7044 matches found
LangChain's XMLOutputParser vulnerable to XML Entity Expansion
The XMLOutputParser in LangChain uses the etree module from the XML parser in the standard python library which has some XML vulnerabilities; see: https://docs.python.org/3/library/xml.htmlThis primarily affects users that combine an LLM or agent with the XMLOutputParser and expose the component...
ESPHome vulnerable to Authentication bypass via Cross site request forgery
SummaryAPI endpoints in dashboard component of ESPHome version 2023.12.9 command line installation are vulnerable to Cross-Site Request Forgery CSRF allowing remote attackers to carry out attacks against a logged user of the dashboard to perform operations on configuration files create, edit,...
PaddlePaddle allows arbitrary file read via paddle.vision.ops.read_file
paddlepaddle/paddle 2.6.0 allows arbitrary file read via paddle.vision.ops.readfile...
ansys-geometry-core OS Command Injection vulnerability
subprocess call with shell=True identified, security issue. CodeOn file src/ansys/geometry/core/connection/productinstance.py:403 def startprogramargs: Liststr, localenv: Dictstr, str - subprocess.Popen:404 """405 Start the program where the path is the first item of the args array argument.40640...
Apache Airflow Improper Preservation of Permissions vulnerability
Improper Preservation of Permissions vulnerability in Apache Airflow. This issue affects Apache Airflow from 2.8.2 through 2.8.3.Airflow's local file task handler in Airflow incorrectly set permissions for all parent folders of log folder, in default configuration adding write access to Unix...
Saleor: Customers' addresses leak when using Warehouse as a `Pickup: Local stock only` delivery method
SummaryUsing Pickup: Local stock only as a click-and-collect points could cause a leak of customer addresses DetailsWhen using Pickup: Local stock only click-and-collect as a delivery method in specific conditions the customer could overwrite the warehouse address with its own, which exposes its...
Unauthenticated views may expose information to anonymous users
ImpactA number of Nautobot URL endpoints were found to be improperly accessible to unauthenticated anonymous users, including the following:- /api/graphql/ 1- /api/users/users/session/ Nautobot 2.x only; the only information exposed to an anonymous user is which authentication backend classes are...
gradio Server-Side Request Forgery vulnerability
An SSRF vulnerability exists in the gradio-app/gradio due to insufficient validation of user-supplied URLs in the /proxy route. Attackers can exploit this vulnerability by manipulating the self.replicaurls set through the X-Direct-Url header in requests to the / and /config routes, allowing the...
SSRF Vulnerability on assetlinks_check(act_name, well_knowns)
SummaryWhile examining the "App Link assetlinks.json file could not be found" vulnerability detected by MobSF, we, as the Trendyol Application Security team, noticed that a GET request was sent to the "/.well-known/assetlinks.json" endpoint for all hosts written with "android:host". In the...
Denial of service via regular expression
ImpactAll historical installations of django-wiki are vulnerable to maliciously crafted article content, that can cause severe use of server CPU through a regular expression loop. Patches WorkaroundsClose off access to create and edit articles by anonymous users. ReferencesAre there any links use...
RCE in TranformGraph().to_dot_graph function
SummaryRCE due to improper input validation in TranformGraph.todotgraph function DetailsDue to improper input validation a malicious user can provide a command or a script file as a value to savelayout argument, which will be placed as the first value in a list of arguments passed to...
vantage6 vulnerable to a username timing attack on recover password/MFA token
ImpactMuch like https://github.com/vantage6/vantage6/security/advisories/GHSA-45gq-q4xh-cp53, it is possible to find which usernames exist in vantage6 by calling the API routes /recover/lost and /2fa/lost, which send emails to users if they have lost their password or MFA token. Usernames can be...
GoogleOAuthenticator.hosted_domain incorrectly verifies membership of an Google organization/workspace
Summary and impactGoogleOAuthenticator.hosteddomain is used to restrict what Google accounts can be authorized to access a JupyterHub. The restriction is intended to ensure Google accounts are part of one or more Google organizations/workspaces verified to control specified domains.The...
`qiskit_ibm_runtime.RuntimeDecoder` can execute arbitrary code
Summarydeserializing json data using qiskitibmruntime.RuntimeDecoder can be made to execute arbitrary code given a correctly formatted input string DetailsRuntimeDecoder is supposed to be able to deserialize JSON strings containing various special types encoded via RuntimeEncoder. However, one ca...
vantage6's CORS settings overly permissive
ImpactThe vantage6 server has no restrictions on CORS settings. It should be possible for people to set the allowed origins of the server. The impact is limited because v6 does not use session cookies PatchesNo WorkaroundsNo...
