909148 matches found
RHSA-2023:7637 Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.14 on RHEL 7 security update
Bulletin has no description...
CGA-PFMC-9PXP-XX2W
Bulletin has no description...
GO-2022-1266 usememos/memos vulnerable to Improper Verification of Source of a Communication Channel in github.com/usememos/memos
usememos/memos vulnerable to Improper Verification of Source of a Communication Channel in github.com/usememos/memos...
GO-2023-2022 Netmaker has Hardcoded DNS Secret Key in github.com/gravitl/netmaker
Netmaker has Hardcoded DNS Secret Key in github.com/gravitl/netmaker...
GO-2023-1542 Pterodactyl Wings contains UNIX Symbolic Link (Symlink) Following in github.com/pterodactyl/wings
Pterodactyl Wings contains UNIX Symbolic Link Symlink Following in github.com/pterodactyl/wings...
CVE-2024-40725
A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local...
ALSA-2024:4620 Important: libndp security update
Libndp is a library used by NetworkManager that provides a wrapper for the IPv6 Neighbor Discovery Protocol. It also provides a tool named ndptool for sending and receiving NDP messages. Security Fixes: libndp: buffer overflow in route information length field CVE-2024-5564 For more details about...
GO-2024-2882 github.com/huandu/facebook may expose access_token in error message.
github.com/huandu/facebook may expose accesstoken in error message...
ALSA-2024:2987 Moderate: python27:2.7 security update
Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for...
GHSA-MXHQ-XW3G-RPHC lobe-chat `/api/proxy` endpoint Server-Side Request Forgery vulnerability
Summary The latest version of lobe-chatby now v0.141.2 has an unauthorized ssrf vulnerability. An attacker can construct malicious requests to cause SSRF without logging in, attack intranet services, and leak sensitive information. Details visit https://chat-preview.lobehub.com/settings/agent you...
GHSA-MWC7-64WG-PGVJ NiceGUI allows potential access to local file system
NiceGUI is an easy-to-use, Python-based UI framework. A local file inclusion is present in the NiceUI leaflet component when requesting resource files under the /nicegui/version/resources/key/path:path route. As a result any file on the backend filesystem which the web server has access to can be...
ALSA-2024:1607 Important: kernel security, bug fix, and enhancement update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: vmwgfx: NULL pointer dereference in vmwcmddxdefinequery CVE-2022-38096 kernel: Out of boundary write in perfreadgroup as result of overflow a perfevent's readsize CVE-2023-6931 kernel: GS...
BIT-GOLANG-2020-16845
Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs...
BIT-ENVOY-2023-44487
The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023...
ALSA-2024:0897 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net/sched: schhfsc UAF CVE-2023-4623 kernel: use-after-free in schqfq network scheduler CVE-2023-4921 kernel: inactive elements in nftpipapowalk CVE-2023-6817 kernel: IGB driver inadequat...
CVE-2023-52428
In Connect2id Nimbus JOSE+JWT before 9.37.2, an attacker can cause a denial of service resource consumption via a large JWE p2c header value aka iteration count for the PasswordBasedDecrypter PBKDF2 component...
GHSA-C3HF-8VGX-72RH Microsoft Security Advisory CVE-2023-36049: .NET Elevation of Privilege Vulnerability
Microsoft Security Advisory CVE-2023-36049: .NET Elevation of Privilege Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 6.0, .NET 7.0 and .NET 8.0 RC2. This advisory also provides guidance on what developers can do...
DSA-5550-1 cacti - security update
Bulletin has no description...
GHSA-93GH-JGJJ-R929 XWiki Platform vulnerable to XSS with edit right in the create document form for existing pages
Impact When trying to create a document that already exists, XWiki displays an error message in the form for creating it. Due to missing escaping, this error message is vulnerable to raw HTML injection and thus XSS. The injected code is the document reference of the existing document so this...
RLSA-2023:5989 Important: varnish security update
Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up. Security Fixes: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rap...
RLSA-2023:5721 Important: go-toolset:rhel8 security update
Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: golang: net/http, x/net/http2: rapid stream resets can cause excessive work CVE-2023-44487 CVE-2023-39325 HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS...
ALSA-2023:5929 Important: tomcat security update
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 For more details about the security issues, including the impact, a CVSS...
ALSA-2023:5713 Moderate: nginx:1.22 security update
nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 For more details about the securi...
CVE-2023-4504
Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023...
RLSA-2023:5091 Important: kernel-rt security and bug fix update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: UAF in nftables when nftsetlookupglobal triggered after handling named and anonymous sets in batch requests CVE-2023-3390 kernel:...
CVE-2023-4863
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Critical...
CVE-2023-41058 Trigger `beforeFind` not invoked in internal query pipeline in parse-server
Parse Server is an open source backend server. In affected versions the Parse Cloud trigger beforeFind is not invoked in certain conditions of Parse.Query. This can pose a vulnerability for deployments where the beforeFind trigger is used as a security layer to modify the incoming query. The...
