Lucene search
K
GithubMost viewed

33225 matches found

Github Security Blog
Github Security Blog
added 2022/05/14 1:14 a.m.47 views

Improper Input Validation in Apache ActiveMQ

The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request...

9.8CVSS7.3AI score0.98518EPSS
Exploits19References18Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/02 3:46 a.m.47 views

Apache Tomcat affected by vulnerability in TLS and SSL protocol

The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services IIS 7.0, modssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services NSS 3.12.4 and earlier, multiple Cis...

9.8CVSS6.7AI score0.87264EPSS
Exploits14References257Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/01 11:55 p.m.47 views

Apache Tomcat Directory Traversal vulnerability

Directory traversal vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when allowLinking and UTF-8 are enabled, allows remote attackers to read arbitrary files via encoded directory traversal sequences in the URI, a different vulnerability than...

4.3CVSS7AI score0.99708EPSS
Exploits22References45Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/01 6:50 a.m.47 views

Improper Input Validation in Apache Struts

ActionForm in Apache Software Foundation ASF Struts before 1.2.9 with BeanUtils 1.7 allows remote attackers to cause a denial of service via a multipart/form-data encoded form with a parameter name that references the public getMultipartRequestHandler method, which provides further access to...

7.8CVSS5.4AI score0.54635EPSS
Exploits1References10Affected Software1
Github Security Blog
Github Security Blog
added 2022/04/28 9:0 p.m.47 views

Keycloak is vulnerable to IDN homograph attack

A flaw was found in keycloak as shipped in Red Hat Single Sign-On 7.4 where IDN homograph attacks are possible. A malicious user can register himself with a name already registered and trick admin to grant him extra privileges...

5.3CVSS5.7AI score0.00774EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2022/04/23 12:40 a.m.47 views

Nokogiri is vulnerable to XML External Entity (XXE) attack

Nokogiri before 1.5.4 is vulnerable to XXE attacks...

7.5CVSS2.5AI score0.02168EPSS
Exploits1References5Affected Software1
Github Security Blog
Github Security Blog
added 2022/04/22 12:0 a.m.47 views

SQL injection in blazer

Blazer before 2.6.0 allows SQL Injection. In certain circumstances, an attacker could get a user to run a query they would not have normally run...

7.5CVSS7.5AI score0.00857EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2022/04/08 10:43 p.m.47 views

SQL Injection in elide-datastore-aggregation

Impact When leveraging the following together: - Elide Aggregation Data Store for Analytic Queries - Parameterized Columns A column that requires a client provided parameter - A parameterized column of type TEXT There is the potential for a hacker to provide a carefully crafted query that would...

8.1CVSS1.9AI score0.01335EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2022/03/29 10:10 p.m.47 views

Sandbox bypass leading to arbitrary code execution in Deno

Impact The versions of Deno between release 1.18.0 and 1.20.2 inclusive are vulnerable to an attack where a malicious actor controlling the code executed in a Deno runtime could bypass permission checks and execute arbitrary shell code. There is no evidence that this vulnerability has been...

10CVSS4.2AI score0.01103EPSS
Exploits0References7Affected Software1
Github Security Blog
Github Security Blog
added 2022/03/28 8:28 p.m.47 views

Improper Input Validation in GoGo Protobuf

An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the "skippy peanut butter" issue...

8.6CVSS2.4AI score0.03478EPSS
Exploits0References10Affected Software1
Github Security Blog
Github Security Blog
added 2022/03/18 11:10 p.m.47 views

Improper Verification of Cryptographic Signature in node-forge

Impact RSA PKCS1 v1.5 signature verification code does not check for tailing garbage bytes after decoding a DigestInfo ASN.1 structure. This can allow padding bytes to be removed and garbage data added to forge a signature when a low public exponent is being used. Patches The issue has been...

7.5CVSS2.8AI score0.01015EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2022/03/05 12:0 a.m.47 views

Cross Site Request Forgery in intelliants/subrion

Cross Site Request Forgery CSRF vulnerability exists in Intelliants Subrion CMS v4.2.1 via the Members administrator function, which could let a remote unauthenticated malicious user send an authorised request to victim and successfully create an arbitrary administrator user...

8.8CVSS8.6AI score0.0219EPSS
Exploits2References3Affected Software1
Github Security Blog
Github Security Blog
added 2022/02/25 8:32 p.m.47 views

Vulnerable dependencies in Nokogiri

Summary Nokogiri v1.13.2 upgrades two of its packaged dependencies: - vendored libxml2 from v2.9.12 to v2.9.13 - vendored libxslt from v1.1.34 to v1.1.35 Those library versions address the following upstream CVEs: - libxslt: CVE-2021-30560 CVSS 8.8, High severity - libxml2: CVE-2022-23308...

