Lucene search
K
GithubMost viewed

33225 matches found

Github Security Blog
Github Security Blog
•added 2021/10/25 7:42 p.m.•48 views

Geth Node Vulnerable to DoS via maliciously crafted p2p message

Impact A vulnerable node is susceptible to crash when processing a maliciously crafted message from a peer, via the snap/1 protocol. The crash can be triggered by sending a malicious snap/1 GetTrieNodes package. Details On September 21, 2021, geth-team member Gary Rong @rjl493456442 found a way t...

5.7CVSS5.7AI score0.01202EPSS
Exploits0References8Affected Software1
Github Security Blog
Github Security Blog
•added 2021/10/21 5:49 p.m.•48 views

modern-async's `forEachSeries` and `forEachLimit` functions do not limit the number of requests

Impact This is a bug affecting two of the functions in this library: forEachSeries and forEachLimit. They should limit the concurrency of some actions but, in practice, they don't. Any code calling these functions will be written thinking they would limit the concurrency but they won't. This coul...

7.5CVSS2.1AI score0.01624EPSS
Exploits1References5Affected Software1
Github Security Blog
Github Security Blog
•added 2021/10/15 6:51 p.m.•48 views

Missing Release of Resource after Effective Lifetime in Apache Tomcat

The fix for bug 63362 present in Apache Tomcat 10.1.0-M1 to 10.1.0-M5, 10.0.0-M1 to 10.0.11, 9.0.40 to 9.0.53 and 8.5.60 to 8.5.71 introduced a memory leak. The object introduced to collect metrics for HTTP upgrade connections was not released for WebSocket connections once the connection was...

7.5CVSS1.2AI score0.10997EPSS
Exploits0References18Affected Software1
Github Security Blog
Github Security Blog
•added 2021/10/11 5:9 p.m.•48 views

Insecure random number generation in keypair

Description and Impact A bug in the pseudo-random number generator used by keypair versions up to and including 1.0.3 could allow for weak RSA key generation. This could enable an attacker to decrypt confidential messages or gain authorized access to an account belonging to the victim. We recomme...

9.1CVSS1.5AI score0.02993EPSS
Exploits1References6Affected Software1
Github Security Blog
Github Security Blog
•added 2021/10/05 5:53 p.m.•48 views

Cobbler before 3.3.0 allows authorization bypass for modification of settings.

Cobbler before 3.3.0 allows authorization bypass for modification of settings...

7.5CVSS3.8AI score0.01307EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
•added 2021/10/04 8:11 p.m.•48 views

Cross-site Scripting in shuup

In Shuup, versions 1.6.0 through 2.10.8 are vulnerable to reflected Cross-Site Scripting XSS that allows execution of arbitrary javascript code on a victim browser. This vulnerability exists due to the error page contents not escaped...

6.1CVSS3.4AI score0.00924EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
•added 2021/09/30 8:50 p.m.•48 views

Cross-site Scripting in OpenCRX

In OpenCRX, versions v4.0.0 through v5.1.0 are vulnerable to reflected Cross-site Scripting XSS, due to unsanitized parameters in the password reset functionality. This allows execution of external javascript files on any user of the openCRX instance...

6.1CVSS3.3AI score0.00838EPSS
Exploits0References3Affected Software5
Github Security Blog
Github Security Blog
•added 2021/09/22 8:37 p.m.•48 views

Improperly Implemented path matching for in-toto-golang

Impact Authenticated attackers posing as functionaries i.e., within a trusted set of users for a layout are able to create attestations that may bypass DISALLOW rules in the same layout. An attacker with access to trusted private keys, may issue an attestation that contains a disallowed artifact ...

6.5CVSS3AI score0.00416EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
•added 2021/09/13 8:6 p.m.•48 views

XML Injection in Any23

An XML external entity XXE injection vulnerability was discovered in the Any23 StreamUtils.java file and is known to affect Any23 versions 2.5. XML external entity injection also known as XXE is a web security vulnerability that allows an attacker to interfere with an application's processing of...

9.1CVSS8.9AI score0.02752EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
•added 2021/09/13 8:5 p.m.•48 views

Clearance Gem Open Redirect Vulnerability

This affects the package clearance before 2.5.0. The vulnerability can be possible when users are able to set the value of session:returnto. If the value used for returnto contains multiple leading slashes /////example.com the user ends up being redirected to the external domain that comes after...

7.6CVSS6.4AI score0.00697EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
•added 2021/09/09 5:8 p.m.•48 views

Unrestricted File Upload in ShowDoc v2.9.5

Unrestricted File Upload in ShowDoc v2.9.5 allows remote attackers to execute arbitrary code via the 'fileurl' parameter in the component AdminUpdateController.class.php'...

