Lucene search
K
GithubMost viewed

33227 matches found

Github Security Blog
Github Security Blog
•added 2022/05/14 3:47 a.m.•54 views

Open redirect in ASP.NET Core

ASP.NET Core 2.0 allows an attacker to steal log-in session information such as cookies or authentication tokens via a specially crafted URL aka "ASP.NET Core Elevation Of Privilege Vulnerability"...

8.8CVSS5.3AI score0.09398EPSS
Exploits0References5Affected Software2
Github Security Blog
Github Security Blog
•added 2022/05/14 3:15 a.m.•54 views

Dolibarr SQL injection vulnerability

SQL injection vulnerability in Dolibarr before 7.0.2 allows remote attackers to execute arbitrary SQL commands via vectors involving integer parameters without quotes...

9.8CVSS8.9AI score0.71242EPSS
Exploits10References7Affected Software1
Github Security Blog
Github Security Blog
•added 2022/04/01 1:59 p.m.•54 views

Improper Removal of Sensitive Information Before Storage or Transfer in irrd

IRRd did not always filter password hashes in query responses relating to mntner objects and database exports. This may have allowed adversaries to retrieve some of these hashes, perform a brute-force search for the clear-text passphrase, and use these to make unauthorised changes to affected IRR...

7.5CVSS1.2AI score0.01366EPSS
Exploits0References7Affected Software1
Github Security Blog
Github Security Blog
•added 2022/03/22 12:0 a.m.•54 views

Exposure of Resource to Wrong Sphere in ThinkPHP Framework

ThinkPHP Framework v5.0.24 was discovered to be configured without the PATHINFO parameter. This allows attackers to access all system environment parameters from index.php...

7.5CVSS4AI score0.04748EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
•added 2022/02/25 12:1 a.m.•54 views

SQL injection in francoisjacquet/rosariosis

An SQL Injection vulnerability exits in RosarioSIS before 7.6.1 via the votes parameter in ProgramFunctions/PortalPollsNotes.fnc.php...

9.8CVSS4.4AI score0.23673EPSS
Exploits3References6Affected Software1
Github Security Blog
Github Security Blog
•added 2022/02/11 11:18 p.m.•54 views

TPM 1.2 key authorization values vulnerable to TPM transport eavesdropper in go-tpm

Impact TPM 2.0 users are unaffected by this issue. An adversary eavesdropping on the TPM 1.2 transport path can calculate usageAuth for a key created with CreateWrapKey, even though this value is encrypted as part of the TPM 1.2 command protocol. The TPM 1.2 CreateWrapKey command accepts two...

7.1CVSS6.7AI score0.0018EPSS
Exploits1References6Affected Software1
Github Security Blog
Github Security Blog
•added 2022/02/10 11:33 p.m.•54 views

Time-of-check Time-of-use (TOCTOU) Race Condition in chownr

A TOCTOU issue in the chownr package before 1.1.0 for Node.js 10.10 could allow a local attacker to trick it into descending into unintended directories via symlink attacks...

2.5CVSS4.8AI score0.00334EPSS
Exploits1References8Affected Software1
Github Security Blog
Github Security Blog
•added 2022/02/09 12:58 a.m.•54 views

Path Traversal

A vulnerability was found in keycloak, where path traversal using URL-encoded path segments in the request is possible because the resources endpoint applies a transformation of the url path to the file path. Only few specific folder hierarchies can be exposed by this flaw...

7.5CVSS2.6AI score0.0136EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
•added 2022/01/28 10:36 p.m.•54 views

Cross-site Scripting in phpmyadmin

An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection...

6.1CVSS1.6AI score0.07936EPSS
Exploits2References7Affected Software1
Github Security Blog
Github Security Blog
•added 2022/01/21 11:37 p.m.•54 views

Cross-Site Request Forgery in Jenkins

Jenkins 2.329 and earlier, LTS 2.319.1 and earlier does not require POST requests for the HTTP endpoint handling manual build requests when no security realm is set, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to trigger build of job without...

