7044 matches found
Gradio Vulnerable to Arbitrary File Deletion
A path traversal vulnerability exists in the Gradio Audio component of gradio-app/gradio, as of version git 98cbcae. This vulnerability allows an attacker to control the format of the audio file, leading to arbitrary file content deletion. By manipulating the output format, an attacker can reset...
Aim Vulnerable to Denial of Service (DoS)
In version 3.23.0 of aimhubio/aim, the ScheduledStatusReporter object can be instantiated to run on the main thread of the tracking server, leading to the main thread being blocked indefinitely. This results in a denial of service as the tracking server becomes unable to respond to other requests...
Exiv2 allows Use After Free
ImpactA heap buffer overflow was found in Exiv2 versions v0.28.0 to v0.28.4. Versions prior to v0.28.0, such as v0.27.7, are not affected. Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. The heap overflow is triggered when...
Jinja2 vulnerable to sandbox breakout through attr filter selecting format method
An oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker that controls the content of a template to execute arbitrary Python code.To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on...
Spotipy's cache file, containing spotify auth token, is created with overly broad permissions
SummaryThe CacheHandler class creates a cache file to store the auth token here: https://github.com/spotipy-dev/spotipy/blob/master/spotipy/cachehandler.pyL93-L98The file created has rw-r--r-- 644 permissions by default, when it could be locked down to rw------- 600 permissions. I think 600 is a...
CodeChecker open redirect when URL contains multiple slashes after the product name
Summary---CodeChecker versions up to 6.24.5 contain an open redirect vulnerability due to missing protections against multiple slashes after the product name in the URL's path segment. This results in bypassing protections against CVE-2021-28861, leading to the same open redirect...
Spacy-LLM Server-Side Template Injection (SSTI) vulnerability
A Server-Side Template Injection SSTI vulnerability in Spacy-LLM v0.7.2 allows attackers to execute arbitrary code via injecting a crafted payload into the template field...
copyparty renders unsanitized filenames as HTML when user uploads empty files
SummaryA DOM-Based XSS was discovered in copyparty, a portable fileserver. The vulnerability is considered low-risk. DetailsBy handing someone a maliciously-named file, and then tricking them into dragging the file into copyparty's Web-UI, an attacker could execute arbitrary javascript with the...
Azure PromptFlow remote code execution related to Jinja templates
Improper isolation or compartmentalization in Azure PromptFlow allows an unauthorized attacker to execute code over a network...
Apache Airflow MySQL Provider is Vulnerable to SQL Injection
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Apache Airflow MySQL Provider.When user triggered a DAG with dumpsql or loadsql functions they could pass a table parameter from a UI, that could cause SQL injection by running SQL that was not...
XPixelGroup BasicSR Command Injection
XPixelGroup BasicSR through 1.4.2 might locally allow code execution in contrived situations where "scontrol show hostname" is executed in the presence of a crafted SLURMNODELIST environment variable...
Malciously crafted QPY files can allows Remote Attackers to Cause Denial of Service in Qiskit
ImpactA maliciously crafted QPY file containing a malformed symengine serialization stream as part of the larger QPY serialization of a ParameterExpression object can cause a segfault within the symengine library, allowing an attacker to terminate the hosting process deserializing the QPY payload...
Label Studio has a Path Traversal Vulnerability via image Field
DescriptionA path traversal vulnerability in Label Studio SDK versions prior to 1.0.10 allows unauthorized file access outside the intended directory structure. Label Studio versions before 1.16.0 specified SDK versions prior to 1.0.10 as dependencies, and the issue was confirmed in Label Studio...
Vulnerable OpenSSL included in cryptography wheels
pyca/cryptography's wheels include a statically linked copy of OpenSSL. The versions of OpenSSL included in cryptography 42.0.0-44.0.0 are vulnerable to a security issue. More details about the vulnerability itself can be found in https://openssl-library.org/news/secadv/20250211.txt.If you are...
Home Assistant does not correctly validate SSL for outgoing requests in core and used libs
SummaryProblem: Potential man-in-the-middle attacks due to missing SSL certificate verification in the project codebase and used third-party libraries. DetailsIn the past, aiohttp-session/request had the parameter verifyssl to control SSL certificate verification. This was a boolean value. In...
nbgrader's `frame-ancestors: self` grants all users access to formgrader
ImpactEnabling frame-ancestors: 'self' grants any JupyterHub user the ability to extract formgrader content by sending malicious links to users with access to formgrader, at least when using the default JupyterHub configuration of enablesubdomains = False.1915 disables a protection which would...
Label Studio allows Server-Side Request Forgery in the S3 Storage Endpoint
DescriptionLabel Studio's S3 storage integration feature contains a Server-Side Request Forgery SSRF vulnerability in its endpoint configuration. When creating an S3 storage connection, the application allows users to specify a custom S3 endpoint URL via the s3endpoint parameter. This endpoint UR...
