909148 matches found
CVE-2022-23521 gitattributes parsing integer overflow in git
Git is distributed revision control system. gitattributes are a mechanism to allow defining attributes for paths. These attributes can be defined by adding a .gitattributes file to the repository, which contains a set of file patterns and the attributes that should be set for paths matching this...
GHSA-HJ9C-8JMM-8C52 Packing does not respect root-level ignore files in workspaces
Impact npm pack ignores root-level .gitignore & .npmignore file exclusion directives when run in a workspace or with a workspace flag ie. --workspaces, --workspace=. Anyone who has run npm pack or npm publish with workspaces, as of v7.9.0 & v7.13.0 respectively, may be affected and have published...
GHSA-F8FH-XP28-Q59M OpenStack Horizon Open redirect in workflow forms
An issue was discovered in OpenStack Horizon before 15.3.2, 16.x before 16.2.1, 17.x and 18.x before 18.3.3, 18.4.x, and 18.5.x. There is a lack of validation of the "next" parameter, which would allow someone to supply a malicious URL in Horizon that can cause an automatic redirect to the provid...
CVE-2022-0392 Heap-based Buffer Overflow in vim/vim
Heap-based Buffer Overflow in GitHub repository vim prior to 8.2...
GHSA-XX4C-JJ58-R7X6 Inefficient Regular Expression Complexity in Validator.js
Impact Versions of validator prior to 13.7.0 are affected by an inefficient Regular Expression complexity when using the rtrim and trim sanitizers. Patches The problem has been patched in validator 13.7.0...
GHSA-QM7X-RC44-RRQW Cross-site Scripting Vulnerability in GraphQL Playground (distributed by Apollo Server)
Impact In certain configurations, Apollo Server serves the client-side web app "GraphQL Playground" from the same web server that executes GraphQL operations. This web app has access to cookies and other credentials associated with the web server's operations. There is a cross-site scripting...
GHSA-RGX6-RJJ4-C388 ckeditor4 vulnerable to cross-site scripting
A cross-site scripting XSS vulnerability in the HTML Data Processor in CKEditor 4 4.14.0 through 4.16.x before 4.16.1 allows remote attackers to inject executable JavaScript code through a crafted comment because --! is mishandled...
GHSA-W73W-5M7G-F7QC Authorization bypass in github.com/dgrijalva/jwt-go
jwt-go allows attackers to bypass intended access restrictions in situations with string for m"aud" which is allowed by the specification. Because the type assertion fails, "" is the value of aud. This is a security problem if the JWT token is presented to a service that lacks its own audience...
GHSA-43F8-P5W3-5M25 vrana/adminer vulnerable to SSRF by connecting to privileged ports
Impact All users are affected. Patches Unsuccessfully patched by 0fae40fb, included in version 4.4.0. Patched by 35bfaa75, included in version 4.7.8. Workarounds Protect access to Adminer also by other means, e.g. by HTTP password, IP address limiting or by OTP plugin. References...
DSA-4673-1 tomcat8 - security update
Bulletin has no description...
GHSA-C6FM-RGW4-8Q73 CoAPthon3 vulnerable to Deserialization of Untrusted Data
The Serialize.deserialize method in CoAPthon3 1.0 and 1.0.1 mishandles certain exceptions, leading to a denial of service in applications that use this library e.g., the standard CoAP server, CoAP client, example collect CoAP server and client when they receive crafted CoAP messages...
CVE-2018-18240
Pippo through 1.11.0 allows remote code execution via a command to java.lang.ProcessBuilder because the XstreamEngine component does not use XStream's available protection mechanisms to restrict unmarshalling...
GHSA-M7FQ-CF8Q-35Q7 crack does not properly restrict casts of string values
The crack gem 0.3.1 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service memory and CPU consumption by leveraging Action Pack support for 1 YAML type...
CVE-2025-32365
Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc because of a misplaced isOk check...
MAL-2024-12174 Malicious code in xeno.dll (npm)
This package uses obfuscation to hide that its downloading a malicious binary from an attacker-controlled domain --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8903fab539c0352f278ee3116807f48f52403f7e26b855fe9d68c3328012200d Any computer that has this package...
BIT-GITLAB-2024-9596 Inclusion of Sensitive Information in Source Code in GitLab
An issue has been discovered in GitLab EE affecting all versions starting from 16.6 prior to 17.2.9, from 17.3 prior to 17.3.5, and from 17.4 prior to 17.4.2. It was possible for an unauthenticated attacker to determine the GitLab version number for a GitLab instance...
MAL-2024-4553 Malicious code in Monero (NuGet)
--- -= Per source details. Do not edit below this line.=-...
CGA-F79M-WWXV-M882
Bulletin has no description...
BIT-PYTHON-2022-37454
The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface...
BIT-APACHE-2020-13950 mod_proxy_http NULL pointer dereference
Apache HTTP Server versions 2.4.41 to 2.4.46 modproxyhttp can be made to crash NULL pointer dereference with specially crafted requests using both Content-Length and Transfer-Encoding headers, leading to a Denial of Service...
GHSA-G9V2-WQCJ-J99G Uptime Kuma has Persistentent User Sessions
Summary Attackers with access to a users' device can gain persistent account access. This is caused by missing verification of Session Tokens after password changes and/or elapsed inactivity-periods. Details uptime-kuma sets JWT tokens for users after successful authentication. These tokens have...
DSA-5461-1 linux - security update
Bulletin has no description...
CVE-2023-20593
An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information...
GO-2023-1839 Code injection via go command with cgo in cmd/go
The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses cgo. This may occur when running an untrusted module which contains directories with newline characters in their names. Modules which are retrieved...