4.3CVSS5.3AI score0.01779EPSS
Exploits0References8Affected Software1
Github Security Blog
Github Security Blog
•added 2021/12/16 6:53 p.m.•54 views

Vulnerable dependency in XTDB connector

Impact The impacted portion of the XTDB connector is its connectivity to S3 as a backing store: this is the only portion of the connector that uses this vulnerable httpclient dependency. Per the description, the vulnerability regards URIs that may be misinterpreted, which given the area of impact...

5.3CVSS0.4AI score0.08665EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
•added 2021/12/09 7:16 p.m.•54 views

Unsafe Deserialization in jackson-databind

FasterXML jackson-databind 2.x before 2.9.10.8 an 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource...

8.1CVSS8.6AI score0.04912EPSS
Exploits1References13Affected Software1
Github Security Blog
Github Security Blog
•added 2021/12/09 7:16 p.m.•54 views

Unsafe Deserialization in jackson-databind

FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool...

8.1CVSS8.6AI score0.0489EPSS
Exploits1References13Affected Software1
Github Security Blog
Github Security Blog
•added 2021/12/09 7:16 p.m.•54 views

Unsafe Deserialization in jackson-databind

FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS...

8.8CVSS8.6AI score0.05041EPSS
Exploits2References13Affected Software1
Github Security Blog
Github Security Blog
•added 2021/11/10 8:58 p.m.•54 views

Improper Verification of Cryptographic Signature in starkbank-ecdsa

The verify function in the Stark Bank .NET ECDSA library ecdsa-dotnet 1.3.1 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages...

9.8CVSS5.1AI score0.01022EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
•added 2021/10/06 5:49 p.m.•54 views

Splash authentication credentials potentially leaked to target websites

Impact If you use HttpAuthMiddleware i.e. the httpuser and httppass spider attributes for Splash authentication, any non-Splash request will expose your credentials to the request target. This includes robots.txt requests sent by Scrapy when the ROBOTSTXTOBEY setting is set to True. Patches Upgra...

7.5CVSS0.4AI score0.01077EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
•added 2021/10/04 8:14 p.m.•54 views

Insufficiently restricted permissions on plugin directories

Impact A bug was found in containerd where container root directories and some plugins had insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traverse directory contents and execute programs. When containers included executable programs with extended permission...

7.8CVSS2.7AI score0.00482EPSS
Exploits0References13Affected Software1
Github Security Blog
Github Security Blog
•added 2021/09/20 8:45 p.m.•54 views

Infinite loop in Tomcat due to parsing error

Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop resulting in a denial of service...

7.5CVSS3.5AI score0.07182EPSS
Exploits0References9Affected Software1
Github Security Blog
Github Security Blog
•added 2021/09/09 5:8 p.m.•54 views

Cross-site Scripting in LibreNMS

In LibreNMS description variable. As a result, arbitrary Javascript code can get executed...

5.4CVSS2.9AI score0.00778EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
•added 2021/09/02 5:16 p.m.•54 views

Insertion of Sensitive Information into Externally-Accessible File or Directory and Exposure of Sensitive Information to an Unauthorized Actor in hbs

The npm hbs package is an Express view engine wrapper for Handlebars. Depending on usage, users of hbs may be vulnerable to a file disclosure vulnerability. There is currently no patch for this vulnerability. hbs mixes pure template data with engine configuration options through the Express rende...

5.3CVSS0.8AI score0.01178EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
•added 2021/08/30 5:22 p.m.•54 views

Improper Removal of Sensitive Information Before Storage or Transfer in HashiCorp Vault

HashiCorp Vault and Vault Enterprise’s UI erroneously cached and exposed user-viewed secrets between sessions in a single shared browser. Fixed in 1.8.0 and pending 1.7.4 / 1.6.6 releases...

