Lucene search
K
GithubMost viewed

33225 matches found

Github Security Blog
Github Security Blog
•added 2022/06/18 12:0 a.m.•48 views

Uncontrolled Resource Consumption in @discordjs/opus

Improperly handled errors in @discordjs/opus cause hard crashes instead of returning the error to user land. All versions of package @discordjs/opus = 0.7.0 are vulnerable to Denial of Service DoS when trying to encode using an encoder with zero channels, or a non-initialized buffer. This leads t...

7.5CVSS7.1AI score0.01274EPSS
Exploits1References6Affected Software1
Github Security Blog
Github Security Blog
•added 2022/06/11 12:0 a.m.•48 views

Unsafe deserialization in com.alibaba:fastjson

The package com.alibaba:fastjson before 1.2.83 is vulnerable to Deserialization of Untrusted Data by bypassing the default autoType shutdown restrictions, which is possible under certain conditions. Exploiting this vulnerability allows attacking remote servers. Workaround: If upgrading is not...

9.8CVSS6.1AI score0.17767EPSS
Exploits5References9Affected Software1
Github Security Blog
Github Security Blog
•added 2022/06/08 10:34 p.m.•48 views

Path Traversal in Git HTTP endpoints in Gogs

Impact The malicious user is able to craft HTTP requests to access unauthorized Git directories. All installations with are affected. Patches Path cleaning has accommodated for Git HTTP endpoints. Users should upgrade to 0.12.9 or the latest 0.13.0+dev. Workarounds N/A References...

8.1CVSS1.4AI score0.51136EPSS
Exploits1References7Affected Software1
Github Security Blog
Github Security Blog
•added 2022/05/25 10:41 p.m.•48 views

Cross-site Scripting in wiki manager join wiki page

Impact We found a possible XSS vector in the WikiManager.JoinWiki wiki page related to the "requestJoin" field. Patches The issue is patched in versions 12.10.11, 14.0-rc-1, 13.4.7, 13.10.3. Workarounds The easiest workaround is to edit the wiki page WikiManager.JoinWiki with wiki editor and chan...

7.4CVSS5.7AI score0.00921EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
•added 2022/05/24 10:28 p.m.•48 views

Moodle Persistent Cross-site Scripting (XSS)

Persistent XSS in /course/modedit.php of Moodle through 3.7.2 allows authenticated users Teacher and above to inject JavaScript into the session of another user e.g., enrolled student or site administrator via the introeditortext parameter. NOTE: the discoverer and vendor disagree on whether Mood...

5.4CVSS5.9AI score0.00791EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
•added 2022/05/24 10:0 p.m.•48 views

Cross-site Scripting in Bootstrap-3-Typeahead

Bootstrap-3-Typeahead after version 4.0.2 is vulnerable to a cross-site scripting flaw in the highlighter function. An attacker could exploit this via user interaction to execute code in the user's browser. This issue was introduced in commit dbd1af5bf and has not been fixed...

6.1CVSS3.9AI score0.01532EPSS
Exploits0References8Affected Software2
Github Security Blog
Github Security Blog
•added 2022/05/24 7:19 p.m.•48 views

Improper Output Neutralization for Logs in Spring Framework

In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries...

4.3CVSS3.3AI score0.01268EPSS
Exploits0References5Affected Software2
Github Security Blog
Github Security Blog
•added 2022/05/24 5:35 p.m.•48 views

Wildfly has a memory leak vulnerability

A flaw was found in Wildfly affecting versions 19.0.0.Final, 19.1.0.Final, 20.0.0.Final, 20.0.1.Final, and 21.0.0.Final. When an application uses the OpenTracing API's java-interceptors, there is a possibility of a memory leak. This flaw allows an attacker to impact the availability of the server...

7.1CVSS6.7AI score0.01109EPSS
Exploits0References8Affected Software1
Github Security Blog
Github Security Blog
•added 2022/05/24 5:25 p.m.•48 views

Jenkins Cross-Site Scripting vulnerability in help icons

Jenkins 2.251 and earlier, LTS 2.235.3 and earlier does not escape the tooltip content of help icons. Tooltip values can be contributed by plugins, some of which use user-specified values. This results in a stored cross-site scripting XSS vulnerability. Jenkins 2.252, LTS 2.235.4 escapes the...

