907431 matches found
BIT-GITLAB-2020-10086
GitLab 10.4 through 12.8.1 allows Directory Traversal. A particular endpoint was vulnerable to a directory traversal vulnerability, leading to arbitrary file read...
BIT-GOLANG-2020-16845
Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs...
BIT-ENVOY-2023-44487
The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023...
GHSA-V76W-3PH8-VM66 Undertow Path Traversal vulnerability
A path traversal vulnerability was found in Undertow. This issue may allow a remote attacker to append a specially-crafted sequence to an HTTP request for an application deployed to JBoss EAP, which may permit access to privileged or restricted files and directories...
CVE-2023-52428
In Connect2id Nimbus JOSE+JWT before 9.37.2, an attacker can cause a denial of service resource consumption via a large JWE p2c header value aka iteration count for the PasswordBasedDecrypter PBKDF2 component...
GHSA-93GH-JGJJ-R929 XWiki Platform vulnerable to XSS with edit right in the create document form for existing pages
Impact When trying to create a document that already exists, XWiki displays an error message in the form for creating it. Due to missing escaping, this error message is vulnerable to raw HTML injection and thus XSS. The injected code is the document reference of the existing document so this...
GO-2023-2046 Unbounded memory consumption in github.com/ethereum/go-ethereum
Unbounded memory consumption in github.com/ethereum/go-ethereum...
RLSA-2023:5721 Important: go-toolset:rhel8 security update
Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: golang: net/http, x/net/http2: rapid stream resets can cause excessive work CVE-2023-44487 CVE-2023-39325 HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS...
GHSA-C59H-R6P8-Q9WC Next.js missing cache-control header may lead to CDN caching empty reply
Next.js before 13.4.20-canary.13 lacks a cache-control header and thus empty prefetch responses may sometimes be cached by a CDN, causing a denial of service to all users requesting the same URL via that CDN. Cloudflare considers these requests cacheable assets...
ALSA-2023:5713 Moderate: nginx:1.22 security update
nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 For more details about the securi...
CVE-2023-5192 Excessive Data Query Operations in a Large Data Table in pimcore/demo
Excessive Data Query Operations in a Large Data Table in GitHub repository pimcore/demo prior to 10.3.0...
RLSA-2023:5091 Important: kernel-rt security and bug fix update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: UAF in nftables when nftsetlookupglobal triggered after handling named and anonymous sets in batch requests CVE-2023-3390 kernel:...
CVE-2023-41058 Trigger `beforeFind` not invoked in internal query pipeline in parse-server
Parse Server is an open source backend server. In affected versions the Parse Cloud trigger beforeFind is not invoked in certain conditions of Parse.Query. This can pose a vulnerability for deployments where the beforeFind trigger is used as a security layer to modify the incoming query. The...
ALSA-2023:3723 Important: kernel security and bug fix update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: use-after-free vulnerability in the perfgroupdetach function of the Linux Kernel Performance Events CVE-2023-2235 kernel: netfilter: use-after-free in nftables when processing batch...
RLSA-2023:0194 Moderate: java-17-openjdk security and bug fix update
The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: OpenJDK: handshake DoS attack against DTLS connections JSSE, 8287411 CVE-2023-21835 OpenJDK: soundbank URL remote loading Sound, 8293742 CVE-2023-21843 Fo...
CVE-2023-22809
In Sudo before 1.9.12p2, the sudoedit aka -e feature mishandles extra arguments passed in the user-provided environment variables SUDOEDITOR, VISUAL, and EDITOR, allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected...
ALSA-2022:8067 Moderate: httpd security, bug fix, and enhancement update
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. The following packages have been upgraded to a later upstream version: httpd 2.4.53. BZ2079939 Security Fixes: httpd: modsed: Read/write beyond bounds CVE-2022-23943 httpd: modlua: Use of...
RLSA-2022:7000 Moderate: java-17-openjdk security and bug fix update
The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: OpenJDK: improper MultiByte conversion can lead to buffer overflow JGSS, 8286077 CVE-2022-21618 OpenJDK: excessive memory allocation in X.509 certificate...
GHSA-69CG-P879-7622 golang.org/x/net/http2 Denial of Service vulnerability
In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error...
PYSEC-2022-235
WebInterface in OctoBot before 0.4.4 allows remote code execution because Tentacles upload is mishandled...