9.8CVSS9.5AI score0.04762EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
•added 2021/09/08 8:14 p.m.•48 views

HashiCorp Consul and Consul Enterprise 1.10.1 Txn.Apply endpoint allowed services to register proxies for other services, enabling access to service traffic.

HashiCorp Consul and Consul Enterprise 1.10.1 Txn.Apply endpoint allowed services to register proxies for other services, enabling access to service traffic. Fixed in 1.8.15, 1.9.9 and 1.10.2...

6.5CVSS6.9AI score0.01523EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
•added 2021/09/08 8:14 p.m.•48 views

Privilege escalation in Hashicorp Nomad

HashiCorp Nomad and Nomad Enterprise Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only functionality, enabling privilege escalation. Fixed in 1.0.10 and 1.1.4...

8.8CVSS8.3AI score0.00689EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
•added 2021/09/02 5:10 p.m.•48 views

Code Injection in pac-resolver

This affects the package pac-resolver before 5.0.0. This can occur when used with untrusted input, due to unsafe PAC file handling. NOTE: The fix for this vulnerability is applied in the node-degenerator library, a dependency written by the same maintainer...

9.8CVSS2.4AI score0.02863EPSS
Exploits1References7Affected Software2
Github Security Blog
Github Security Blog
•added 2021/09/01 6:35 p.m.•48 views

Path traversal in ServiceCenter

Improper configuration will cause ServiceComb ServiceCenter Directory Traversal problem in ServcieCenter 1.x.x versions and fixed in 2.0.0...

7.5CVSS7.3AI score0.04441EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
•added 2021/09/01 6:31 p.m.•48 views

Prototype Pollution in open-graph

This affects the package open-graph before 0.2.6. The function parse could be tricked into adding or modifying properties of Object.prototype using a proto or constructor payload...

9.8CVSS5AI score0.01113EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
•added 2021/08/30 4:22 p.m.•48 views

Cross-site scripting in feehicms

Insufficient filtering of the tag parameters in feehicms 0.1.3 allows attackers to execute arbitrary web or HTML via a crafted payload...

6.1CVSS6.4AI score0.00641EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
•added 2021/08/25 2:46 p.m.•48 views

XStream is vulnerable to an Arbitrary Code Execution attack

Impact The vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required...

8.5CVSS8.8AI score0.04735EPSS
Exploits1References13Affected Software1
Github Security Blog
Github Security Blog
•added 2021/08/25 2:44 p.m.•48 views

Null pointer dereference in `RaggedTensorToTensor`

Impact Sending invalid argument for rowpartitiontypes of tf.rawops.RaggedTensorToTensor API results in a null pointer dereference and undefined behavior: python import tensorflow as tf tf.rawops.RaggedTensorToTensor shape=1, values=10, defaultvalue=21, rowpartitiontensors=tf.constant0,0,0,0,...

7.8CVSS7.5AI score0.00167EPSS
Exploits0References7Affected Software3
Github Security Blog
Github Security Blog
•added 2021/06/29 6:26 p.m.•48 views

Arbitrary Command Injection

This affects all versions of package wincred. If attacker-controlled user input is given to the getCredential function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

9.8CVSS6.6AI score0.01336EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
•added 2021/06/21 5:13 p.m.•48 views

Prototype Pollution in nedb

This affects all versions of package nedb. The library could be tricked into adding or modifying properties of Object.prototype using a proto or constructor.prototype payload...

7.3CVSS5.4AI score0.0087EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
•added 2021/06/16 5:39 p.m.•48 views

Apache ActiveMQ Artemis vulnerable to Improper Access Control

While investigating ARTEMIS-2964 it was found that the creation of advisory messages in the OpenWire protocol head of Apache ActiveMQ Artemis 2.15.0 bypassed policy based access control for the entire session. Production of advisory messages was not subject to access control in error...

7.5CVSS2AI score0.04008EPSS
Exploits0References7Affected Software1
Github Security Blog
Github Security Blog
•added 2021/06/16 5:29 p.m.•48 views

Missing Authorization in jenkins xray-connector

Jenkins Xray - Test Management for Jira Plugin 2.4.0 and earlier does not perform a permission check in an HTTP endpoint, allowing with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

4.3CVSS1AI score0.00865EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
•added 2021/06/08 8:13 p.m.•48 views

Cross-site scripting in Centreon

Centreon version 20.10.2 is affected by a cross-site scripting XSS vulnerability. The depdescription Dependency Description and depname Dependency Name parameters are vulnerable to stored XSS. A user has to log in and go to the Configuration Notifications Hosts page...

5.4CVSS1.2AI score0.00614EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
•added 2021/06/08 6:52 p.m.•48 views

Invalid session token expiration

HashiCorp Vault and Vault Enterprise allowed the renewal of nearly-expired token leases and dynamic secret leases specifically, those within 1 second of their maximum TTL, which caused them to be incorrectly treated as non-expiring during subsequent use. Fixed in 1.5.9, 1.6.5, and 1.7.2...