5.3CVSS5.9AI score0.00911EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
•added 2021/08/25 2:44 p.m.•55 views

Floating point exception in `SparseDenseCwiseDiv`

Impact The implementation of tf.rawops.SparseDenseCwiseDiv is vulnerable to a division by 0 error: python import tensorflow as tf import numpy as np tf.rawops.SparseDenseCwiseDiv spindices=np.array4, spvalues=np.array-400, spshape=np.array647., dense=np.array0 The implementation uses a common cla...

5.5CVSS5.9AI score0.00152EPSS
Exploits0References7Affected Software3
Github Security Blog
Github Security Blog
•added 2021/08/02 4:56 p.m.•54 views

Improper Handling of Length Parameter Inconsistency in Apache Ant

When reading a specially crafted ZIP archive, or a derived formats, an Apache Ant build can be made to allocate large amounts of memory that leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant. Commonly used derived formats from ZIP archives...

5.5CVSS6AI score0.0262EPSS
Exploits0References13Affected Software1
Github Security Blog
Github Security Blog
•added 2021/06/29 9:32 p.m.•54 views

Incorrect Default Permissions in Binance tss-lib

The keygen protocol implementation in Binance tss-lib before 1.2.0 allows attackers to generate crafted h1 and h2 parameters in order to compromise a signing round or obtain sensitive information from other parties. Specific Go Packages Affected github.com/binance-chain/tss-lib/ecdsa/keygen...

8.2CVSS7.6AI score0.01247EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
•added 2021/06/23 6:14 p.m.•54 views

Improper Neutralization of Special Elements in Output in helm.sh/helm/v3

Since Helm 2 was released, a well-documented aspect of Helm is that the Helm chart's version number MUST follow the SemVer2 specification. In the past, Helm would not permit charts with malformed versions. At some point, a patch was merged that changed this - On a version parse error, the version...

6.8CVSS0.3AI score0.0103EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
•added 2021/06/23 5:53 p.m.•54 views

Denial of service in GJSON

GJSON before 1.6.4 allows attackers to cause a denial of service via crafted JSON. Due to improper bounds checking, maliciously crafted JSON objects can cause an out-of-bounds panic. If parsing user input, this may be used as a denial of service vector...

7.5CVSS7.2AI score0.01662EPSS
Exploits1References5Affected Software1
Github Security Blog
Github Security Blog
•added 2021/06/23 5:25 p.m.•54 views

Duplicate Advisory: gosaml2 is vulnerable to NULL Pointer Dereference from malformed XML signatures

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-prjq-f4q3-fvfr. This link is maintained to preserve external references. Original Description This affects all versions less than 0.7.0 of package github.com/russellhaering/gosaml2. There is a crash on null...

7.5CVSS7AI score0.01662EPSS
Exploits0References8Affected Software2
Github Security Blog
Github Security Blog
•added 2021/06/22 1:14 a.m.•54 views

Regular Expression Denial of Service (ReDOS)

In the npm package color-string, there is a ReDos Regular Expression Denial of Service vulnerability regarding an exponential time complexity for linearly increasing input lengths for hwb color strings. Strings reaching more than 5000 characters would see several milliseconds of processing time;...

5.3CVSS2.7AI score0.03134EPSS
Exploits1References7Affected Software1
Github Security Blog
Github Security Blog
•added 2021/06/16 5:56 p.m.•54 views

Excessive Iteration Denial of Service in Apache PDFBox

A carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versions...

5.5CVSS4.1AI score0.02979EPSS
Exploits0References27Affected Software1
Github Security Blog
Github Security Blog
•added 2021/06/16 5:53 p.m.•54 views

Insecure temporary file used in com.squareup:connect

This affects all versions of package com.squareup:connect. The method prepareDownloadFilecreates creates a temporary file with the permissions bits of -rw-r--r-- on unix-like systems. On unix-like systems, the system temporary directory is shared between users. As such, the contents of the file...