MAL-2023-1011 Malicious code in docusaurus-template (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 051d35253b6ae2ef5d7366a3879b1783f91c35cc5fa1346198db3d6326e0e589 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
GHSA-WH3W-JCC7-MHMF pretalx vulnerable to path traversal in HTML export
pretalx before 2.3.2 allows path traversal in HTML export a non-default feature. Users were able to upload crafted HTML documents that trigger the reading of arbitrary files...
ALSA-2023:1670 Important: httpd and mod_http2 security update
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: HTTP request splitting with modrewrite and modproxy CVE-2023-25690 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...
RLSA-2023:0852 Moderate: httpd:2.4 security and bug fix update
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: moddav: out-of-bounds read/write of zero byte CVE-2006-20001 httpd: modproxyajp: Possible request smuggling CVE-2022-36760 httpd: modproxy: HTTP response splitting...
DLA-3335-1 asterisk - security update
Bulletin has no description...
GO-2023-1559 Denial of service via HAMT decoding panic in github.com/ipfs/go-unixfsnode
Trying to read malformed HAMT sharded directories can cause panics and virtual memory leaks. If you are reading untrusted user input, an attacker can then trigger a panic. This is caused by a bogus fanout parameter in the HAMT directory nodes. There are no known workarounds users are advised to...
GO-2022-1155 Panic in github.com/ipfs/go-merkledag
A ProtoNode may be modified in such a way as to cause various encode errors which will trigger a panic on common method calls that don't allow for error returns. Additionally, use of the ProtoNode.SetCidBuilder method to set non-functioning CidBuilder such as one that refers to a multihash where ...
ASB-A-201667614
In multiple locations of MediaProvider.java, there is a possible way to get read/write access to other applications’ dedicated, app-specific directory within external storage due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed...
DLA-3207-1 jackson-databind - security update
Bulletin has no description...
RLSA-2022:8067 Moderate: httpd security, bug fix, and enhancement update
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. The following packages have been upgraded to a later upstream version: httpd 2.4.53. BZ2079939 Security Fixes: httpd: modsed: Read/write beyond bounds CVE-2022-23943 httpd: modlua: Use of...
DLA-3164-1 python-django - security update
Bulletin has no description...
RLSA-2022:7000 Moderate: java-17-openjdk security and bug fix update
The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: OpenJDK: improper MultiByte conversion can lead to buffer overflow JGSS, 8286077 CVE-2022-21618 OpenJDK: excessive memory allocation in X.509 certificate...
RUSTSEC-2022-0091 `tauri` filesystem scope partial bypass
A bug identified in this issue allows a partial filesystem scope bypass if glob characters are used within file dialog or drag-and-drop functionalities. This PR fixes the issue by escaping glob characters...
DLA-3102-1 linux-5.10 - new package
Bulletin has no description...
RUSTSEC-2022-0063 Multiple vulnerabilities resulting in out-of-bounds writes
The heap initialization methods were missing a minimum size check for the given heap size argument. This could lead to out-of-bound writes when a heap was initialized with a size smaller than 3 sizeof:: because of metadata write operations. When calling Heap::extend with a size smaller than two...
GHSA-69CG-P879-7622 golang.org/x/net/http2 Denial of Service vulnerability
In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error...
PYSEC-2022-235
WebInterface in OctoBot before 0.4.4 allows remote code execution because Tentacles upload is mishandled...
DSA-5175-1 thunderbird - security update
Bulletin has no description...
GHSA-F3FP-GC8G-VW66 Default inheritable capabilities for linux container should be empty
Impact A bug was found in runc where runc exec --cap executed processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capabilities to elevate those capabilities to the permitted set during execve2. This bu...
GHSA-69C3-5XXF-58Q2 SQL injection in moodle
A flaw was found in moodle where an SQL injection risk was identified in Badges code relating to configuring criteria...
GHSA-4M42-8QFQ-H3Q9 Cross-site Scripting in Jenkins Rundeck Plugin
Jenkins Rundeck Plugin 3.6.10 and earlier does not restrict URL schemes in Rundeck webhook submissions, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to submit crafted Rundeck webhook payloads. Rundeck Plugin 3.6.11 sanitizes URLs submitted in Rundeck...
GHSA-74QV-RV53-5WCX Yii PHP Framework arbitrary PHP scripts execution
The CDetailView widget in Yii PHP Framework 1.1.14 allows remote attackers to execute arbitrary PHP scripts via vectors related to the value property...
GHSA-FF7P-JQJM-V66H Improper Neutralization of Input During Web Page Generation in Spring Framework
Cross-site scripting XSS vulnerability in web/servlet/tags/form/FormTag.java in Spring MVC in Spring Framework 3.0.0 before 3.2.8 and 4.0.0 before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via the requested URI in a default action...