Lucene search
K
GithubMost viewed

33227 matches found

Github Security Blog
Github Security Blog
added 2022/01/12 10:29 p.m.69 views

Pipenv's requirements.txt parsing allows malicious index url in comments

Issue Summary Due to a flaw in pipenv's parsing of requirements files, an attacker can insert a specially crafted string inside a comment anywhere within a requirements.txt file, which will cause victims who use pipenv to install the requirements file e.g. with "pipenv install -r requirements.txt...

9.3CVSS0.8AI score0.03897EPSS
Exploits1References9Affected Software1
Github Security Blog
Github Security Blog
added 2022/01/07 10:31 p.m.69 views

A potential Denial of Service issue in protobuf-java

Summary A potential Denial of Service issue in protobuf-java was discovered in the parsing procedure for binary data. Reporter: OSS-Fuzz Affected versions: All versions of Java Protobufs including Kotlin and JRuby prior to the versions listed below. Protobuf "javalite" users typically Android are...

7.5CVSS2.2AI score0.01655EPSS
Exploits1References8Affected Software3
Github Security Blog
Github Security Blog
added 2021/10/19 8:16 p.m.69 views

Improper sanitization of target names

Impact The tough library, prior to 0.12.0, does not properly sanitize target names when caching a repository, or when saving specific targets to an output directory. When targets are cached or saved, files could be overwritten with arbitrary content anywhere on the system. AWS would like to thank...

8.5CVSS0.2AI score0.01077EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2021/08/25 2:48 p.m.69 views

XStream can cause a Denial of Service

Impact The vulnerability may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of service only by manipulating the processed input stream. No user is affected, who followed the recommendation ...

6.5CVSS7.3AI score0.05918EPSS
Exploits1References13Affected Software1
Github Security Blog
Github Security Blog
added 2021/08/11 3:19 p.m.69 views

Command injection in Yamale

23andMe Yamale before 3.0.8 allows remote attackers to execute arbitrary code via a crafted schema file. The schema parser uses eval as part of its processing, and tries to protect from malicious expressions by limiting the builtins that are passed to the eval. When processing the schema, each li...

9.3CVSS7.8AI score0.0249EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2021/08/09 8:40 p.m.70 views

Missing encryption in Apache Directory Studio

While investigating DIRSTUDIO-1219 it was noticed that configured StartTLS encryption was not applied when any SASL authentication mechanism DIGEST-MD5, GSSAPI was used. While investigating DIRSTUDIO-1220 it was noticed that any configured SASL confidentiality layer was not applied. This issue...

7.5CVSS7.5AI score0.00793EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2021/08/05 5:0 p.m.69 views

Remote Code Execution via Script (Python) objects under Python 3

Impact Background: The optional add-on package Products.PythonScripts adds Script Python to the list of content items a user can add to the Zope object database. Inside these scripts users can write Python code that is executed when rendered through the web. The code environment in these script...

7.5CVSS1.2AI score0.02277EPSS
Exploits0References7Affected Software1
Github Security Blog
Github Security Blog
added 2021/08/02 5:28 p.m.69 views

Missing Authorization in FastReport

An issue was discovered in FastReport before 2020.4.0. It lacks a ScriptSecurity feature and therefore may mishandle for example GetType, typeof, TypeOf, DllImport, LoadLibrary, and GetProcAddress...

9.8CVSS8.9AI score0.02331EPSS
Exploits1References6Affected Software1
Github Security Blog
Github Security Blog
added 2021/07/28 6:56 p.m.69 views

Out-of-bounds write in ChakraCore

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0828, CVE-2020-0829,...

7.6CVSS2.8AI score0.13303EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2021/07/22 7:48 p.m.69 views

Denial of Service in SheetsJS Pro

SheetJS Pro through 0.16.9 allows attackers to cause a denial of service memory consumption via a crafted .xlsx document that is mishandled when read by xlsx.js issue 2 of 2...

5.5CVSS5.4AI score0.0088EPSS
Exploits0References6Affected Software2
Github Security Blog
Github Security Blog
added 2021/07/13 5:42 p.m.69 views

SQL injection in pimcore/pimcore

This affects the package pimcore/pimcore before 10.0.7. This issue exists due to the absence of check on the storeId parameter in the method collectionsActionGet and groupsActionGet method within the ClassificationstoreController class...