7.4CVSS1.4AI score0.01376EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
•added 2021/06/08 6:47 p.m.•48 views

Remote Command Execution in reg-keygen-git-hash-plugin

Impact reg-keygen-git-hash-plugin through 0.10.15 allow remote attackers to execute of arbitrary commands. Patches Upgrade to version 0.10.16 or later. For more information If you have any questions or comments about this advisory: - Open an issue in reg-viz/reg-suit...

9.8CVSS7.4AI score0.01941EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
•added 2021/05/21 2:28 p.m.•48 views

Crash in `tf.transpose` with complex inputs

Impact Passing a complex argument to tf.transpose at the same time as passing conjugate=True argument results in a crash: python import tensorflow as tf tf.transposeconjugate=True, a=complex1 Patches We have received a patch for the issue in GitHub commit 1dc6a7ce6e0b3e27a7ae650bfc05b195ca793f88...

5.5CVSS2.2AI score0.0023EPSS
Exploits1References9Affected Software3
Github Security Blog
Github Security Blog
•added 2021/05/21 2:28 p.m.•48 views

Division by zero in TFLite's implementation of `OneHot`

Impact The implementation of the OneHot TFLite operator is vulnerable to a division by zero error: cc int prefixdimsize = 1; for int i = 0; i dims-datai; const int suffixdimsize = NumElementsopcontext.indices / prefixdimsize; An attacker can craft a model such that at least one of the dimensions ...

7.8CVSS2.4AI score0.00201EPSS
Exploits1References8Affected Software3
Github Security Blog
Github Security Blog
•added 2021/05/18 9:8 p.m.•48 views

Path traversal in u-root

This affects all versions of package github.com/u-root/u-root/pkg/uzip. It is vulnerable to both leading and non-leading relative path traversal attacks in zip file extraction...

7.5CVSS7.2AI score0.01826EPSS
Exploits1References5Affected Software1
Github Security Blog
Github Security Blog
•added 2021/05/18 6:27 p.m.•48 views

Cross-site Request Forgery (CSRF) in Cloud Native Computing Foundation Harbor

Cure53 has discovered that the Harbor web interface does not implement protection mechanisms against Cross-Site Request Forgery CSRF. By luring an authenticated user onto a prepared third-party website, an attacker can execute any action on the platform in the context of the currently authenticat...

8.8CVSS8.7AI score0.01023EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
•added 2021/05/07 3:54 p.m.•48 views

Server-Side Request Forgery in Spinnaker Orca

The Spinnaker template resolution functionality is vulnerable to Server-Side Request Forgery SSRF, which allows an attacker to send requests on behalf of Spinnaker potentially leading to sensitive data disclosure...

7.5CVSS7.2AI score0.01349EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
•added 2021/05/07 3:53 p.m.•48 views

SQL Injection in Apache SkyWalking

Only when using H2/MySQL/TiDB as Apache SkyWalking storage, there is a SQL injection vulnerability in the wildcard query cases...

9.8CVSS2.6AI score0.33478EPSS
Exploits0References8Affected Software1
Github Security Blog
Github Security Blog
•added 2021/05/07 3:53 p.m.•48 views

Improper Authentication in Apache Shiro

Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management. Apache Shiro before 1.5.3, when using Apache Shiro with Spring dynamic controllers, a specially crafted request may cause an authentication bypass...

9.8CVSS5.3AI score0.24436EPSS
Exploits1References10Affected Software1
Github Security Blog
Github Security Blog
•added 2021/05/06 6:12 p.m.•48 views

Prototype Pollution in gedi

All versions of package gedi up to and including version 1.6.3 are vulnerable to Prototype Pollution via the set function...

9.8CVSS9AI score0.01916EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
•added 2021/05/06 6:11 p.m.•48 views

Prototype Pollution in deeps

All versions of package deeps up to and including version 1.4.5 are vulnerable to Prototype Pollution via the set function...

9.8CVSS9AI score0.01916EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
•added 2021/05/06 6:10 p.m.•48 views

Improper exception handling in Aedes

An issue was discovered in MoscaJS Aedes 0.42.0 and fixed in 0.42.1. lib/write.js does not properly consider exceptions during the writing of an invalid packet to a stream...

7.5CVSS2.5AI score0.02246EPSS
Exploits1References5Affected Software1
Github Security Blog
Github Security Blog
•added 2021/05/06 3:55 p.m.•48 views

Arbitrary command execution in roar-pidusage

This affects all current versions of package roar-pidusage. If attacker-controlled user input is given to the stat function of this package on certain operating systems, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without inpu...