Potential log injection in reset user endpoint in CKAN
A user endpoint didn't perform filtering on an incoming parameter, which was added directly to the application log. This could lead to an attacker injecting false log entries or corrupt the log file format. PatchesThis has been fixed in the CKAN 2.9.11 and 2.10.4 versions WorkaroundsOverride the...
Information leakage in YAQL
YAQL before 3.0.0 is used in Murano, the Murano service's MuranoPL extension to the YAQL language fails to sanitize the supplied environment, leading to potential leakage of sensitive service account information...
Improper Privilege Management in djangorestframework-simplejwt
djangorestframework-simplejwt before version 5.5.1 is vulnerable to information disclosure. A user can access web application resources even after their account has been disabled due to missing user validation checks via the foruser method...
JWCrypto vulnerable to JWT bomb Attack in `deserialize` function
Affected versionVendor: https://github.com/latchset/jwcryptoVersion: 1.5.5 DescriptionAn attacker can cause a DoS attack by passing in a malicious JWE Token with a high compression ratio.When the server processes this Token, it will consume a lot of memory and processing time. Pocpythonfrom...
LibOSDP vulnerable to a null pointer deref in osdp_reply_name
Issue:At ospdcommon.c, on the osdpreplyname function, any reply id between REPLYACK and REPLYXRD is valid, but names array do not declare all of the range. On a case of an undefined reply id within the range, name will be null name = namesreplyid - REPLYACK;. Null name will casue a crash on next...
Remote Code Execution Vulnerability in Microsoft Django Backend for SQL Server
Microsoft Django Backend for SQL Server Remote Code Execution Vulnerability...
ESPHome vulnerable to remote code execution via arbitrary file write
SummarySecurity misconfiguration in edit configuration file API in dashboard component of ESPHome version 2023.12.9 command line installation allows authenticated remote attackers to read and write arbitrary files under the configuration directory rendering remote code execution possible. Details...
esphome vulnerable to stored Cross-site Scripting in edit configuration file API
SummaryEdit configuration file API in dashboard component of ESPHome version 2023.12.9 command line installation and Home Assistant add-on serves unsanitized data with “Content-Type: text/html; charset=UTF-8”, allowing remote authenticated user to inject arbitrary web script and exfiltrate sessio...
LibOSDP RMAC revert to the beginning of the session
- Issues: - SCS14 is allowed on encrypted connection osdpphy.c - No validation for RMACI is only in response to osdpSCRYPT osdpcp.c - Couldn't find anything specific in the OSDP specifications indicating it is forbidden, I'm gussing it shouldn't be allowed according from the secure connection...
Django MarkdownX Cross-Site Scripting (XSS) vulnerability
Cross-Site Scripting XSS vulnerability in the Django MarkdownX project, affecting version 4.0.2. An attacker could store a specially crafted JavaScript payload in the upload functionality due to lack of proper sanitisation of JavaScript elements...
WeasyPrint allows the attachment of arbitrary files and URLs to a PDF
ImpactSince version 61.0, there's a vulnerability which allows attaching content of arbitrary files and URLs to a generated PDF document, even if urlfetcher is configured to prevent access to files and URLs. PatchesFixed by 734ee8e that’s included in 61.2 Workarounds- Check that no PDF attachment...
PaddlePaddle command injection vulnerability
Command injection in IrGraph.draw in paddlepaddle/paddle 2.6.0...
Phone information disclosure vulnerability
Due to incorrect access control in Plone version v6.0.9, remote attackers can view and list all files hosted on the website via sending a crafted request...
PaddlePaddle command injection in paddle.utils.download._wget_download
Command injection in paddle.utils.download.wgetdownload bypass filter in paddlepaddle/paddle 2.6.0...
Mezzanine allows attackers to bypass access controls via manipulating the Host header
An issue in Mezzanine v6.0.0 allows attackers to bypass access controls via manipulating the Host header...
Mezzanine allows attackers to bypass access control mechanisms
An issue in Mezzanine v6.0.0 allows attackers to bypass access control mechanisms in the admin panel via a crafted request...
Docassemble HTML and javascript injection
ImpactA user could type HTML into a field, including the field for the user's name, and then that HTML could be displayed on the screen as HTML. The HTML can also contain...
Apache Superset: Improper Neutralization of custom SQL on embedded context
A guest user could exploit a chart data REST API and send arbitrary SQL statements that on error could leak information from the underlying analytics database.This issue affects Apache Superset: before 3.0.4, from 3.1.0 before 3.1.1.Users are recommended to upgrade to version 3.1.1 or 3.0.4, whic...