8.8CVSS2.7AI score0.01715EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2021/07/01 5:2 p.m.69 views

Ratpack's default client side session signing key is highly predictable

Impact The client side session module uses the application startup time as the signing key by default. This means that if an attacker can determine this time, and if encryption is not also used which is recommended, but is not on by default, the session data could be tampered with by someone with...

4.4CVSS0.5AI score0.00262EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2021/06/29 6:32 p.m.69 views

SQL Injection in Gogs

Multiple SQL injection vulnerabilities in Gogs aka Go Git Service 0.3.1-9 through 0.5.x before 0.5.6.1105 Beta allow remote attackers to execute arbitrary SQL commands via the q parameter to 1 api/v1/repos/search, which is not properly handled in models/repo.go, or 2 api/v1/users/search, which is...

7.5CVSS8.3AI score0.33391EPSS
Exploits5References14Affected Software1
Github Security Blog
Github Security Blog
added 2021/06/28 4:56 p.m.69 views

Reflected cross-site scripting in development mode handler in Vaadin 14, 15-19

URL encoding error in development mode handler in com.vaadin:flow-server versions 2.0.0 through 2.6.1 Vaadin 14.0.0 through 14.6.1, 3.0.0 through 6.0.9 Vaadin 15.0.0 through 19.0.8 allows local user to execute arbitrary JavaScript code by opening crafted URL in browser. -...

2.5CVSS2.6AI score0.00286EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2021/06/10 5:22 p.m.69 views

Duplicate Advisory: Reflected cross-site scripting issue in Datasette

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-xw7c-jx9m-xh5g. This link is maintained to preserve external references. Original Description Datasette is an open source multi-tool for exploring and publishing data. The ?trace=1 debugging feature in Datasette...

7.2CVSS6.3AI score0.0096EPSS
Exploits0References7Affected Software1
Github Security Blog
Github Security Blog
added 2021/06/07 10:12 p.m.69 views

Prototype pollution in nconf-toml

Prototype pollution vulnerability in nconf-toml versions 0.0.1 through 0.0.2 allows an attacker to cause a denial of service and may lead to remote code execution...

9.8CVSS6.8AI score0.03299EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2021/06/07 9:49 p.m.69 views

Prototype pollution in nestie

Prototype pollution vulnerability in 'nestie' versions 0.0.0 through 1.0.0 allows an attacker to cause a denial of service and may lead to remote code execution...

9.8CVSS9.1AI score0.02961EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2021/05/19 11:3 p.m.69 views

Improper Certificate Validation in WP-CLI framework

Impact An improper error handling in HTTPS requests management in WP-CLI version 0.12.0 and later allows remote attackers able to intercept the communication to remotely disable the certificate verification on WP-CLI side, gaining full control over the communication content, including the ability...

9.1CVSS0.6AI score0.01312EPSS
Exploits0References10Affected Software1
Github Security Blog
Github Security Blog
added 2021/05/13 10:31 p.m.69 views

Uncaught Exception leading to Denial of Service in json-sanitizer

OWASP json-sanitizer before 1.2.2 can output invalid JSON or throw an undeclared exception for crafted input. This may lead to denial of service if the application is not prepared to handle these situations...

7.5CVSS1.2AI score0.02099EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2021/05/06 6:53 p.m.69 views

Cross-site scripting in ThinkAdmin

ThinkAdmin version v6 has a stored XSS vulnerability which allows remote attackers to inject an arbitrary web script or HTML...

5.4CVSS5.3AI score0.01013EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2021/04/22 4:20 p.m.69 views

Multiple vulnerabilities through filename manipulation in Archive_Tar

ArchiveTar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack such as file:// to overwrite files can still succeed. See: https://github.com/pear/ArchiveTar/issues/33...