5.4CVSS5.3AI score0.06765EPSS
Exploits3References6Affected Software1
Github Security Blog
Github Security Blog
•added 2022/05/23 8:17 p.m.•48 views

Improper handling of multiline messages in node-irc affects matrix-appservice-irc

matrix-appservice-irc provides an IRC bridge for Matrix. The vulnerability in node-irc allows an attacker to manipulate a Matrix user into executing IRC commands by having them reply to a maliciously crafted message. The vulnerability has been patched in matrix-appservice-irc 0.33.2. In terms of ...

8.8CVSS8.3AI score0.00938EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
•added 2022/05/17 1:38 a.m.•48 views

Cross-site scripting in yui 2.4.0

Cross-site scripting XSS vulnerability in the Flash component infrastructure in YUI 2.4.0 through 2.9.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to charts.swf, a similar issue to CVE-2010-4207...

4.3CVSS5.7AI score0.02454EPSS
Exploits0References7Affected Software1
Github Security Blog
Github Security Blog
•added 2022/05/14 2:49 a.m.•48 views

Improper Access Control in Elasticsearch

The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands via a crafted script...

9.8CVSS9AI score0.99906EPSS
Exploits19References8Affected Software1
Github Security Blog
Github Security Blog
•added 2022/05/14 2:44 a.m.•48 views

Improper Neutralization of Input During Web Page Generation in Apache Axis2

Cross-site scripting XSS vulnerability in axis2-admin/axis2-admin/engagingglobally in the administration console in Apache Axis2/Java 1.4.1, 1.5.1, and possibly other versions, as used in SAP Business Objects 12, 3com IMC, and possibly other products, allows remote attackers to inject arbitrary w...

4.3CVSS3.3AI score0.34927EPSS
Exploits1References8Affected Software1
Github Security Blog
Github Security Blog
•added 2022/05/14 2:23 a.m.•48 views

ChakraCore RCE Vulnerability

The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3389, CVE-2016-7190, and...

9.3CVSS7.7AI score0.41323EPSS
Exploits0References7Affected Software1
Github Security Blog
Github Security Blog
•added 2022/05/13 1:27 a.m.•48 views

Exposure of Sensitive Information to an Unauthorized Actor in Elasticsearch

Elasticsearch Alerting and Monitoring in versions before 6.4.1 or 5.6.12 have an information disclosure issue when secrets are configured via the API. The Elasticsearch cluster/settings API, when queried, could leak sensitive configuration information such as passwords, tokens, or usernames. This...

8.8CVSS2.9AI score0.01985EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
•added 2022/05/13 1:21 a.m.•48 views

Nokogiri vulnerable to libxslt protection mechanism bypass

A dependency of Nokogiri, libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded...

9.8CVSS3.5AI score0.05089EPSS
Exploits0References26Affected Software1
Github Security Blog
Github Security Blog
•added 2022/05/13 1:7 a.m.•48 views

Cloud Foundry UAA Identity Zone Admin Privilege Escalation

In Cloud Foundry cf-release versions prior to v264; UAA release all versions of UAA v2.x.x, 3.6.x versions prior to v3.6.13, 3.9.x versions prior to v3.9.15, 3.20.x versions prior to v3.20.0, and other versions prior to v4.4.0; and UAA bosh release uaa-release 13.x versions prior to v13.17, 24.x...

6.6CVSS7.3AI score0.00879EPSS
Exploits0References7Affected Software1
Github Security Blog
Github Security Blog
•added 2022/04/23 12:40 a.m.•48 views

Nokogiri is vulnerable to XML External Entity (XXE) attack

Nokogiri before 1.5.4 is vulnerable to XXE attacks...

7.5CVSS2.5AI score0.02168EPSS
Exploits1References5Affected Software1
Github Security Blog
Github Security Blog
•added 2022/04/12 9:27 p.m.•48 views

Session fixation

Impact The use of Plug.Session in Pow.Plug.Session is susceptible to session fixation attacks if a persistent session store is used for Plug.Session, such as Redis or a database. Cookie store, which is used in most Phoenix apps, doesn't have this vulnerability. Workarounds Call...

6.5CVSS5.7AI score0.0077EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
•added 2022/03/18 12:1 a.m.•48 views

Prototype Pollution in Sails.js

Sails.js = 1.5.2 is vulnerable to Prototype Pollution via controller/load-action-modules.js, function loadActionModules. A patch is available in the master branch of Sails.js's GItHub repository...

