aiguesvida.cat Cross Site Scripting vulnerability OBB-3200358

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2023-25805 versionn Command Injection Vulnerability

versionn, software for changing version information across multiple files, has a command injection vulnerability in all versions prior to version 1.1.0. This issue is patched in version 1.1.0...

Chip company loses $250m after ransomware hits supply chain

Applied Materials, one of the worlds leading suppliers of equipment, services, and software for the manufacture of semiconductors, has warned that its second-quarter sales are likely to be hurt to the tune of $250 million due to a cybersecurity attack at one of its suppliers. MKS Instruments Inc...

CVE-2023-23936 CRLF Injection in Nodejs ‘undici’ via host

Undici is an HTTP/1.1 client for Node.js. Starting with version 2.0.0 and prior to version 5.19.1, the undici library does not protect host HTTP header from CRLF injection vulnerabilities. This issue is patched in Undici v5.19.1. As a workaround, sanitize the headers.host string before passing to...

delake.com Cross Site Scripting vulnerability OBB-3195511

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

SUSE CVE-2021-29625

Adminer is open-source database management software. A cross-site scripting vulnerability in Adminer versions 4.6.1 to 4.8.0 affects users of MySQL, MariaDB, PgSQL and SQLite. XSS is in most cases prevented by strict CSP in all modern browsers. The only exception is when Adminer is using a pdo...

SUSE CVE-2022-23649

Cosign provides container signing, verification, and storage in an OCI registry for the sigstore project. Prior to version 1.5.2, Cosign can be manipulated to claim that an entry for a signature exists in the Rekor transparency log even if it doesn't. This requires the attacker to have pull and...

SUSE CVE-2022-24724

cmark-gfm is GitHub's extended version of the C reference implementation of CommonMark. Prior to versions 0.29.0.gfm.3 and 0.28.3.gfm.21, an integer overflow in cmark-gfm's table row parsing table.c:rowfromstring may lead to heap memory corruption when parsing tables who's marker rows contain mor...

CVE-2023-25563 GSS-NTLMSSP vulnerable to multiple out-of-bounds reads when decoding NTLM fields

GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, multiple out-of-bounds reads when decoding NTLM fields can trigger a denial of service. A 32-bit integer overflow condition can lead to incorrect checks of consistency of length of...

CVE-2020-36661 Kong lua-multipart multipart.lua is_header redos

A vulnerability was found in Kong lua-multipart 0.5.8-1. It has been declared as problematic. This vulnerability affects the function isheader of the file src/multipart.lua. The manipulation leads to inefficient regular expression complexity. Upgrading to version 0.5.9-1 is able to address this...

CVE-2023-22797

An open redirect vulnerability is fixed in Rails 7.0.4.1 with the new protection against open redirects from calling redirectto with untrusted user input. In prior versions the developer was fully responsible for only providing trusted input. However the check introduced could allow an attacker t...

PT-2023-2359 · D Link · D-Link Dir-820L

Name of the Vulnerable Software and Affected Versions: D-Link DIR820LA1 FW105B03 Description: The issue is an OS Command injection vulnerability that allows attackers to escalate privileges to root via a crafted payload with the ping addr parameter to ping.ccp. This vulnerability exists due to th...

Use of Cache Containing Sensitive Information

Grafana is an open-source platform for monitoring and observability. When datasource query caching is enabled, Grafana caches all headers, including grafanasession . As a result, any user that queries a datasource where the caching is enabled can acquire another user’s session. To mitigate the...

CVE-2023-23621

Discourse is an open-source discussion platform. Prior to version 3.0.1 on the stable branch and version 3.1.0.beta2 on the beta and tests-passed branches, a malicious user can cause a regular expression denial of service using a carefully crafted user agent. This issue is patched in version 3.0....

CVE-2023-0549 YAFNET Private Message PostPrivateMessage cross site scripting

A vulnerability, which was classified as problematic, has been found in YAFNET up to 3.1.10. This issue affects some unknown processing of the file /forum/PostPrivateMessage of the component Private Message Handler. The manipulation of the argument subject/message leads to cross site scripting. T...

CVE-2023-22485 cmark-gfm out-of-bounds read in validate_protocol

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. In versions prior 0.29.0.gfm.7, a crafted markdown document can trigger an out-of-bounds read in the validateprotocol function. We believe this bug is harmless in practice, because the out-of-bounds...

A week in security (January 9—15)

Last week on Malwarebytes Labs: Slack private code on GitHub stolen Crypto-inspired Magecart skimmer surfaces via digital crime haven Security vulnerabilities in major car brands revealed Microsoft ends extended support for Windows 7 and Windows Server 2008 today Pokemon NFT card game malware...

CVE-2023-22491 gatsby-transformer-remark vulnerable to unsanitized JavaScript code injection

Gatsby is a free and open source framework based on React that helps developers build websites and apps. The gatsby-transformer-remark plugin prior to versions 5.25.1 and 6.3.2 passes input through to the gray-matter npm package, which is vulnerable to JavaScript injection in its default...

PT-2023-10219 · Gitlearn · Gitlearn

Name of the Vulnerable Software and Affected Versions: gitlearn affected versions not specified Description: A vulnerability was found in the function getGrade/getOutOf of the file scripts/config.sh of the component Escape Sequence Handler. This issue leads to injection and can be initiated...

CVE-2015-10035 gperson angular-test-reporter data-server.js addTest sql injection

A vulnerability was found in gperson angular-test-reporter and classified as critical. This issue affects the function getProjectTables/addTest of the file rest-server/data-server.js. The manipulation leads to sql injection. The patch is named a29d8ae121b46ebfa96a55a9106466ab2ef166ae. It is...