7.8CVSS7.6AI score0.84554EPSS
Exploits4References23Affected Software1
Github Security Blog
Github Security Blog
added 2021/04/20 4:44 p.m.69 views

Externally Controlled Reference to a Resource in Another Sphere, Improper Input Validation, and External Control of File Name or Path in Ansible

A vulnerability was found in Ansible Engine versions 2.9.x before 2.9.3, 2.8.x before 2.8.8, 2.7.x before 2.7.16 and earlier, where in Ansible's nxosfilecopy module can be used to copy files to a flash or bootflash on NXOS devices. Malicious code could craft the filename parameter to perform OS...

7.3CVSS2.4AI score0.00736EPSS
Exploits0References9Affected Software1
Github Security Blog
Github Security Blog
added 2021/04/20 4:35 p.m.69 views

Infinite Loop in Pygments

An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML SML source file, as demonstrated by input that only contains the "exception" keyword...

7.5CVSS3.1AI score0.02707EPSS
Exploits0References9Affected Software1
Github Security Blog
Github Security Blog
added 2021/04/19 2:49 p.m.69 views

Stored cross-site scripting in Grid component in Vaadin 7 and 8

Missing variable sanitization in Grid component in com.vaadin:vaadin-server versions 7.4.0 through 7.7.19 Vaadin 7.4.0 through 7.7.19, and 8.0.0 through 8.8.4 Vaadin 8.0.0 through 8.8.4 allows attacker to inject malicious JavaScript via unspecified vector. -...

6.1CVSS3AI score0.00923EPSS
Exploits0References6Affected Software2
Github Security Blog
Github Security Blog
added 2021/04/07 8:50 p.m.69 views

Arbitrary code execution in clickhouse-driver

clickhouse-driver before 0.1.5 allows a malicious clickhouse server to trigger a crash or execute arbitrary code on a database client via a crafted server response, due to a buffer overflow...

9.8CVSS9.4AI score0.02556EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2021/03/25 9:6 p.m.69 views

Command injection in fs-path

fs-path node module before 0.0.25 is vulnerable to command injection by way of user-supplied inputs via the copy, copySync, remove, and removeSync methods...

10CVSS9.4AI score0.11168EPSS
Exploits1References5Affected Software1
Github Security Blog
Github Security Blog
added 2021/03/23 10:48 p.m.69 views

Rating Script Service expose XWiki to SQL injection

Impact This issue impacts only XWiki with the Ratings API installed. The Rating Script Service expose an API to perform SQL requests without escaping the from and where search arguments. This might lead to an SQL script injection quite easily for any user having Script rights on XWiki. Patches Th...

8.8CVSS0.2AI score0.01345EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2021/03/23 1:54 a.m.69 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in typo3/cms-form

Problem It has been discovered that the Form Designer backend module of the Form Framework is vulnerable to cross-site scripting. A valid backend user account with access to the form module is needed to exploit this vulnerability. Solution Update to TYPO3 versions 10.4.14 or 11.1.1 that fix the...

5.4CVSS1.7AI score0.00872EPSS
Exploits0References7Affected Software3
Github Security Blog
Github Security Blog
added 2021/03/23 1:53 a.m.69 views

Broken Access Control in Form Framework

Problem Due to improper input validation, attackers can by-pass restrictions of predefined options and submit arbitrary data in the Form Designer backend module of the Form Framework. In the default configuration of the Form Framework this allows attackers to explicitly allow arbitrary mime-types...

8.3CVSS3AI score0.01606EPSS
Exploits0References7Affected Software3
Github Security Blog
Github Security Blog
added 2021/03/23 1:53 a.m.69 views

Open Redirection in Login Handling

Problem It has been discovered that Login Handling is susceptible to open redirection which allows attackers redirecting to arbitrary content, and conducting phishing attacks. No authentication is required in order to exploit this vulnerability. Solution Update to TYPO3 versions 6.2.57, 7.6.51,...

6.1CVSS2.4AI score0.01104EPSS
Exploits0References7Affected Software2
Github Security Blog
Github Security Blog
added 2021/03/18 7:30 p.m.69 views

Improper Input Validation (RCE)

Wazuh API in Wazuh from 4.0.0 to 4.0.3 allows authenticated users to execute arbitrary code with administrative privileges via /manager/files URI. An authenticated user to the service may exploit incomplete input validation on the /manager/files API to inject arbitrary code within the API service...