9.8CVSS3.4AI score0.01799EPSS
Exploits1References6Affected Software1
Github Security Blog
Github Security Blog
•added 2022/03/15 12:0 a.m.•48 views

Cross-site Scripting in Zenario CMS

Zenario CMS 9.0.54156 is vulnerable to Cross Site Scripting XSS via upload file to .SVG. An attacker can send malicious files to victims and steals victim's cookie leads to account takeover. The person viewing the image of a contact can be victim of XSS...

4.8CVSS3.4AI score0.00506EPSS
Exploits1References5Affected Software1
Github Security Blog
Github Security Blog
•added 2022/03/11 8:52 p.m.•48 views

Improper Authorization in cobbler

Impact If PAM is correctly configured and a user account is set to expired, the expired user-account is still able to successfully log into Cobbler in all places Web UI, CLI & XMLRPC-API. The same applies to user accounts with passwords set to be expired. Patches There is a patch for the latest...

9.1CVSS8.7AI score0.02256EPSS
Exploits1References9Affected Software1
Github Security Blog
Github Security Blog
•added 2022/03/07 9:45 p.m.•48 views

Account compromise in Evmos

Impact What kind of vulnerability is it? Who is impacted? Classification The vulnerability has been classified as critical with a score of 9.0 highest. It has the potential to affect and drain unclaimed airdrop funds from Cosmos and Osmosis eligible user addresses. Disclosure The attack requires...

8.1CVSS1.6AI score0.01051EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
•added 2022/03/05 12:0 a.m.•48 views

Cross Site Request Forgery in intelliants/subrion

Cross Site Request Forgery CSRF vulnerability exists in Intelliants Subrion CMS v4.2.1 via the Members administrator function, which could let a remote unauthenticated malicious user send an authorised request to victim and successfully create an arbitrary administrator user...

8.8CVSS8.6AI score0.0219EPSS
Exploits2References3Affected Software1
Github Security Blog
Github Security Blog
•added 2022/02/25 12:1 a.m.•48 views

Multi-Factor Authentication issue in Laravel Fortify

Laravel Fortify before 1.11.1 allows reuse within a short time window, thus calling into question the "OT" part of the "TOTP" concept...

8.1CVSS2.1AI score0.00931EPSS
Exploits0References7Affected Software1
Github Security Blog
Github Security Blog
•added 2022/02/12 12:0 a.m.•48 views

Deserialization of Untrusted Data in Magnolia CMS

A vulnerability in the Snake YAML parser of Magnolia CMS v6.2.3 and below allows attackers to execute arbitrary code via a crafted YAML file...

7.8CVSS7AI score0.01573EPSS
Exploits2References4Affected Software1
Github Security Blog
Github Security Blog
•added 2022/02/10 11:45 p.m.•48 views

Injection in op-browser

op-browser through 1.0.9 is vulnerable to Command Injection. It allows execution of arbitrary commands via the url function...

9.8CVSS9.3AI score0.04118EPSS
Exploits1References6Affected Software1
Github Security Blog
Github Security Blog
•added 2022/02/10 11:41 p.m.•48 views

Code injection in @rkesters/gnuplot

@rkesters/gnuplot is an easy to use node module to draw charts using gnuplot and ps2pdf. The gnuplot package prior to version 0.1.0 for Node.js allows code execution via shell metacharacters in Gnuplot commands...

9.8CVSS6.3AI score0.01776EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
•added 2022/02/10 11:30 p.m.•48 views

Deserialization of Untrusted Data in bson

Incorrect parsing of certain JSON input may result in js-bson not correctly serializing BSON. This may cause unexpected application behaviour including data disclosure...

5.5CVSS3.3AI score0.00906EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
•added 2022/02/10 10:39 p.m.•48 views

Deserialization of Untrusted Data in Apache Dubbo

This vulnerability can affect all Dubbo users stay on version 2.7.6 or lower. An attacker can send RPC requests with unrecognized service name or method name along with some malicious parameter payloads. When the malicious parameter is deserialized, it will execute some malicious code. More detai...

9.8CVSS9.1AI score0.13946EPSS
Exploits3References4Affected Software2
Github Security Blog
Github Security Blog
•added 2022/02/10 10:21 p.m.•48 views

Code injection in Twig

Description When in a sandbox mode, the arrow parameter of the sort filter must be a closure to avoid attackers being able to run arbitrary PHP functions. Resolution We now disallow calling non Closure in the sort filter like we already did for some other filters. Credits We would like to thank...