8.8CVSS0.9AI score0.21623EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2022/02/22 3:38 p.m.47 views

Incorrect Authorization in runc

runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfslinux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory...

7.5CVSS3.9AI score0.04409EPSS
Exploits1References22Affected Software2
Github Security Blog
Github Security Blog
added 2022/02/16 10:56 p.m.47 views

Improper Validation of Certificate with Host Mismatch in mellium.im/xmpp/websocket

Impact If no TLS configuration is provided by the user, the websocket package constructs its own TLS configuration using recommended defaults. When looking up a WSS endpoint using the DNS TXT record method described in XEP-0156: Discovering Alternative XMPP Connection Methods the ServerName field...

5.9CVSS0.00629EPSS
Exploits0References8Affected Software1
Github Security Blog
Github Security Blog
added 2022/02/15 1:57 a.m.47 views

Privilege Escalation in Kubernetes

In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to proxied upgrade requests in the kube-apiserver allowed specially crafted requests to establish a connection through the Kubernetes API server to backend servers, then send arbitrary reques...

9.8CVSS3.2AI score0.86978EPSS
Exploits10References24Affected Software1
Github Security Blog
Github Security Blog
added 2022/02/15 1:18 a.m.47 views

Symlink Attack in Libcontainer and Docker Engine

Libcontainer and Docker Engine before 1.6.1 opens the file-descriptor passed to the pid-1 process before performing the chroot, which allows local users to gain privileges via a symlink attack in an image...

7.2CVSS7.9AI score0.00609EPSS
Exploits0References8Affected Software1
Github Security Blog
Github Security Blog
added 2022/02/11 11:17 p.m.47 views

Unauthenticated users can exploit an enumeration vulnerability in Harbor (CVE-2019-19030)

Impact Sean Wright from Secureworks has discovered an enumeration vulnerability. An attacker can make use of the Harbor API to make unauthenticated calls to the Harbor instance. Based on the HTTP status code in the response, an attacker is then able to work out which resources exist, and which do...

5.3CVSS0.6AI score0.01891EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
added 2022/02/11 11:17 p.m.47 views

Harbor is vulnerable to a limited Server-Side Request Forgery (SSRF) (CVE-2020-13788)

Impact Matt Hamilton from Soluble has discovered a limited Server-Side Request Forgery SSRF that allowed Harbor project owners to scan the TCP ports of hosts on the Harbor server's internal network. The vulnerability was immediately fixed by the Harbor team. Issue The “Test Endpoint” API, part of...

4.3CVSS0.9AI score0.01278EPSS
Exploits1References6Affected Software1
Github Security Blog
Github Security Blog
added 2022/02/10 11:46 p.m.47 views

Cross-site Scripting in vmd

vmd through 1.34.0 allows div class="markdown-body" XSS, as demonstrated by Electron remote code execution via require'childprocess'.execSync'calc.exe' on Windows and a similar attack on macOS...

6.1CVSS6.9AI score0.01173EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2022/02/10 8:33 p.m.47 views

Prototype Pollution in safetydance

All versions of package safetydance are vulnerable to Prototype Pollution via the set function...

9.8CVSS8.9AI score0.01355EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2022/02/10 8:28 p.m.47 views

Path Traversal in Eclipse Vert

In Eclipse Vert.x 3.4.x up to 3.9.4, 4.0.0-milestone1, 4.0.0-milestone2, 4.0.0-milestone3, 4.0.0-milestone4, 4.0.0-milestone5, 4.0.0.Beta1, 4.0.0.Beta2, and 4.0.0.Beta3, StaticHandler doesn't correctly processes back slashes on Windows Operating systems, allowing, escape the webroot folder to the...

9.8CVSS2.8AI score0.02002EPSS
Exploits0References10Affected Software1
Github Security Blog
Github Security Blog
added 2022/02/10 8:23 p.m.47 views

Out-of-bounds Write in Play Framework

An issue was discovered in PlayJava in Play Framework 2.6.0 through 2.8.2. The body parsing of HTTP requests eagerly parses a payload given a Content-Type header. A deep JSON structure sent to a valid POST endpoint that may or may not expect JSON payloads causes a StackOverflowError and Denial of...

7.5CVSS7.2AI score0.01386EPSS
Exploits0References4Affected Software2
Github Security Blog
Github Security Blog
added 2022/02/09 12:58 a.m.47 views

Cross-site Scripting in keycloak

A flaw was found in Keycloak before version 12.0.0, where it is possible to add unsafe schemes for the redirecturi parameter. This flaw allows an attacker to perform a Cross-site scripting attack...

