909146 matches found
RUSTSEC-2022-0030 Stack overflow during recursive expression parsing
When parsing untrusted rulex expressions, the stack may overflow, possibly enabling a Denial of Service attack. This happens when parsing an expression with several hundred levels of nesting, causing the process to abort immediately. The flaw was corrected in commits 60aa2dc03a by adding a check ...
DLA-3011-1 vim - security update
Bulletin has no description...
GHSA-RVJG-GXWX-J5GF OIDC Logout redirect in keycloak
A flaw was found in keycloak. The OIDC logout endpoint does not have CSRF protection. The highest threat from this vulnerability is to system availability...
GHSA-Q6H7-4QGW-2J9P Hashicorp Consul HTTP health check endpoints returning an HTTP redirect may be abused as SSRF vector
A vulnerability was identified in Consul and Consul Enterprise “Consul” such that HTTP health check endpoints returning an HTTP redirect may be abused as a vector for server-side request forgery SSRF. This vulnerability, CVE-2022-29153, was fixed in Consul 1.9.17, 1.10.10, and 1.11.5...
OSV-2022-312 Heap-buffer-overflow in dhcp_reply
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46416 Crash type: Heap-buffer-overflow READ 1 Crash state: dhcpreply dhcppacket FuzzDhcp...
GHSA-4VVG-X86P-MVQC Leaking of user information on Cross-Domain communication in sysend
Impact Users that use Cross-Origin communication and send sensitive information make it possible for this data to be intercepted. This is not a big impact because it happens only on the same browser. Patches It has been patched in version 1.10.0 Workarounds The only workaround is to not send...
CVE-2022-23943
Out-of-bounds Write vulnerability in modsed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data. This issue affects Apache HTTP Server 2.4 version 2.4.52 and prior versions...
GHSA-7528-7JG5-6G62 Cross-site Scripting Vulnerability in CodeIgniter4
Impact Cross-Site Scripting XSS vulnerability was found in API\ResponseTrait in Codeigniter4. Attackers can do XSS attacks if you are using API\ResponseTrait. Patches Upgrade to v4.1.8 or later. Workarounds Do one of the following: 1. Do not use API\ResponseTrait nor ResourceController 2. Disable...
GHSA-3CF2-X423-X582 Exposure of Sensitive Information to an Unauthorized Actor and Origin Validation Error in podman
A flaw was found in podman. The podman machine function used to create and manage Podman virtual machine containing a Podman process spawns a gvproxy process on the host system. The gvproxy API is accessible on port 7777 on all IP addresses on the host. If that port is open on the host's firewall...
DSA-5035-1 apache2 - security update
Bulletin has no description...
GHSA-WV83-JRFH-RP33 Cross site scripting in kindeditor
Cross SIte Scripting XSS vulnerability exists in KindEditor 4.1.x via a Google search inurl:/examples/uploadbutton.html and then the .html file on the website that uses this editor the file suffix is allowed...
DLA-2708-1 php7.0 - security update
Bulletin has no description...
GHSA-9MGM-GCQ8-86WQ Improper Authentication in Apache ActiveMQ and Apache Artemis
The optional ActiveMQ LDAP login module can be configured to use anonymous access to the LDAP server. In this case, for Apache ActiveMQ Artemis prior to version 2.16.0 and Apache ActiveMQ prior to versions 5.16.1 and 5.15.14, the anonymous context is used to verify a valid users password in error...
PYSEC-2021-137
An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2kugrayala...
DLA-2623-1 qemu - security update
Bulletin has no description...
GHSA-M33V-338H-4V9F Path traversal in Node-Red
Impact This vulnerability allows arbitrary path traversal via the Projects API. If the Projects feature is enabled, a user with projects.read permission is able to access any file via the Projects API. Patches The issue has been patched in Node-RED 1.2.8 Workarounds The vulnerability applies only...
DLA-2500-1 curl - security update
Bulletin has no description...
DLA-2463-1 samba - security update
Bulletin has no description...
GHSA-MM9X-G8PC-W292 Denial of Service in Netty
The ZlibDecoders in Netty 4.1.x before 4.1.46 allow for unbounded memory allocation while decoding a ZlibEncoded byte stream. An attacker could send a large ZlibEncoded byte stream to the Netty server, forcing the server to allocate all of its free memory to a single decoder...
DLA-2091-1 libjackson-json-java - security update
Bulletin has no description...
GHSA-X4W5-R546-X9QH Arbitrary File Read in html-pdf
All versions of html-pdf are vulnerable to Arbitrary File Read. The package fails to sanitize the HTML input, allowing attackers to exfiltrate server files by supplying malicious HTML code. XHR requests in the HTML code are executed by the server. Input with an XHR request such as...
RUSTSEC-2019-0018 Internally mutating methods take immutable ref self
Affected versions of this crate exposed several methods which took self by immutable reference, despite the requesting the RenderDoc API to set a mutable value internally. This is technically unsound and calling these methods from multiple threads without synchronization could lead to unexpected...
DSA-4509-1 apache2 - security update
Bulletin has no description...
PYSEC-2019-179
The Pallets Project Flask before 1.0 is affected by: unexpected memory usage. The impact is: denial of service. The attack vector is: crafted encoded JSON data. The fixed version is: 1. NOTE: this may overlap CVE-2018-1000656...
GHSA-28XH-WPGR-7FM8 Command Injection in open
Versions of open before 6.0.0 are vulnerable to command injection when unsanitized user input is passed in. The package does come with the following warning in the readme: The same care should be taken when calling open as if you were calling childprocess.exec directly. If it is an executable it...