4.4CVSS2.2AI score0.00341EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
•added 2021/06/15 4:12 p.m.•54 views

Server-Side Request Forgery in Plone

Plone though 5.2.4 allows SSRF via the lxml parser. This affects Diazo themes, Dexterity TTW schemas, and modeleditors in plone.app.theming, plone.app.dexterity, and plone.supermodel...

7.5CVSS4.4AI score0.01195EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
•added 2021/06/08 11:8 p.m.•54 views

Cross-site scripting in Shopizer

A reflected cross-site scripting XSS vulnerability in Shopizer before 2.17.0 allows remote attackers to inject arbitrary web script or HTML via the ref parameter to a page about an arbitrary product, e.g., a product/insert-product-name-here.html/ref= URL...

4.8CVSS4.1AI score0.02916EPSS
Exploits2References5Affected Software1
Github Security Blog
Github Security Blog
•added 2021/05/25 6:46 p.m.•54 views

Cross-Site Request Forgery in OpenNMS Horizon

In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerable to CSRF, due to no CSRF protection, and...

4.3CVSS3.6AI score0.00633EPSS
Exploits1References5Affected Software2
Github Security Blog
Github Security Blog
•added 2021/05/21 2:29 p.m.•54 views

Segfault in `tf.raw_ops.SparseCountSparseOutput`

Impact Passing invalid arguments e.g., discovered via fuzzing to tf.rawops.SparseCountSparseOutput results in segfault. Patches We have patched the issue in GitHub commit 82e6203221865de4008445b13c69b6826d2b28d9. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on...

5.5CVSS2.5AI score0.00194EPSS
Exploits1References7Affected Software3
Github Security Blog
Github Security Blog
•added 2021/05/21 2:26 p.m.•54 views

Division by zero in TFLite's implementation of `SpaceToDepth`

Impact The Prepare step of the SpaceToDepth TFLite operator does not check for 0 before division. cc const int blocksize = params-blocksize; const int inputheight = input-dims-data1; const int inputwidth = input-dims-data2; int outputheight = inputheight / blocksize; int outputwidth = inputwidth ...

7.8CVSS2.6AI score0.00201EPSS
Exploits1References8Affected Software3
Github Security Blog
Github Security Blog
•added 2021/05/17 8:58 p.m.•54 views

Insecure template handling in express-hbs

express-hbs is an Express handlebars template engine. express-hbs mixes pure template data with engine configuration options through the Express render API. More specifically, the layout parameter may trigger file disclosure vulnerabilities in downstream applications. This potential vulnerability...

6.8CVSS2.1AI score0.01268EPSS
Exploits1References6Affected Software1
Github Security Blog
Github Security Blog
•added 2021/05/10 6:46 p.m.•54 views

Regular expression denial of service in codemirror

This affects the package codemirror before 5.58.2; the package org.apache.marmotta.webjars:codemirror before 5.58.2. The vulnerable regular expression is located in https://github.com/codemirror/CodeMirror/blob/cdb228ac736369c685865b122b736cd0d397836c/mode/javascript/javascript.jsL129. The ReDOS...

7.5CVSS6.3AI score0.05197EPSS
Exploits1References15Affected Software1
Github Security Blog
Github Security Blog
•added 2021/05/07 3:53 p.m.•54 views

Uncontrolled Resource Consumption in Apache Tika

A carefully crafted or corrupt PSD file can cause excessive memory usage in Apache Tika's PSDParser in versions 1.0-1.23...

5.5CVSS5.9AI score0.02926EPSS
Exploits0References7Affected Software1
Github Security Blog
Github Security Blog
•added 2021/05/06 6:27 p.m.•54 views

Code injection in blamer

Code injection vulnerability in blamer 1.0.0 and earlier may result in remote code execution when the input can be controlled by an attacker...