MobSF Partial Denial of Service (DoS)
Partial Denial of Service DoSProduct: MobSFVersion: v4.2.9CWE-ID: CWE-1287: Improper Validation of Specified Type of InputCVSS vector v.4.0: 6.9 AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:NCVSS vector v.3.1: 6.5 AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HDescription: DoS in the Scans Results an...
MobSF Stored Cross-Site Scripting (XSS)
Product: MobSFVersion: 4.3.1CWE-ID: CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'CVSS vector v.4.0: 8.5 AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:NCVSS vector v.3.1: 8.1 AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:NDescription: Stored XSS in the iOS...
Keylime registrar is vulnerable to Denial-of-Service attack when updated to version 7.12.0
ImpactThe Keylime registrar implemented more strict type checking on version 7.12.0. As a result, when updated to version 7.12.0, the registrar will not accept the format of the data previously stored in the database by versions = 7.8.0, raising an exception.This makes the Keylime registrar...
Label Studio allows Cross-Site Scripting (XSS) via GET request to `/projects/upload-example` endpoint
DescriptionLabel Studio's /projects/upload-example endpoint allows injection of arbitrary HTML through a GET request with an appropriately crafted labelconfig query parameter. By crafting a specially formatted XML label config with inline task data containing malicious HTML/JavaScript, an attacke...
MobSF Local Privilege Escalation
Product: Mobile Security Framework MobSFVersion: 4.3.0CWE-ID: CWE-269: Improper Privilege ManagementCVSS vector v.4.0: 7.1 AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:NCVSS vector v.3.1: 6.5 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NDescription: MobSF has a functionality of dividing users by...
CKAN has an XSS vector in user uploaded images in group/org and user profiles
ImpactUsing a specially crafted file, a user could potentially upload a file containing code that when executed could send arbitrary requests to the server. If that file was opened by an administrator, it could lead to escalation of privileges of the original submitter or other malicious actions...
Mitmweb API Authentication Bypass Using Proxy Server
ImpactIn mitmweb 11.1.0 and below, a malicious client can use mitmweb's proxy server bound to :8080 by default to access mitmweb's internal API bound to 127.0.0.1:8081 by default. In other words, while the client cannot access the API directly good, they can access the API through the proxy bad. ...
ASTEVAL Allows Maliciously Crafted Format Strings to Lead to Sandbox Escape
SummaryIf an attacker can control the input to the asteval library, they can bypass asteval's restrictions and execute arbitrary Python code in the context of the application using the library. DetailsThe vulnerability is rooted in how asteval performs handling of FormattedValue AST nodes. In...
try/except* clauses could allow bypass RestrictedPython via type confusion bug in the CPython interpreter
ImpactVia a type confusion bug in the CPython interpreter when using try/except RestrictedPython could be bypassed.We believe this should be fixed upstream in Python itself until that we remove support for try/except from RestrictedPython.It has been fixed for some Python versions. PatchesPatched...
Indico Insecure Access
A Broken Object Level Authorization BOLA vulnerability in Indico v3.2.9 allows attackers to access sensitive information via sending a crafted POST request to the component /api/principals...
Composio Command Execution vulnerability
composio =0.5.40 is vulnerable to Command Execution in composioopenai, composioclaude, and composiojulep via the handletoolcalls function...
khoj has an IDOR in subscription management allows unauthorized subscription modifications
SummaryAn Insecure Direct Object Reference IDOR vulnerability in the updatesubscription endpoint allows any authenticated user to manipulate other users' Stripe subscriptions by simply modifying the email parameter in the request. DetailsThe vulnerability exists in the subscription endpoint at...
NiceGUI On Air authentication issue
SummaryOnce a user logins to one browser, all other browsers are logged in without entering password. Even incognito mode. Impacthigh...
Letta (previously MemGPT) incorrect access control vulnerability
Incorrect access control in the /users endpoint of Cpacker MemGPT v0.3.17 allows attackers to access sensitive data...
changedetection.io Vulnerable to Improper Input Validation Leading to LFR/Path Traversal
SummaryImproper input validation in the application can allow attackers to perform local file read LFR or path traversal attacks. These vulnerabilities occur when user input is used to construct file paths without adequate sanitization or validation. For example, using file:../../../etc/passwd or...
Strawberry GraphQL has type resolution vulnerability in node interface that allows potential data leakage through incorrect type resolution
Vulnerability SummaryA type confusion vulnerability exists in Strawberry GraphQL's relay integration that affects multiple ORM integrations Django, SQLAlchemy, Pydantic. The vulnerability occurs when multiple GraphQL types are mapped to the same underlying model while using the relay node...