9.8CVSS3.5AI score0.08209EPSS
Exploits3References12Affected Software1
Github Security Blog
Github Security Blog
•added 2022/02/10 8:39 p.m.•48 views

Deserialization of Untrusted Data in Apache ShardingSphere

In Apache ShardingSphereincubator 4.0.0-RC3 and 4.0.0, the ShardingSphere's web console uses the SnakeYAML library for parsing YAML inputs to load datasource configuration. SnakeYAML allows to unmarshal data to a Java type By using the YAML tag. Unmarshalling untrusted data can lead to security...

9.8CVSS8.9AI score0.33918EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
•added 2022/02/10 8:28 p.m.•48 views

Authentication bypass in Apache Hadoop

Web endpoint authentication check is broken in Apache Hadoop 3.0.0-alpha4, 3.0.0-beta1, and 3.0.0. Authenticated users may impersonate any user even if no proxy user is configured...

9CVSS2.8AI score0.02365EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
•added 2022/02/10 12:34 a.m.•48 views

`CHECK`-failures in binary ops in Tensorflow

Impact A malicious user can cause a denial of service by altering a SavedModel such that any binary op would trigger CHECK failures. This occurs when the protobuf part corresponding to the tensor arguments is modified such that the dtype no longer matches the dtype expected by the op. In that cas...

6.5CVSS0.4AI score0.00872EPSS
Exploits1References7Affected Software3
Github Security Blog
Github Security Blog
•added 2022/02/10 12:33 a.m.•48 views

Memory leak in Tensorflow

Impact If a graph node is invalid, TensorFlow can leak memory in the implementation of ImmutableExecutorState::Initialize: cc Status s = params.createkerneln-properties, &item-kernel; if !s.ok item-kernel = nullptr; s = AttachDefs, n; return s; Here, we set item-kernel to nullptr but it is a simp...

4.3CVSS1.7AI score0.00716EPSS
Exploits1References7Affected Software3
Github Security Blog
Github Security Blog
•added 2022/02/09 12:0 a.m.•48 views

Server-Side Request Forgery in @peertube/embed-api

@peertube/embed-api version 4.0.0 and prior is vulnerable to server-side request forgery...

6.5CVSS4AI score0.00893EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
•added 2022/01/12 10:51 p.m.•48 views

Deserialization of Untrusted Data in Dubbo

A deserialization vulnerability existed in dubbo hessian-lite 3.2.11 and its earlier versions, which could lead to malicious code execution. Most Dubbo users use Hessian2 as the default serialization/deserialization protocol, during Hessian catch unexpected exceptions, Hessian will log out some...

9.8CVSS3.7AI score0.15313EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
•added 2021/12/16 9:2 p.m.•48 views

vault-cli contains possible RCE when reading user-defined data

Impact What kind of vulnerability is it? Who is impacted? vault-cli features the ability for rendering templated values as explained in the documentation. When a secret starts with the prefix !template!, vault-cli interprets the rest of the contents of the secret as a Jinja2 template. Jinja2 is a...

9.1CVSS0.6AI score0.05004EPSS
Exploits1References8Affected Software1
Github Security Blog
Github Security Blog
•added 2021/12/14 9:36 p.m.•48 views

Buffer overrun in CGI.escape_html

A buffer overrun vulnerability was discovered in CGI.escapehtml. This can lead to a buffer overflow when a user passes a very large string 700 MB to CGI.escapehtml on a platform where long type takes 4 bytes, typically, Windows...

9.8CVSS2.7AI score0.04766EPSS
Exploits1References17Affected Software1
Github Security Blog
Github Security Blog
•added 2021/12/10 8:24 p.m.•48 views

Cross-site Scripting in Apereo CAS

Apereo CAS through 6.4.1 allows XSS via POST requests sent to the REST API endpoints...

6.1CVSS3.2AI score0.08064EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
•added 2021/12/10 5:22 p.m.•48 views

Duplicate Advisory: OS Command Injection in Strapi

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-9p2w-rmx4-9mw7. This link is maintained to preserve external references. Original Description The Strapi framework before 3.0.0-beta.17.8 is vulnerable to Remote Code Execution in the Install and Uninstall Plugi...

