CVE-2023-25816 nextcloud vulnerable to Uncontrolled Resource Consumption

Nextcloud is an Open Source private cloud software. Versions 25.0.0 and above, prior to 25.0.3, are subject to Uncontrolled Resource Consumption. A user can configure a very long password, consuming more resources on password validation than desired. This issue is patched in 25.0.3 No workaround ...

SUSE CVE-2022-36086

linkedlistallocator is an allocator usable for nostd systems. Prior to version 0.10.2, the heap initialization methods were missing a minimum size check for the given heap size argument. This could lead to out-of-bound writes when a heap was initialized with a size smaller than 3 sizeof:: because...

CVE-2023-23624 Discourse's exclude_tags param could leak which topics had a specific hidden tag

Discourse is an open-source discussion platform. Prior to version 3.0.1 on the stable branch and version 3.1.0.beta2 on the beta and tests-passed branches, someone can use the excludetag param to filter out topics and deduce which ones were using a specific hidden tag. This affects any Discourse...

CVE-2022-41941 glpi contains XSS Stored inside Standard Interface Help Link href attribute

GLPI is a Free Asset and IT Management Software package. Versions 10.0.0 and above, prior to 10.0.6, are subject to Cross-site Scripting. An administrator may store malicious code in help links. This issue is patched in 10.0.6...

CVE-2023-22722 glpi subject to Cross-site Scripting (XSS) - Reflected

GLPI is a Free Asset and IT Management Software package. Versions 9.4.0 and above, prior to 10.0.6 are subject to Cross-site Scripting. An attacker can persuade a victim into opening a URL containing a payload exploiting this vulnerability. After exploited, the attacker can make actions as the...

CVE-2023-22453 Discourse vulnerable to exposure of user post counts per topic to unauthorized users

Discourse is an option source discussion platform. Prior to version 2.8.14 on the stable branch and version 3.0.0.beta16 on the beta and tests-passed branches, the number of times a user posted in an arbitrary topic is exposed to unauthorized users through the /u/username.json endpoint. The issue...

CVE-2022-46150 Discourse may allow exposure of hidden tags in the subject of notification emails

Discourse is an open-source discussion platform. Prior to version 2.8.13 of the stable branch and version 2.9.0.beta14 of the beta and tests-passed branches, unauthorized users may learn of the existence of hidden tags and that they have been applied to topics that they have access to. This issue...

CVE-2022-46147 Drag and Drop XBlock v2 has XSS Issues in Xblock Input Fields

Drag and Drop XBlock v2 implements a drag-and-drop style problem, where a learner has to drag items to zones on a target image. Versions prior to 3.0.0 are vulnerable to cross-site scripting in multiple XBlock Fields. Any platform that has deployed the XBlock may be impacted. Version 3.0.0 contai...

CVE-2022-41933 Plaintext storage of password in org.xwiki.platform:xwiki-platform-security-authentication-default

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. When the reset a forgotten password feature of XWiki was used, the password was then stored in plain text in database. This only concerns XWiki 13.1RC1 and newer versions. Note that it only...

AZL-11544 CVE-2022-41911 affecting package tensorflow for versions less than 2.11.0-1

TensorFlow is an open source platform for machine learning. When printing a tensor, we get it's data as a const char array since that's the underlying storage and then we typecast it to the element type. However, conversions from char to bool are undefined if the char is not 0 or 1, so...

CVE-2022-39396 Parse Server vulnerable to Remote Code Execution via prototype pollution in MongoDB BSON parser

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Versions prior to 4.10.18, and prior to 5.3.1 on the 5.X branch, are vulnerable to Remote Code Execution via prototype pollution. An attacker can use this prototype pollution sink to trigger a...

CVE-2022-39364 Exception logging in Sharepoint app reveals clear-text connection details

Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. In Nextcloud Server prior to versions 23.0.9 and 24.0.5 and Nextcloud Enterprise Server prior to versions 22.2.10.5, 23.0.9, and 24.0.5 an attacker reading nextcloud.log may gain knowledge of...

GHSA-JJJH-JJXP-WPFF Uncontrolled Resource Consumption in Jackson-databind

In FasterXML jackson-databind 2.4.0-rc1 until 2.12.7.1 and in 2.13.x before 2.13.4.2 resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAPSINGLEVALUEARRAYS feature is enabled. This was patched in 2.12.7.1,...

CVE-2022-39219 Bifrost users using basic authntication can bypass write permission limit

Bifrost is a middleware package which can synchronize MySQL/MariaDB binlog data to other types of databases. Versions 1.8.6-release and prior are vulnerable to authentication bypass when using HTTP basic authentication. This may allow group members who only have read permissions to write requests...

CVE-2022-39224 Arbitrary shell execution when extracting or listing files contained in a malicious rpm.

Arr-pm is an RPM reader/writer library written in Ruby. Versions prior to 0.0.12 are subject to OS command injection resulting in shell execution if the RPM contains a malicious "payload compressor" field. This vulnerability impacts the extract and files methods of the RPM::File class of this...

CVE-2022-31167 XWiki Platform Security Parent POM vulnerable to overwriting of security rules of a page with a final page having the same reference

XWiki Platform Security Parent POM contains the security APIs for XWiki Platform, a generic wiki platform. Starting with version 5.0 and prior to 12.10.11, 13.10.1, and 13.4.6, a bug in the security cache stores rules associated to document Page1.Page2 and space Page1.Page2 in the same cache entr...

CVE-2022-36034 Possible Regular Expression Denial of Service (ReDoS) used on uncontrolled data in nitrado.js

nitrado.js is a type safe wrapper for the Nitrado API. Possible ReDoS with lib input of and with many repetitions of |. This issue has been patched in all versions above 0.2.5. There are currently no known workarounds...

CVE-2022-31170 OpenZeppelin Contracts's ERC165Checker may revert instead of returning false

OpenZeppelin Contracts is a library for smart contract development. Versions 4.0.0 until 4.7.1 are vulnerable to ERC165Checker reverting instead of returning false. ERC165Checker.supportsInterface is designed to always successfully return a boolean, and under no circumstance revert. However, an...

CVE-2022-31172 OpenZeppelin Contracts's SignatureChecker may revert on invalid EIP-1271 signers

OpenZeppelin Contracts is a library for smart contract development. Versions 4.1.0 until 4.7.1 are vulnerable to the SignatureChecker reverting. SignatureChecker.isValidSignatureNow is not expected to revert. However, an incorrect assumption about Solidity 0.8's abi.decode allows some cases to...

PYSEC-2022-43143

OpenZeppelin Contracts for Cairo is a library for contract development written in Cairo for StarkNet, a decentralized ZK Rollup. Version 0.2.0 is vulnerable to an error that renders account contracts unusable on live networks. This issue affects all accounts vanilla and ethereum flavors in the...