8.8CVSS6.7AI score0.08746EPSS
Exploits4References4Affected Software1
Github Security Blog
Github Security Blog
added 2021/02/01 3:1 p.m.69 views

Angular Expressions - Remote Code Execution

Impact The vulnerability, reported by GoSecure Inc, allows Remote Code Execution, if you call expressions.compileuserControlledInput where userControlledInput is text that comes from user input. This time, the security of the package could be bypassed by using a more complex payload, using a...

8.8CVSS2.9AI score0.0273EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2021/01/05 5:29 p.m.69 views

Directory Traversal in spring-boot-actuator-logview

Impact The nature of this library is to expose a log file directory via admin spring boot actuator HTTP endpoints. Both the filename to view and a base folder relative to the logging folder root can be specified via request parameters. While the filename parameter was checked to prevent directory...

7.7CVSS0.6AI score0.21173EPSS
Exploits2References6Affected Software1
Github Security Blog
Github Security Blog
added 2020/12/08 2:18 p.m.69 views

omniauth-apple allows attacker to fake their email address during authentication

Impact This vulnerability impacts applications using the omniauth-apple strategy of OmniAuth and using the info.email field of OmniAuth's Auth Hash Schema for any kind of identification. The value of this field may be set to any value of the attacker's choice including email addresses of other...

7.7CVSS3.7AI score0.01322EPSS
Exploits1References6Affected Software1
Github Security Blog
Github Security Blog
added 2020/09/04 3:6 p.m.69 views

Prototype Pollution in handlebars

Versions of handlebars prior to 3.0.8 or 4.5.3 are vulnerable to prototype pollution. It is possible to add or modify properties to the Object prototype through a malicious template. This may allow attackers to crash the application or execute Arbitrary Code in specific conditions. Recommendation...

6.5AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2020/09/02 8:33 p.m.69 views

Malicious Package in requet

All versions of requet typosquatted a popular package of similar name and tracked users who had installed the incorrect package. The package uploaded information to a remote server including: name of the downloaded package, name of the intended package, the Node version and whether the process wa...

4AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2020/09/01 7:39 p.m.69 views

Remote Memory Exposure in mongoose

Versions of mongoose before 4.3.6, 3.8.39 are vulnerable to remote memory exposure. Trying to save a number to a field of type Buffer on the affected mongoose versions allocates a chunk of uninitialized memory and stores it in the database. Recommendation Update to version 4.3.6, 3.8.39 or later...

3.9AI score
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2020/08/17 9:44 p.m.69 views

Server-Side Request Forgery in ftp-srv

Background The FTP protocol creates two connections, one for commands and one for transferring data. This second data connection can be created in two ways, on the server by sending the PASV command, or on the client by sending the PORT command. The PORT command sends the IP and port for the serv...

9.1CVSS9.6AI score0.01859EPSS
Exploits0References8Affected Software1
Github Security Blog
Github Security Blog
added 2020/08/05 9:43 p.m.69 views

CSRF Vulnerability in polaris-website

Impact CSRF vulnerability: In some very specific circumstances, an attacker would be able to update your settings. Basically you would need to navigate to hackersite.com while logged into our panel. Then they could modify your settings. They couldn't check if it worked, nor could they read your...

0.3AI score
Exploits0References7Affected Software1
Github Security Blog
Github Security Blog
added 2020/05/21 9:8 p.m.69 views

XSS in Dolibarr

Dolibarr before 11.0.4 allows XSS...

5.4CVSS2.4AI score0.01145EPSS
Exploits4References5Affected Software1
Github Security Blog
Github Security Blog
added 2020/05/13 4:1 p.m.69 views

Out-of-bounds read in TensorFlow possibly causing disclosure of the contents of process memory.

TensorFlow before 1.7.0 has an integer overflow that causes an out-of-bounds read, possibly causing disclosure of the contents of process memory. This occurs in the DecodeBmp feature of the BMP decoder in core/kernels/decodebmpop.cc...