GHSA-282V-666C-3FVG transformers has Insecure Temporary File
Insecure Temporary File in GitHub repository huggingface/transformers 4.29.2 and prior. A fix is available at commit 80ca92470938bbcc348e2d9cf4734c7c25cb1c43 and has been released as part of version 4.30.0...
GHSA-CH9G-X9J7-RCGP imgproxy Cross-site Scripting vulnerability
Cross-site Scripting XSS - Reflected in GitHub repository imgproxy/imgproxy prior to 3.14.0...
DLA-3359-1 libapache2-mod-auth-mellon - security update
Bulletin has no description...
GHSA-9HHC-PJ4W-W5RV Keycloak Cross-site Scripting on OpenID connect login service
A reflected cross-site scripting XSS vulnerability was found in the oob OAuth endpoint due to incorrect null-byte handling. This issue allows a malicious link to insert an arbitrary URI into a Keycloak error page...
DLA-3201-1 ntfs-3g - security update
Bulletin has no description...
MAL-2022-5590 Malicious code in rapidjson (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1d8cde70e5ebdf9f1f3ca47531c69bd833ee151e87b26e71cab845eba16fdbe4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2022-30783
An invalid return code in fusekernmount enables intercepting of libfuse-lite protocol traffic between NTFS-3G and the kernel in NTFS-3G through 2021.8.22 when using libfuse-lite...
GHSA-VR6V-G96P-CJC3 Moodle vulnerable to RCE
A flaw was found in Moodle versions 3.8 before 3.8.3, 3.7 before 3.7.6, 3.6 before 3.6.10, 3.5 before 3.5.12 and earlier unsupported versions. It was possible to create a SCORM package in such a way that when added to a course, it could be interacted with via web services in order to achieve remo...
GHSA-M27M-628V-XXP2 Exposure of Sensitive Information to an Unauthorized Actor in Apache Sling Servlets Post
The Servlets Post component 2.3.6 in Apache Sling, as used in Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0, allows remote attackers to obtain sensitive information via unspecified vectors...
GHSA-29GQ-H27W-54QF Jenkins VS Team Services Continuous Deployment Plugin stores credentials in plain text
Jenkins VS Team Services Continuous Deployment Plugin stores credentials unencrypted in job config.xml files on the Jenkins controller. These credentials can be viewed by users with Extended Read permission, or access to the Jenkins controller file system...
GHSA-8M5H-HRQM-PXM2 Path traversal in the OWASP Enterprise Security API
Impact The default implementation of Validator.getValidDirectoryPathString, String, File, boolean may incorrectly treat the tested input string as a child of the specified parent directory. This potentially could allow control-flow bypass checks to be defeated if an attack can specify the entire...
GHSA-FMJ2-7WX8-QJ4V Server-side request forgery (SSRF) in Apache XmlGraphics Commons
Apache XmlGraphics Commons 2.4 is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests...
DLA-2610-1 linux-4.19 - security update
Bulletin has no description...
DSA-1929-1 linux-2.6 - several vulnerabilities
Bulletin has no description...
CVE-2024-25107 Cross-Site Scripting in WikiDiscover
WikiDiscover is an extension designed for use with a CreateWiki managed farm to display wikis. On Special:WikiDiscover, the Language::date function is used when making the human-readable timestamp for inclusion on the wikicreation column. This function uses interface messages to translate the nam...
CVE-2023-45802
When a HTTP/2 stream was reset RST frame by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing...
GHSA-CQVV-R3G3-26RF free5GC udm vulnerable to Invalid Curve Attack
pkg/suci/suci.go in free5GC udm before 1.2.0, when Go before 1.19 is used, allows an Invalid Curve Attack because it may compute a shared secret via an uncompressed public key that has not been validated. An attacker can send arbitrary SUCIs to the UDM, which tries to decrypt them via both its...
CVE-2023-39955 Notes attachment render HTML in preview mode
Notes is a note-taking app for Nextcloud, an open-source cloud platform. Starting in version 4.4.0 and prior to version 4.8.0, when creating a note file with HTML, the content is rendered in the preview instead of the file being offered to download. Nextcloud Notes app version 4.8.0 contains a...
GHSA-MRWQ-X4V8-FH7P Pygments vulnerable to ReDoS
A ReDoS issue was discovered in pygments/lexers/smithy.py in Pygments until 2.15.0 via SmithyLexer...
CVE-2023-24626
socket.c in GNU Screen through 4.9.0, when installed setuid or setgid the default on platforms such as Arch Linux and FreeBSD, allows local users to send a privileged SIGHUP signal to any PID, causing a denial of service or disruption of the target process...
GHSA-59FH-RJQ3-XQ7J Thinkphp has a code logic error
Thinkphp 5.1.41 and 5.0.24 has a code logic error which causes file upload getshell...
CVE-2022-33741
Linux disk/nic frontends data leaks This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend CVE-2022-26365,...
CVE-2022-0546
A missing bounds check in the image loader used in Blender 3.x and 2.93.8 leads to out-of-bounds heap access, allowing an attacker to cause denial of service, memory corruption or potentially code execution...
PYSEC-2022-48
Nullptr dereference when a null char is present in a proto symbol. The symbol is parsed incorrectly, leading to an unchecked call into the proto file's name during generation of the resulting error message. Since the symbol is incorrectly parsed, the file is nullptr. We recommend upgrading to...
GHSA-H79X-98R2-G6QC Impersonation of other users (passing XBOX Live authentication) by theft of logins in PocketMine-MP
Impact Minecraft Bedrock authentication and its protocol encryption are inseparably linked. One is not complete without the other. This vulnerability affects servers which are able to be directly connected to via the internet i.e. not behind a proxy. If you are using a proxy, please check that it...
GHSA-896R-F27R-55MW json-schema is vulnerable to Prototype Pollution
json-schema before version 0.4.0 is vulnerable to Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution'...