9.8CVSS9.9AI score0.04164EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
•added 2021/04/20 4:13 p.m.•54 views

pwntools Server-Side Template Injection (SSTI) vulnerability

This affects the package pwntools before 4.3.1. The shellcraft generator for affected versions of this module are vulnerable to Server-Side Template Injection SSTI, which can lead to remote code execution...

9.8CVSS9.8AI score0.04162EPSS
Exploits1References7Affected Software1
Github Security Blog
Github Security Blog
•added 2021/04/13 3:24 p.m.•54 views

Prototype pollution in set-object-value

Prototype pollution vulnerability in 'set-object-value' versions 0.0.0 through 0.0.5 allows an attacker to cause a denial of service and may lead to remote code execution...

9.8CVSS9.1AI score0.03591EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
•added 2021/04/07 9:14 p.m.•54 views

Improper Restriction of XML External Entity Reference in Plone

Plone before 5.2.3 allows XXE attacks via a feature that is protected by an unapplied permission of plone.schemaeditor.ManageSchemata therefore, only available to the Manager role...

8.8CVSS8.1AI score0.01066EPSS
Exploits0References6Affected Software5
Github Security Blog
Github Security Blog
•added 2021/04/07 9:13 p.m.•54 views

Improper Restriction of XML External Entity Reference in Plone

Plone before 5.2.3 allows XXE attacks via a feature that is explicitly only available to the Manager role...

8.8CVSS8.2AI score0.01066EPSS
Exploits0References6Affected Software5
Github Security Blog
Github Security Blog
•added 2021/04/06 5:30 p.m.•54 views

Command Injection Vulnerability in systeminformation

Impact command injection vulnerability Patches Problem was fixed with a parameter check. Please upgrade to version = 5.6.4 Workarounds If you cannot upgrade, be sure to check or sanitize service parameters that are passed to si.inetLatency, si.inetChecksite, si.services, si.processLoad ... do onl...

9.8CVSS4.3AI score0.01854EPSS
Exploits0References7Affected Software1
Github Security Blog
Github Security Blog
•added 2021/03/29 8:59 p.m.•54 views

Out-of-bounds write

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1092, CVE-2019-1103, CVE-2019-1106, CVE-2019-1107...

7.6CVSS2.6AI score0.08948EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
•added 2021/03/29 8:57 p.m.•54 views

Out-of-bounds write in Microsoft.ChakraCore

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1131, CVE-2019-1139, CVE-2019-1140, CVE-2019-1195, CVE-2019-1196...

7.6CVSS6AI score0.01883EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
•added 2021/03/29 8:55 p.m.•54 views

Out-of-bounds write

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1307, CVE-2019-1335, CVE-2019-1366...

7.6CVSS2.6AI score0.09703EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
•added 2021/03/29 4:35 p.m.•54 views

Out of bounds write in Pillow

An issue was discovered in Pillow before 8.1.1. TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. NOTE: this issue exists because of an incomplete fix for CVE-2020-35654...

9.8CVSS2.9AI score0.02281EPSS
Exploits0References7Affected Software1
Github Security Blog
Github Security Blog
•added 2021/03/23 3:26 p.m.•54 views

OMERO webclient does not validate URL redirects on login or switching group.

Background OMERO.web supports redirection to a given URL after performing login or switching the group context. These URLs are not validated, allowing redirection to untrusted sites. OMERO.web 5.9.0 adds URL validation before redirecting. External URLs are not considered valid, unless specified i...

5.4CVSS1.3AI score0.00826EPSS
Exploits0References8Affected Software1
Github Security Blog
Github Security Blog
•added 2021/03/19 9:18 p.m.•54 views

Prototype Pollution Vulnerability in object-collider

Prototype pollution vulnerability in 'object-collider' versions 1.0.0 through 1.0.3 allows attacker to cause a denial of service and may lead to remote code execution...

9.8CVSS6.9AI score0.03702EPSS
Exploits1References4Affected Software1
Total number of security vulnerabilities5000