or end of a header key or value...

CVE-2023-27495 Bypass of CSRF protection in the presence of predictable userInfo in @fastify/csrf-protection

@fastify/csrf-protection is a plugin which helps protect Fastify servers against CSRF attacks. The CSRF protection enforced by the @fastify/csrf-protection library in combination with @fastify/cookie can be bypassed from network and same-site attackers under certain conditions...

GHSA-CH3R-J5X3-6Q2M vm2 Sandbox Escape vulnerability

There exists a vulnerability in exception sanitization of vm2 for versions up to 3.9.16, allowing attackers to raise an unsanitized host exception inside handleException which can be used to escape the sandbox and run arbitrary code in host context. Impact A threat actor can bypass the sandbox...

CVE-2023-29209 org.xwiki.platform:xwiki-platform-legacy-notification-activitymacro Eval Injection vulnerability

XWiki Commons are technical libraries common to several other top level XWiki projects. Any user with view rights on commonly accessible documents including the legacy notification activity macro can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full access to the XWiki...

CVE-2023-28852 GLPI vulnerable to stored Cross-site Scripting through dashboard administration

GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to versions 9.5.13 and 10.0.7, a user with dashboard administration rights may hack the dashboard form to store malicious code that will be executed when other users will use the related dashboard. Versio...

CVE-2023-27493 Envoy doesn't escape HTTP header values

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, Envoy does not sanitize or escape request properties when generating request headers. This can lead to characters that are illegal in header values ...

CVE-2023-28107 Discourse vulnerable to multisite DoS by spamming backups

Discourse is an open-source discussion platform. Prior to version 3.0.2 of the stable branch and version 3.1.0.beta3 of the beta and tests-passed branches, a user logged as an administrator can request backups multiple times, which will eat up all the connections to the DB. If this is done on a...

CVE-2023-26040 Discourse chat messages susceptible to Cross-site Scripting through chat excerpts

Discourse is an open-source discussion platform. Between versions 3.1.0.beta2 and 3.1.0.beta3 of the tests-passed branch, editing or responding to a chat message containing malicious content could lead to a cross-site scripting attack. This issue is patched in version 3.1.0.beta3 of the...

CVE-2023-28113 russh may use insecure Diffie-Hellman keys

russh is a Rust SSH client and server library. Starting in version 0.34.0 and prior to versions 0.36.2 and 0.37.1, Diffie-Hellman key validation is insufficient, which can lead to insecure shared secrets and therefore breaks confidentiality. Connections between a russh client and server or those ...

PT-2023-1868 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows versions prior to the fixed version Description: The issue is related to insufficient input validation in the HTTP protocol stack implementation, specifically in the http.sys component of Windows operating systems. This can be exploit...

CVE-2023-25819 Discourse tags with no visibility are leaking into og:article:tag

Discourse is an open source platform for community discussion. Tags that are normally private are showing in metadata. This affects any site running the tests-passed or beta branches = 3.1.0.beta2. The issue is patched in the latest beta and tests-passed version of Discourse...

CVE-2023-26473 XWiki Platform allows unprivileged users to make arbitrary select queries using DatabaseListProperty and suggest.vm

XWiki Platform is a generic wiki platform. Starting in version 1.3-rc-1, any user with edit right can execute arbitrary database select and access data stored in the database. The problem has been patched in XWiki 13.10.11, 14.4.7, and 14.10. There is no workaround for this vulnerability other th...