GHSA-69C3-5XXF-58Q2 SQL injection in moodle
A flaw was found in moodle where an SQL injection risk was identified in Badges code relating to configuring criteria...
GHSA-4M42-8QFQ-H3Q9 Cross-site Scripting in Jenkins Rundeck Plugin
Jenkins Rundeck Plugin 3.6.10 and earlier does not restrict URL schemes in Rundeck webhook submissions, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to submit crafted Rundeck webhook payloads. Rundeck Plugin 3.6.11 sanitizes URLs submitted in Rundeck...
GHSA-74QV-RV53-5WCX Yii PHP Framework arbitrary PHP scripts execution
The CDetailView widget in Yii PHP Framework 1.1.14 allows remote attackers to execute arbitrary PHP scripts via vectors related to the value property...
GHSA-FMMQ-J7PQ-F85C JRuby denial of service via Hash Collision
JRuby computes hash values without properly restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted input to an application that maintains a hash table, as demonstrated by a universal...
GHSA-FF7P-JQJM-V66H Improper Neutralization of Input During Web Page Generation in Spring Framework
Cross-site scripting XSS vulnerability in web/servlet/tags/form/FormTag.java in Spring MVC in Spring Framework 3.0.0 before 3.2.8 and 4.0.0 before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via the requested URI in a default action...
GHSA-WXVR-VQFP-9CQW Denial of service in JBoss resteasy
RESTEasy enables GZIPInterceptor, which allows remote attackers to cause a denial of service via unspecified vectors...
DLA-3003-1 ruby-nokogiri - security update
Bulletin has no description...
GHSA-4W2Q-9HP2-VXJ5 Path Traversal in Caucho Resin
There is a Directory traversal vulnerability in Caucho Resin, as distributed in Resin 4.0.52 - 4.0.56, which allows remote attackers to read files in arbitrary directories via a ; in a pathname within an HTTP request...
DLA-2953-1 openssl1.0 - security update
Bulletin has no description...
DSA-5001-1 redis - security update
Bulletin has no description...
ALSA-2021:4123 Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.3.0 ESR. Security Fixes: Mozilla: Use-after-free in HTTP2 Session object Mozilla: Memory safety bugs fixed in Firefox 94 and Firefox ESR 91.3...
DSA-4978-1 linux - security update
Bulletin has no description...
UVI-2021-1001492 atm: iphase: fix possible use-after-free in ia_module_exit()
atm: iphase: fix possible use-after-free in iamoduleexit This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.4.276 by commit...
DLA-2686-1 python-urllib3 - security update
Bulletin has no description...
GHSA-VMFG-RJJM-RJRJ QOS.ch Logback vulnerable to Deserialization of Untrusted Data
QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components. The RemoteStreamAppenderClient class in logback-classic and the SocketNode classes in logback-classic and logback-access allow data to be deserialized over a Java Socket,...
DSA-4923-1 webkit2gtk - security update
Bulletin has no description...
GHSA-G2FG-MR77-6VRM Uncontrolled Resource Consumption in Apache Thrift
In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large memory allocation, potentially leading to denial of service...
DSA-4798-1 spip - security update
Bulletin has no description...
DLA-2248-1 intel-microcode - security update
Bulletin has no description...
DLA-2242-1 linux-4.9 - security update
Bulletin has no description...
DLA-2151-1 icu - security update
Bulletin has no description...
DSA-4562-1 chromium - security update
Bulletin has no description...
DLA-1970-1 php5 - security update
Bulletin has no description...
DSA-4546-1 openjdk-11 - security update
Bulletin has no description...
GHSA-P5XP-6VPF-JWVH Improper Input Validation and Cross-Site Request Forgery in Keycloak
It was found that Keycloak's account console, up to 6.0.1, did not perform adequate header checks in some requests. An attacker could use this flaw to trick an authenticated user into performing operations via request from an untrusted domain...
CVE-2018-21010
OpenJPEG before 2.3.1 has a heap buffer overflow in colorapplyiccprofile in bin/common/color.c...
DLA-1900-1 apache2 - security update
Bulletin has no description...
CVE-2019-10744
Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload...
GHSA-W5M8-5V9M-XHX5 Critical severity vulnerability that affects Haraka
Haraka version 2.8.8 and earlier comes with a plugin for processing attachments for zip files. Versions 2.8.8 and earlier can be vulnerable to command injection...
DLA-1608-1 php5 - security update
Bulletin has no description...