6.5CVSS6.4AI score0.00485EPSS
Exploits0References7Affected Software2
Github Security Blog
Github Security Blog
added 2020/02/26 7:54 p.m.69 views

Inclusion of Sensitive Information in Log Files and Improper Output Neutralization for Logs in Ansible

Ansible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible versions 2.7.x before 2.7.15, is not respecting the flag nolog set it to True when Sumologic and Splunk callback plugins are used send tasks results events to collectors. This would discloses and collects any sensitive data...

6.5CVSS2.2AI score0.01857EPSS
Exploits1References16Affected Software1
Github Security Blog
Github Security Blog
added 2020/01/08 5:15 p.m.69 views

XSS in enshrined/svg-sanitize due to mishandled script and data values in attributes

enshrined/svg-sanitize before 0.12.0 mishandles script and data values in attributes, as demonstrated by unexpected whitespace such as in the javascript:alert substring...

7.5CVSS2AI score0.01036EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2019/12/02 6:3 p.m.69 views

typed-ast Out-of-bounds Read

typedast 1.3.0 and 1.3.1 has an astforarguments out-of-bounds read. An attacker with the ability to cause a Python interpreter to parse Python source but not necessarily execute it may be able to crash the interpreter process. This could be a concern, for example, in a web-based service that pars...

7.5CVSS7.2AI score0.03255EPSS
Exploits0References9Affected Software1
Github Security Blog
Github Security Blog
added 2018/12/06 3:49 p.m.69 views

Path Traversal in simplehttpserver

All versions of simplehttpserver are vulnerable to Path Traversal. This vulnerability allows an attacker to access files outside the webroot since it allows symlink navigation in the URL. Recommendation No fix is currently available. Do not use simplehttpserver in production or consider using an...

5.3CVSS4AI score0.01295EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/03 6:31 a.m.68 views

Roundcube Webmail: Unsafe deserialization in the redis/memcache session handler

An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. Unsafe deserialization in the redis/memcache session handler may lead to arbitrary file write operations by unauthenticated attackers via crafted session data...

7.5CVSS6AI score0.00475EPSS
Exploits0References10Affected Software1
Github Security Blog
Github Security Blog
added 2024/06/25 5:7 p.m.68 views

DSpace Cross Site Scripting (XSS) via a deposited HTML/XML document

Impact In DSpace 7.0 through 7.6.1, when an HTML, XML or JavaScript Bitstream is downloaded, the user's browser may execute any embedded JavaScript. If that embedded JavaScript is malicious, there is a risk of an XSS attack. This attack may only be initialized by a user who already has Submitter...

2.6CVSS3.2AI score0.00393EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2024/05/09 9:18 p.m.68 views

Next.js Server-Side Request Forgery in Server Actions

Impact A Server-Side Request Forgery SSRF vulnerability was identified in Next.js Server Actions by security researchers at Assetnote. If the Host header is modified, and the below conditions are also met, an attacker may be able to make requests that appear to be originating from the Next.js...

7.5CVSS6.7AI score0.05453EPSS
Exploits3References5Affected Software1
Github Security Blog
Github Security Blog
added 2024/05/01 10:1 a.m.68 views

Uptime Kuma vulnerable to authenticated remote code execution via malicious plugin installation

Summary Installation of a maliciously crafted plugin allows for remote code execution by an authenticated attacker. Details Uptime Kuma allows authenticated users to install plugins from an official list of plugins. This feature is currently disabled in the web interface, but the corresponding AP...

8.8CVSS8.2AI score0.02017EPSS
Exploits1References7Affected Software1
Github Security Blog
Github Security Blog
added 2024/03/26 9:23 p.m.68 views

TinyMCE Cross-Site Scripting (XSS) vulnerability in handling external SVG files through Object or Embed elements

Impact A cross-site scripting XSS vulnerability was discovered in TinyMCE’s content loading and content inserting code. A SVG image could be loaded though an object or embed element and that image could potentially contain a XSS payload. Fix TinyMCE 6.8.1 introduced a new convertunsafeembeds opti...

6.1CVSS5.8AI score0.00722EPSS
Exploits0References6Affected Software2
Total number of security vulnerabilities5000