7.5CVSS6.2AI score0.01151EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
•added 2021/04/30 5:29 p.m.•48 views

Improper Authentication in Apache Hadoop

In Apache Hadoop versions 3.0.0-alpha2 to 3.0.0, 2.9.0 to 2.9.2, 2.8.0 to 2.8.5, any users can access some servlets without authentication when Kerberos authentication is enabled and SPNEGO through HTTP is not enabled...

7.5CVSS2.7AI score0.05207EPSS
Exploits0References14Affected Software1
Github Security Blog
Github Security Blog
•added 2021/04/13 3:48 p.m.•48 views

Incorrect permission enforcement in UmbracoCms

Editors/LogViewerController.cs in Umbraco through 8.9.1 allows a user to visit a logviewer endpoint even if they lack Applications.Settings access...

4.3CVSS5AI score0.00895EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
•added 2021/03/29 8:59 p.m.•48 views

Out-of-bounds write

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1062, CVE-2019-1092, CVE-2019-1106, CVE-2019-1107...

7.6CVSS2.6AI score0.09205EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
•added 2021/03/29 8:59 p.m.•48 views

Out-of-bounds write

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916...

7.6CVSS2.6AI score0.09215EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
•added 2021/03/29 8:57 p.m.•48 views

Out-of-bounds write in Microsoft.ChakraCore

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1131, CVE-2019-1139, CVE-2019-1141, CVE-2019-1195, CVE-2019-1196...

8.8CVSS7.4AI score0.03824EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
•added 2021/03/29 8:57 p.m.•48 views

Out-of-bounds write

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916...

7.6CVSS2.6AI score0.09215EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
•added 2021/03/29 8:43 p.m.•48 views

Privilage Escalation in moodle

In moodle, insufficient capability checks could lead to users with the ability to course restore adding additional capabilities to roles within that course. Versions affected: 3.9 to 3.9.2, 3.8 to 3.8.5, 3.7 to 3.7.8, 3.5 to 3.5.14 and earlier unsupported versions. This is fixed in moodle 3.9.3,...

7.5CVSS7AI score0.01588EPSS
Exploits0References7Affected Software1
Github Security Blog
Github Security Blog
•added 2021/03/29 4:35 p.m.•48 views

Out-of-bounds Write in Pillow

An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size...

7.5CVSS2.4AI score0.02372EPSS
Exploits0References8Affected Software1
Github Security Blog
Github Security Blog
•added 2021/02/05 8:43 p.m.•48 views

Prototype pollution in total.js

There is a prototype pollution vulnerability in the package total.js before version 3.4.7. The set function can be used to set a value into the object according to the path. However the keys of the path being set are not properly sanitized, leading to a prototype pollution vulnerability. The impa...

7.5CVSS7.3AI score0.03634EPSS
Exploits1References8Affected Software1
Github Security Blog
Github Security Blog
•added 2021/01/29 6:14 p.m.•48 views

OS Command Injection in async-git

The async-git package before 1.13.2 for Node.js allows OS Command Injection via shell metacharacters, as demonstrated by git.reset and git.tag. This issue may lead to remote code execution if a client of the library calls the vulnerable method with untrusted input. Ensure to sanitize untrusted us...

9.8CVSS6.1AI score0.05323EPSS
Exploits1References8Affected Software1
Github Security Blog
Github Security Blog
•added 2021/01/20 9:21 p.m.•48 views

Prototype pollution in JointJS

The package jointjs before 3.3.0 are vulnerable to Prototype Pollution via util.setByPath https://resources.jointjs.com/docs/jointjs/v3.2/joint.htmlutil.setByPath. The path used the access the object's key and set the value is not properly sanitized, leading to a Prototype Pollution...

9.8CVSS8.8AI score0.01359EPSS
Exploits0References7Affected Software1
Github Security Blog
Github Security Blog
•added 2021/01/19 8:43 p.m.•49 views

XSS vulnerability leveraged through referrers could allow un-authorized admin access in Mautic

Impact This is a cross-site scripting vulnerability which affects every version of Mautic and could allow an attacker unauthorised administrator level access to Mautic. This vulnerability was reported by Naveen Sunkavally at Horizon3.ai. Patches Upgrade to 3.2.4 or 2.16.5. Link to patch for 2.x...

9.6CVSS8.1AI score0.02395EPSS
Exploits0References9Affected Software1
Github Security Blog
Github Security Blog
•added 2021/01/11 7:6 p.m.•48 views

Injection/XSS in Redcarpet

Redcarpet is a Ruby library for Markdown processing. In Redcarpet before version 3.5.1, there is an injection vulnerability which can enable a cross-site scripting attack. In affected versions no HTML escaping was being performed when processing quotes. This applies even when the :escapehtml opti...

6.8CVSS5.8AI score0.0157EPSS
Exploits0References11Affected Software1
Total number of security vulnerabilities5000