4.8CVSS4.4AI score0.00769EPSS
Exploits0References4Affected Software2
Github Security Blog
Github Security Blog
added 2022/01/21 11:27 p.m.47 views

UltraJSON vulnerable to Out-of-bounds Write

UltraJSON aka ujson 1.34 through 5.1.0 has a stack-based buffer overflow in BufferAppendIndentUnchecked called from encode...

5.5CVSS3.8AI score0.0155EPSS
Exploits1References14Affected Software1
Github Security Blog
Github Security Blog
added 2022/01/14 9:8 p.m.47 views

october/system arbitrary code execution

Impact Assuming an attacker with access to the backend is able to execute PHP code by using the theme import feature. This will bypass the safe mode feature that prevents PHP execution in the CMS templates. Patches Issue has been patched in Build 473 and v1.1.6 Workarounds Apply...

8.8CVSS1.5AI score0.02087EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2022/01/08 12:44 a.m.47 views

Cross-site Scripting in Scratch-Svg-Renderer

A DOM-based cross-site scripting XSS vulnerability in Scratch-Svg-Renderer v0.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted sb3 file...

6.1CVSS5.6AI score0.00647EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2022/01/08 12:34 a.m.47 views

bookstack is vulnerable to Improper Access Control

bookstack is vulnerable to Improper Access Control...

6.5CVSS3.4AI score0.00707EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2021/12/16 12:2 a.m.47 views

Command injection in itext7-core

iTextPDF in iText before 7.1.17 allows command injection via a CompareTool filename that is mishandled on the gs aka Ghostscript command line in GhostscriptHelper.java...

9.8CVSS3.6AI score0.05172EPSS
Exploits1References7Affected Software2
Github Security Blog
Github Security Blog
added 2021/12/14 9:44 p.m.47 views

Files Accessible to External Parties in Opencast

Opencast before version 10.6 allows references to local file URLs in ingested media packages, allowing attackers to include local files from Opencast's host machines and making them available via the web interface. Impact Before Opencast 10.6, Opencast would open and include local files during...

9.9CVSS1.3AI score0.01964EPSS
Exploits1References6Affected Software1
Github Security Blog
Github Security Blog
added 2021/11/23 6:18 p.m.47 views

Server-Side Request Forgery in Concrete CMS

Concrete CMS formerly concrete5 versions below 8.5.7 has a SSRF mitigation bypass using DNS Rebind attack giving an attacker the ability to fetch cloud IAAS ex AWS IAM keys.To fix this Concrete CMS no longer allows downloads from the local network and specifies the validated IP when downloading...

5.3CVSS4.3AI score0.00831EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2021/10/22 4:20 p.m.47 views

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in sulu/sulu

Impact What kind of vulnerability is it? Who is impacted? It is an issue when input HTML into the Tag name. The HTML is execute when the tag name is listed in the auto complete form. Only admin users are affected and only admin users can create tags. Patches Has the problem been patched? What...

6.2CVSS0.2AI score0.00572EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2021/10/22 4:19 p.m.47 views

Maliciously Crafted Model Archive Can Lead To Arbitrary File Write

Impact An Archive Extraction Zip Slip vulnerability in the functionality that allows a user to load a trained model archive in Rasa 2.8.9 and older allows an attacker arbitrary write capability within specific directories using a malicious crafted archive file. Patches The vulnerability is fixed ...

7.3CVSS1.9AI score0.00734EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2021/10/15 6:51 p.m.47 views

Missing Release of Resource after Effective Lifetime in Apache Tomcat

The fix for bug 63362 present in Apache Tomcat 10.1.0-M1 to 10.1.0-M5, 10.0.0-M1 to 10.0.11, 9.0.40 to 9.0.53 and 8.5.60 to 8.5.71 introduced a memory leak. The object introduced to collect metrics for HTTP upgrade connections was not released for WebSocket connections once the connection was...

7.5CVSS1.2AI score0.10997EPSS
Exploits0References18Affected Software1
Github Security Blog
Github Security Blog
added 2021/10/13 6:55 p.m.47 views

Email relay in Apache Traffic Control

An authenticated Apache Traffic Control Traffic Ops user with Portal-level privileges can send a request with a specially-crafted email subject to the /deliveryservices/request Traffic Ops endpoint to send an email, from the Traffic Ops server, with an arbitrary body to an arbitrary email address...

4.3CVSS3.7AI score0.02734EPSS
Exploits0References7Affected Software1
Github Security Blog
Github Security Blog
added 2021/10/13 6:53 p.m.47 views

Validity check missing in Frontier

Impact In the newly introduced signed Frontier-specific extrinsic for pallet-ethereum, a large part of transaction validation logic was only called in transaction pool validation, but not in block execution. Malicious validators can take advantage of this to put invalid transactions into a block...