Apache Superset: Improper data authorization when creating a new dataset
Apache Superset with custom roles that include can write on dataset and without all data access permissions, allows for users to create virtual datasets to data they don't have access to. These users could then use those virtual datasets to get access to unauthorized data.This issue affects Apach...
Apache Superset: Improper error handling on alerts
An authenticated user with privileges to create Alerts on Alerts & Reports has the capability to generate a specially crafted SQL statement that triggers an error on the database. This error is not properly handled by Apache Superset and may inadvertently surface in the error log of the Alert...
Flask-AppBuilder's OAuth login page subject to Cross Site Scripting (XSS)
ImpactA Cross-Site Scripting XSS vulnerability has been discovered on the OAuth login page. An attacker could trick a user to follow a specially crafted URL to the OAuth login page. This URL could inject and execute malicious javascript code that would get executed on the user's browser.Impacted...
ZenML Server Remote Privilege Escalation Vulnerability
ZenML Server in the ZenML package before 0.46.7 for Python allows remote privilege escalation because the /api/v1/users/usernameorid/activate REST API endpoint allows access on the basis of a valid username along with a new password in the request body. These are also patched versions: 0.44.4,...
Apache Superset: Improper authorization validation on dashboards and charts import
A low privilege authenticated user could import an existing dashboard or chart that they do not have access to and then modify its metadata, thereby gaining ownership of the object. However, it's important to note that access to the analytical data of these charts and dashboards would still be...
Apache Superset: Improper validation of SQL statements allows for unauthorized access to data
Improper parsing of nested SQL statements on SQLLab would allow authenticated users to surpass their data authorization scope.This issue affects Apache Superset: before 3.0.4, from 3.1.0 before 3.1.1.Users are recommended to upgrade to version 3.1.1, which fixes the issue...
Docassemble open redirect
ImpactIt is possible to create a URL that acts as an open redirect. PatchesThe vulnerability has been patched in version 1.4.97 of the master branch. The Docker image on docker.io has been patched. WorkaroundsIf upgrading is not possible, manually apply the changes of 4801ac7 and restart the serv...
Docassemble unauthorized access through URL manipulation
ImpactThe vulnerability allows attackers to gain unauthorized access to information on the system through URL manipulation. It affects versions 1.4.53 to 1.4.96. PatchesThe vulnerability has been patched in version 1.4.97 of the master branch. The Docker image on docker.io has been patched...
Python Cryptography package vulnerable to Bleichenbacher timing oracle attack
A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data...
Kinto Attachment's attachments can be replaced on read-only records
ImpactThe attachment file of an existing record can be replaced if the user has "read" permission on one of the parent collection or bucket.And if the "read" permission is given to "system.Everyone" on one of the parent, then the attachment can be replaced on a record using an anonymous...
Potentially untrusted input is rendered as HTML in final output
ImpactAll users of mjml-python who insert untrusted data into mjml templates unless that data is checked in a very strict manner. User input like would be rendered as...
langchain Server-Side Request Forgery vulnerability
With the following crawler configuration:pythonfrom bs4 import BeautifulSoup as Soupurl = "https://example.com"loader = RecursiveUrlLoader url=url, maxdepth=2, extractor=lambda x: Soupx, "html.parser".text docs = loader.loadAn attacker in control of the contents of https://example.com could place...
Allegro AI ClearML vulnerable to deserialization of untrusted data
Deserialization of untrusted data can occur in versions 0.17.0 to 1.14.2 of the client SDK of Allegro AI’s ClearML platform, enabling a maliciously uploaded artifact to run arbitrary code on an end user’s system when interacted with...
Scrapy decompression bomb vulnerability
ImpactScrapy limits allowed response sizes by default through the DOWNLOADMAXSIZE and DOWNLOADWARNSIZE settings.However, those limits were only being enforced during the download of the raw, usually-compressed response bodies, and not during decompression, making Scrapy vulnerable to decompressio...
pyLoad open redirect vulnerability due to improper validation of the is_safe_url function
SummaryOpen redirect vulnerability due to incorrect validation of input values when redirecting users after login. Detailspyload is validating URLs via the getredirecturl function when redirecting users at login.The URL entered in the next variable goes through the issafeurl function, where a lac...
Allegro AI ClearML Stores Credentials in Plaintext in MongoDB Instance
Allegro AI’s open-source version of ClearML stores passwords in plaintext within the MongoDB instance, resulting in a compromised server leaking all user emails and passwords...
Scrapy authorization header leakage on cross-domain redirect
ImpactWhen you send a request with the Authorization header to one domain, and the response asks to redirect to a different domain, Scrapy’s built-in redirect middleware creates a follow-up redirect request that keeps the original Authorization header, leaking its content to that second domain.Th...