GHSL-2024-288: SickChill open redirect in login
SickChill is an automatic video library manager for TV shows. A user-controlled login endpoint's next parameter takes arbitrary content. Prior to commit c7128a8946c3701df95c285810eb75b2de18bf82, an authenticated attacker may use this to redirect the user to arbitrary destinations, leading to open...
pgAdmin has Incorrect Default Permissions
A vulnerability was found in pgadmin. Users logging into pgAdmin running in server mode using LDAP authentication may be attached to another user's session if multiple connection attempts occur simultaneously...
Apache Airflow Fab Provider Insufficient Session Expiration vulnerability
Insufficient Session Expiration vulnerability in Apache Airflow Fab Provider.This issue affects Apache Airflow Fab Provider: before 1.5.2.When user password has been changed with admin CLI, the sessions for that user have not been cleared, leading to insufficient session expiration, thus logged...
sigstore has insufficient validation of integration timestamp during verification
SummaryVersions of sigstore-python newer than 2.0.0 but prior to 3.6.0 perform insufficient validation of the "integration time" present in "v2" and "v3" bundles during the verification flow: the "integration time" is verified if a source of signed time such as an inclusion promise is present, bu...
python-sql SQL injection vulnerability
A vulnerability was found in python-sql where unary operators do not escape non-Expression like And and Or which makes any system exposing those vulnerable to an SQL injection attack...
Jinja has a sandbox breakout through malicious filenames
A bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of if Jinja's sandbox is used.To exploit the vulnerability, an attacker needs to control both the filename and the contents of a template. Whether...
Koji Cross-site Scripting
A vulnerability in Koji was found. An unsanitized input allows for an XSS attack. Javascript code from a malicious link could be reflected in the resulting web page. It is not expected to be able to submit an action or make a change in Koji due to existing XSS protections in the code...
python-libarchive directory traversal
python-libarchive through 4.2.1 allows directory traversal to create files in extract in zip.py for ZipFile.extractall and ZipFile.extract...
Amazon Redshift Python Connector vulnerable to SQL Injection
SummaryA SQL injection in the Amazon Redshift Python Connector in version 2.1.4 allows a user to gain escalated privileges via schema injection in the getschemas, gettables, or getcolumns Metadata APIs. Users should upgrade to the driver version 2.1.5 or revert to driver version 2.1.3. ImpactA SQ...
unstructured XML External Entity (XXE)
unstructured v.0.14.2 and before is vulnerable to XML External Entity XXE via the XMLParser...
PGHoard Path Traversal vulnerability
A vulnerability has been discovered that could allow an attacker to acquire disk access with privileges equivalent to those of pghoard, allowing for unintended path traversal. Depending on the permissions/privileges assigned to pghoard, this could allow disclosure of sensitive information...
Jinja has a sandbox breakout through indirect reference to format method
An oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code.To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the...
Apache Superset: SQLLab Improper readonly query validation allows unauthorized write access
Improper Authorization vulnerability in Apache Superset. On Postgres analytic databases an attacker with SQLLab access cancraft a specially designed SQL DML statementthat is Incorrectly identified as a read-only query, enabling its execution. Non postgres analytics database connections and postgr...
pyrage vulnerable to malicious plugin names, recipients, or identities causing arbitrary binary execution
pyrage uses the Rust age crate for its underlying operations, and age is vulnerable to GHSA-4fg7-vxc8-qx5w.All details of GHSA-4fg7-vxc8-qx5w are relevant to pyrage for the versions specified in this advisory. See GHSA-4fg7-vxc8-qx5w for full details.Versions of pyrage before 1.2.0 lack plugin...
D-Tale allows Remote Code Execution through the Custom Filter Input
ImpactUsers hosting D-Tale publicly can be vulnerable to remote code execution allowing attackers to run malicious code on the server. PatchesUsers should upgrade to version 3.16.1 where the update-settings endpoint blocks the ability for users to update the enablecustomfilters flag. You can find...
Synapse Matrix has a partial room state leak via Sliding Sync
ImpactThe Sliding Sync feature on Synapse versions between 1.113.0rc1 and 1.120.0 can leak partial room state changes to users no longer in a room. Non-state events, like messages, are unaffected. PatchesSynapse version 1.120.1 fixes the problem. WorkaroundsDisable Sliding Sync...
Apache Superset: Lower privilege users are able to create Role when FAB_ADD_SECURITY_API is enabled
Improper Authorization vulnerability in Apache Superset whenFABADDSECURITYAPI is enabled disabled by default. Allows for lower privilege users to use this API.issue affects Apache Superset: from 2.0.0 before 4.1.0.Users are recommended to upgrade to version 4.1.0, which fixes the issue...