9CVSS7.2AI score0.54081EPSS
Exploits11References6Affected Software1
Github Security Blog
Github Security Blog
•added 2021/12/01 6:28 p.m.•48 views

Path Traversal in @backstage/plugin-scaffolder-backend

Impact A malicious actor with write access to a registered scaffolder template is able to manipulate the template in a way that writes files to arbitrary paths on the scaffolder-backend host instance. This vulnerability can in some situation also be exploited through user input when executing a...

8.5CVSS2.3AI score0.01206EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
•added 2021/11/23 6:17 p.m.•48 views

Incorrect Authorization in Apache Ozone

In Apache Ozone versions prior to 1.2.0, Container related Datanode requests of Ozone Datanode were not properly authorized and can be called by any client...

9.1CVSS8.8AI score0.02296EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
•added 2021/11/15 5:54 p.m.•48 views

Rails Multisite secure/signed cookies share secrets between sites in a multi-site application

Impact This vulnerability impacts any Rails applications using railsmultisite alongside Rails' signed/encrypted cookies. Depending on how the application makes use of these cookies, it may be possible for an attacker to re-use cookies on different 'sites' within a multi-site Rails application...

8.8CVSS2.3AI score0.00608EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
•added 2021/11/10 7:36 p.m.•48 views

Crash in `max_pool3d` when size argument is 0 or negative

Impact The Keras pooling layers can trigger a segfault if the size of the pool is 0 or if a dimension is negative: python import tensorflow as tf poolsize = 2, 2, 0 layer = tf.keras.layers.MaxPooling3Dstrides=1, poolsize=poolsize inputtensor = tf.random.uniform3, 4, 10, 11, 12, dtype=tf.float32 r...

5.5CVSS2.5AI score0.0023EPSS
Exploits1References8Affected Software3
Github Security Blog
Github Security Blog
•added 2021/10/27 6:53 p.m.•48 views

Duplicate Advisory: Remote code execution in dask

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-hwqr-f3v9-hwxr. This link is maintained to preserve external references. Original Description An issue was discovered in Dask aka python-dask through 2021.09.1. Single machine Dask clusters started with...

9.8CVSS8.5AI score0.02876EPSS
Exploits0References8Affected Software1
Github Security Blog
Github Security Blog
•added 2021/10/25 7:42 p.m.•48 views

Geth Node Vulnerable to DoS via maliciously crafted p2p message

Impact A vulnerable node is susceptible to crash when processing a maliciously crafted message from a peer, via the snap/1 protocol. The crash can be triggered by sending a malicious snap/1 GetTrieNodes package. Details On September 21, 2021, geth-team member Gary Rong @rjl493456442 found a way t...

5.7CVSS5.7AI score0.01202EPSS
Exploits0References8Affected Software1
Github Security Blog
Github Security Blog
•added 2021/10/21 5:49 p.m.•48 views

modern-async's `forEachSeries` and `forEachLimit` functions do not limit the number of requests

Impact This is a bug affecting two of the functions in this library: forEachSeries and forEachLimit. They should limit the concurrency of some actions but, in practice, they don't. Any code calling these functions will be written thinking they would limit the concurrency but they won't. This coul...

7.5CVSS2.1AI score0.01624EPSS
Exploits1References5Affected Software1
Github Security Blog
Github Security Blog
•added 2021/10/15 6:51 p.m.•48 views

Missing Release of Resource after Effective Lifetime in Apache Tomcat

The fix for bug 63362 present in Apache Tomcat 10.1.0-M1 to 10.1.0-M5, 10.0.0-M1 to 10.0.11, 9.0.40 to 9.0.53 and 8.5.60 to 8.5.71 introduced a memory leak. The object introduced to collect metrics for HTTP upgrade connections was not released for WebSocket connections once the connection was...

7.5CVSS1.2AI score0.10997EPSS
Exploits0References18Affected Software1
Github Security Blog
Github Security Blog
•added 2021/10/11 5:9 p.m.•48 views

Insecure random number generation in keypair

Description and Impact A bug in the pseudo-random number generator used by keypair versions up to and including 1.0.3 could allow for weak RSA key generation. This could enable an attacker to decrypt confidential messages or gain authorized access to an account belonging to the victim. We recomme...

9.1CVSS1.5AI score0.02993EPSS
Exploits1References6Affected Software1
Total number of security vulnerabilities5000