GHSA-8G7P-74H8-HG48 Denial of Service in https-proxy-agent
Versions of https-proxy-agent before 2.2.0 are vulnerable to denial of service. This is due to unsanitized options proxy.auth being passed to Buffer. Recommendation Update to version 2.2.0 or later...
DSA-4164-1 apache2 - security update
Bulletin has no description...
DLA-628-1 php5 - security update
Bulletin has no description...
DSA-3032-1 bash - security update
Bulletin has no description...
DSA-1927-1 linux-2.6 - several vulnerabilities
Bulletin has no description...
ROOT-APP-PYPI-CVE-2026-28684 CVE-2026-28684 in rootio-python-dotenv - Patched by Root
Root has patched CVE-2026-28684 in the rootio-python-dotenv package for Root:PyPI. Multiple fixed versions available...
BIT-REDIS-2024-51741 Redis allows denial-of-service due to malformed ACL selectors
Redis is an open source, in-memory database that persists on disk. An authenticated with sufficient privileges may create a malformed ACL selector which, when accessed, triggers a server panic and subsequent denial of service. The problem is fixed in Redis 7.2.7 and 7.4.2...
CVE-2024-10978
Incorrect privilege assignment in PostgreSQL allows a less-privileged application user to view or change different rows from those intended. An attack requires the application to use SET ROLE, SET SESSION AUTHORIZATION, or an equivalent feature. The problem arises when an application query uses...
RHSA-2023:5931 Red Hat Security Advisory: Satellite 6.13.5 Async Security Update
Bulletin has no description...
SUSE-SU-2024:3383-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-43911: wifi: mac80211: fix NULL dereference at band check in starting tx ba session bsc1229827. - CVE-2024-43899: drm/amd/display: Fix null pointer deref in...
GO-2022-1236 usememos/memos makes Incorrect Use of Privileged APIs in github.com/usememos/memos
usememos/memos makes Incorrect Use of Privileged APIs in github.com/usememos/memos...
GHSA-9794-PC4R-438W Local File Inclusion in Solara
A Local File Inclusion LFI vulnerability was identified in widgetti/solara, in version 1.35.1, which was fixed in version 1.35.1. This vulnerability arises from the application's failure to properly validate URI fragments for directory traversal sequences such as '../' when serving static files. ...
ALSA-2024:3271 Important: bind and dhcp security update
The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. The Dynamic Hos...
GHSA-JCQQ-G64V-GCM7 Previous ATX is not checked to be the newest valid ATX by Smesher when validating incoming ATX
Impact Nodes can publish ATXs which reference the incorrect previous ATX of the Smesher that created the ATX. ATXs are expected to form a single chain from the newest to the first ATX ever published by an identity. Allowing Smeshers to reference an earlier but not the latest ATX as previous break...
ASB-A-311374917
In assertPackageWithSharedUserIdIsPrivileged of InstallPackageHelper.java, there is a possible execution of arbitrary app code as a privileged app due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is...
BIT-GITLAB-2020-10091
GitLab 9.3 through 12.8.1 allows XSS. A cross-site scripting vulnerability was found when viewing particular file types...
BIT-GITLAB-2023-1401 Insertion of Sensitive Information Into Sent Data in GitLab
An issue has been discovered in GitLab DAST scanner affecting all versions starting from 3.0.29 before 4.0.5, in which the DAST scanner leak cross site cookies on redirect during authorization...
CVE-2024-26308
Allocation of Resources Without Limits or Throttling vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.21 before 1.26. Users are recommended to upgrade to version 1.26, which fixes the issue...
CVE-2023-52251
An issue discovered in provectus kafka-ui 0.4.0 through 0.7.1 allows remote attackers to execute arbitrary code via the q parameter of /api/clusters/local/topics/topic/messages...
ALSA-2024:0003 Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.6.0. Security Fixes: Mozilla: Heap-buffer-overflow affecting WebGL DrawElementsInstanced method with Mesa VM driver CVE-2023-6856 Mozilla: Memory safety bugs fixed in Firefox 121, Firefo...
GHSA-XX9P-XXVH-7G8J Aiohttp has inconsistent interpretation of `Content-Length` vs. `Transfer-Encoding` differing in C and Python fallbacks
Impact Aiohttp has a security vulnerability regarding the inconsistent interpretation of the http protocol. As we know that HTTP/1.1 is persistent, if we have both Content-LengthCL and Transfer-EncodingTE it can lead to incorrect interpretation of two entities that parse the HTTP and we can poiso...
GHSA-7C2Q-5QMR-V76Q DoS vulnerabilities persist in ESAPI file uploads despite remediation of CVE-2023-24998
Impact ESAPI 2.5.2.0 and later addressed the DoS vulnerability described in CVE-2023-24998, which Apache Commons FileUpload 1.5 attempted to remediate. But while writing up a new security bulletin regarding the impact on the affected ESAPI HTTPUtilities.getFileUploads methods or more specifically...
GHSA-X9W5-V3Q2-3RHW browserify-sign upper bound check issue in `dsaVerify` leads to a signature forgery attack
Summary An upper bound check issue in dsaVerify function allows an attacker to construct signatures that can be successfully verified by any public key, thus leading to a signature forgery attack. Details In dsaVerify function, it checks whether the value of the signature is legal by calling...
GHSA-MPV3-G8M3-3FJC Grafana vulnerable to Authentication Bypass by Spoofing
Grafana is validating Azure AD accounts based on the email claim. On Azure AD, the profile email field is not unique and can be easily modified. This leads to account takeover and authentication bypass when Azure AD OAuth is configured with a multi-tenant app...
GHSA-WJQ3-7JXX-WHJ9 mlflow Path Traversal vulnerability
mlflow prior to 2.3.0 is vulnerable to path traversal due to a bypass of the fix for CVE-2023-1177...