GHSA-3GH6-V5V9-6V9J Jetty vulnerable to errant command quoting in CGI Servlet

If a user sends a request to a org.eclipse.jetty.servlets.CGI Servlet for a binary with a space in its name, the servlet will escape the command by wrapping it in quotation marks. This wrapped command, plus an optional command prefix, will then be executed through a call to Runtime.exec. If the...

UBUNTU-CVE-2023-4881

Rejected reason: CVE-2023-4881 was wrongly assigned to a bug that was deemed to be a non-security issue by the Linux kernel security team...

getActiveTickIndex returns wrong index

Lines of code Vulnerability details To find a tick that's above price ie its only underlying is the base token, getActiveTickIndex should not if baseTokenIsToken0 && amt0 == 0 || !baseTokenIsToken0 && amt0 == 0 return tickIndex; it should if baseTokenIsToken0 && amt1 == 0 || !baseTokenIsToken0 &&...

USN-6355-1: GRUB2 vulnerabilities

Daniel Axtens discovered that specially crafted images could cause a heap-based out-of-bonds write. A local attacker could possibly use this to circumvent secure boot protections. CVE-2021-3695 Daniel Axtens discovered that specially crafted images could cause out-of-bonds read and write. A local...

UBUNTU-CVE-2023-20898

Git Providers can read from the wrong environment because they get the same cache directory base name in Salt masters prior to 3005.2 or 3006.2. Anything that uses Git Providers with different environments can get garbage data or the wrong data, which can lead to wrongful data disclosure, wrongfu...

Design/Logic Flaw

Git Providers can read from the wrong environment because they get the same cache directory base name in Salt masters prior to 3005.2 or 3006.2. Anything that uses Git Providers with different environments can get garbage data or the wrong data, which can lead to wrongful data disclosure, wrongfu...

CVE-2023-23765

An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff in a re-opened Pull Request. To exploit this vulnerability, an attacker would need write access to the repository. This vulnerability was reported via the...

CVE-2023-21264

In multiple functions of memprotect.c, there is a possible way to access hypervisor memory due to a memory access check in the wrong place. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

PT-2023-5309 · Salt +3 · Salt +3

Name of the Vulnerable Software and Affected Versions: Salt masters versions prior to 3005.2 or 3006.2 Description: The issue is related to Git Providers in Salt masters, where they can read from the wrong environment due to the same cache directory base name. This can lead to garbage data or the...

Vulnerability: Setting the userClaimedEpoch to a wrong Epoch / Contract: LendingLedger / Function: claim

Lines of code Vulnerability details Impact The userClaimedEpoch is setted to a different epoch week more than the actual epoch of the claim. Proof of Concept In the function to claim the canto for a market, the claiming can only be made for a prior epoch and the function does it in that way, but...

CVE-2023-23903

CVE-2023-23903 affects Nozomi Guardian/CMC (before v22.6.2). An authenticated administrator can upload a SAML configuration file with the wrong format, and the application does not validate the correct file format. This causes a Denial of Service where every subsequent request renders the applica...

(0Day) Microsoft Azure Machine Learning Compute Instance certificate Exposure of Resource to Wrong Sphere Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on Microsoft Azure. An attacker must first obtain the ability to execute high-privileged code on the target environment in order to exploit this vulnerability. The specific flaw exists within the handling of certificates...

Apache InLong: General user can delete and update process

Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.7.0. The attacker could use general users to delete and update the process, which only the admin can operate occurrences. Users are advised to...

CVE-2023-34189

Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.7.0. The attacker could use general users to delete and update the process, which only the admin can operate occurrences. Users are advised to...

CVE-2023-34189 Apache InLong: General user can delete and update process

Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.7.0. The attacker could use general users to delete and update the process, which only the admin can operate occurrences. Users are advised to...

CVE-2023-34189 Apache InLong: General user can delete and update process

Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.7.0. The attacker could use general users to delete and update the process, which only the admin can operate occurrences. Users are advised to...

The vulnerability of the Protobuf field analysis component allows a attacker to cause a service failure.

The vulnerability of the Protobuf serialization protocol field analysis component is related to performing actions in the wrong order. Exploiting this vulnerability allows a remote attacker to cause service failures...

estimatedAPR() might return the wrong APR.

Lines of code Vulnerability details Impact estimatedAPR might return the wrong APR and it will make users confused. Proof of Concept SavingsVest.estimatedAPR returns the APR using the current vestingProfit and vestingPeriod. function estimatedAPR external view returns uint256 apr uint256...

Apache InLong Exposure of Resource to Wrong Sphere vulnerability

Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong. This issue affects Apache InLong from 1.4.0 through 1.6.0. Attackers can change the immutable name and type of nodes of InLong. Users are advised to upgrade to Apache InLong 1.7.0 or cherry-pick...

_createDepositSingle() call bridgeOut missing normalizeDecimals

Lines of code Vulnerability details Impact Wrong decimal place conversion, resulting in wrong quantity Proof of Concept in createDepositSingle will call IPortlocalPortAddress.bridgeOut The parameter deposit is not converted to 18 decimal createDepositSingle function createDepositSingle address...