5.3CVSS1.2AI score0.01339EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2021/10/12 5:51 p.m.47 views

Cross-site scripting in Unicorn framework

The Unicorn framework through 0.35.3 for Django allows XSS via component.name...

5.4CVSS3.2AI score0.02524EPSS
Exploits4References7Affected Software1
Github Security Blog
Github Security Blog
added 2021/10/05 5:53 p.m.47 views

Cobbler before 3.3.0 allows authorization bypass for modification of settings.

Cobbler before 3.3.0 allows authorization bypass for modification of settings...

7.5CVSS3.8AI score0.01307EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2021/10/05 5:53 p.m.47 views

Cobbler before 3.3.0 allows log poisoning

Cobbler before 3.3.0 allows log poisoning, and resultant Remote Code Execution, via an XMLRPC method that logs to the logfile for template injection...

9.8CVSS4.1AI score0.88482EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2021/10/05 5:53 p.m.47 views

Cobbler before 3.3.0 allows arbitrary file write operations via upload_log_data.

Cobbler before 3.3.0 allows arbitrary file write operations via uploadlogdata...

7.5CVSS4.3AI score0.68635EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2021/10/04 8:13 p.m.47 views

Cross-site scripting in application/controllers/dropbox.php in JustWriting

Cross-site scripting XSS vulnerability in application/controllers/dropbox.php in JustWriting 1.0.0 and below allow remote attackers to inject arbitrary web script or HTML via the challenge parameter...

6.1CVSS4.1AI score0.03545EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2021/09/23 11:18 p.m.47 views

Deno's static imports inside dynamically imported modules do not adhere to permission checks

Impact Modules that are dynamically imported through import or new Worker might have been able to bypass network and file system permission checks when statically importing other modules. In Deno 1.5.x and 1.6.x only programs dynamically importing especially transitively untrusted code are...

9.8CVSS1.2AI score0.01113EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2021/09/21 6:28 p.m.47 views

Confused Deputy in Kubernetes

A security issue was discovered with Kubernetes that could enable users to send network traffic to locations they would otherwise not have access to via a confused deputy attack...

3.5CVSS3.5AI score0.01815EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2021/09/20 8:45 p.m.47 views

Remote code execution in UReport

An arbitrary file creation vulnerability in UReport 2.2.9 allows attackers to execute arbitrary code...

9.8CVSS9.4AI score0.01781EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
added 2021/09/20 8:42 p.m.47 views

Cross-site Scripting in peertube

peertube is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'. It was found that one could upload a SVG image and then send the url of that to other users and when they open the link we can get their complete session keys as the session keys stored i...

7.6CVSS6AI score0.00899EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2021/09/15 8:23 p.m.47 views

UUPSUpgradeable vulnerability in @openzeppelin/contracts

Impact Upgradeable contracts using UUPSUpgradeable may be vulnerable to an attack affecting uninitialized implementation contracts. We will update this advisory with more information soon. Patches A fix is included in version 4.3.2 of @openzeppelin/contracts and @openzeppelin/contracts-upgradeabl...

9.8CVSS2.8AI score0.01439EPSS
Exploits0References5Affected Software2
Github Security Blog
Github Security Blog
added 2021/09/08 3:41 p.m.47 views

Regular Expression Denial of Service in flask-restx

Flask RESTX contains a regular expression that is vulnerable to ReDoS Regular Expression Denial of Service in emailregex...

7.5CVSS3.8AI score0.01804EPSS
Exploits0References10Affected Software1
Github Security Blog
Github Security Blog
added 2021/09/02 10:5 p.m.47 views

Imporoper path validation in elFinder.NetCore

This affects all versions of package elFinder.NetCore. The ExtractAsync function within the FileSystem is vulnerable to arbitrary extraction due to insufficient validation...

9.8CVSS6.1AI score0.01431EPSS
Exploits1References5Affected Software1
Github Security Blog
Github Security Blog
added 2021/08/30 4:14 p.m.47 views

Insecure direct object reference of log files of the Import/Export feature

Impact Insecure direct object reference of log files of the Import/Export feature Patches We recommend updating to the current version 6.4.3.1. You can get the update to 6.4.3.1 regularly via the Auto-Updater or directly via the download overview. https://www.shopware.com/en/download/shopware-6...

6.5CVSS6.2AI score0.00774EPSS
Exploits0References4Affected Software2
Github Security Blog
Github Security Blog
added 2021/08/25 8:52 p.m.47 views

Integer Overflow in openssl-src

Calls to EVPCipherUpdate, EVPEncryptUpdate and EVPDecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 indicating succes...

5.9CVSS7.2AI score0.07471EPSS
Exploits0References27Affected Software1
Total number of security vulnerabilities5000