Lucene search

K

Tips And Tricks HQ, Ruhul Amin Security Vulnerabilities

citrix
citrix

XenServer and Citrix Hypervisor Security Update for CVE-2024-5661

An issue has been identified in both XenServer 8 and Citrix Hypervisor 8.2 CU1 LTSR which mayallow a malicious administrator of a guest VM to cause the host to become slow and/or unresponsive. This issue has the following identifier: CVE-2024-5661 CVE-2024-5661 affects all deployments....

6.7AI Score

0.0004EPSS

2024-06-11 02:09 PM
25
osv
osv

Grafana Email addresses and usernames can not be trusted

Today we are releasing Grafana 9.2.4. Alongside other bug fixes, this patch release includes moderate severity security fixes for CVE-2022-39306. We are also releasing security patches for Grafana 8.5.15 to fix these issues. Release 9.2.4, latest patch, also containing security fix: Download...

8.1CVSS

8.3AI Score

0.002EPSS

2024-05-14 10:29 PM
10
osv
osv

Moodle uses the same key for QR login and auto-login

A unique key should be generated for a user's QR login key and their auto-login key, so the same key cannot be used interchangeably between the...

6.9AI Score

0.0004EPSS

2024-06-18 09:30 PM
2
osv
osv

Vyper's raw_call `value=` kwargs not disabled for static and delegate calls

Summary Vyper compiler allows passing a value in builtin raw_call even if the call is a delegatecall or a staticcall. But in the context of delegatecall and staticcall the handling of value is not possible due to the semantics of the respective opcodes, and vyper will silently ignore the value=...

5.3CVSS

5.3AI Score

0.0005EPSS

2024-01-30 06:42 PM
4
osv
osv

Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability

Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege...

5.5CVSS

5.8AI Score

0.0004EPSS

2024-06-11 06:30 PM
3
osv
osv

Decompressors can crash the JVM and leak memory content in Aircompressor

Summary All decompressor implementations of Aircompressor (LZ4, LZO, Snappy, Zstandard) can crash the JVM for certain input, and in some cases also leak the content of other memory of the Java process (which could contain sensitive information). Details When decompressing certain data, the...

8.6CVSS

6.2AI Score

0.0004EPSS

2024-06-02 10:30 PM
2
nuclei
nuclei

Miniorange Social Login and Register <= 7.6.3 - Authentication Bypass

The WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 7.6.4. This is due to insufficient encryption on the user being supplied during a login validated through the plugin. This...

9.8CVSS

9.6AI Score

0.012EPSS

2023-06-29 12:58 PM
16
atlassian
atlassian

Apache Kafka Connect API Vulnerability in Bitbucket Data Center and Server

This High severity Third-Party Dependency vulnerability was introduced in versions 7.21.0, 8.7.1, 8.8.0, 8.9.0, 8.10.0, 8.11.0, and 8.12.0 of Bitbucket Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 8.8 and a CVSS Vector of...

8.8CVSS

7AI Score

0.97EPSS

2023-10-06 05:45 PM
20
osv
osv

Typo3 Arbitrary file upload and XML External Entity processing

It has been discovered that Flow 3.0.0 allows arbitrary file uploads, inlcuding server-side scripts, posing the risk of attacks. If those scripts are executed by the server when accessed through their public URL, anything not blocked through other means is possible (information disclosure,...

7.1AI Score

2024-06-05 06:26 PM
1
osv
osv

Moderate: ruby:3.1 security, bug fix, and enhancement update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby (3.1). (AlmaLinux-35449) Security Fix(es): ruby: Buffer overread...

7AI Score

EPSS

2024-06-06 12:00 AM
1
almalinux
almalinux

Important: tomcat security and bug fix update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. Security Fix(es): Apache Tomcat: HTTP/2 header handling DoS (CVE-2024-24549) Apache Tomcat: WebSocket DoS with incomplete closing handshake (CVE-2024-23672) Bug Fix(es) and Enhancement(s): Rebase...

6.7AI Score

0.0004EPSS

2024-05-23 12:00 AM
6
osv
osv

Important: tomcat security and bug fix update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. Security Fix(es): Apache Tomcat: HTTP/2 header handling DoS (CVE-2024-24549) Apache Tomcat: WebSocket DoS with incomplete closing handshake (CVE-2024-23672) Bug Fix(es) and Enhancement(s): Rebase...

7AI Score

0.0004EPSS

2024-05-23 12:00 AM
5
osv
osv

Zitadel exposing internal database user name and host information

Impact In case ZITADEL could not connect to the database, connection information including db name, username and db host name could be returned to the user. Patches 2.x versions are fixed on &gt;= 2.50.3 2.49.x versions are fixed on &gt;= 2.49.5 2.48.x versions are fixed on &gt;= 2.48.5 2.47.x vers...

5.3CVSS

6.8AI Score

0.0004EPSS

2024-05-01 04:36 PM
7
atlassian
atlassian

SQLi (SQL Injection) org.postgresql:postgresql Dependency in Confluence Data Center and Server

This Critical severity org.postgresql:postgresql Dependency vulnerability was introduced in versions 6.0.1 of Confluence Data Center and Server. Confluence Data Center is unaffected by this vulnerability as it does not use the {{PreferQueryMode=SIMPLE}} parameter required for this vulnerability in....

10CVSS

9.7AI Score

0.001EPSS

2024-05-16 04:11 AM
17
wpvulndb
wpvulndb

WPQA < 6.1.1 - Arbitrary Category and Tag Follow/Unfollow via CSRF

Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks PoC The PoC will be displayed on June 26, 2024, to give users the time to...

6.5AI Score

EPSS

2024-06-12 12:00 AM
osv
osv

Aimeos denial of service vulnerability in SaaS and marketplace setups

Impact All SaaS and marketplace setups using Aimeos version from 2022/2023/2024 are affected by a potential denial of service attack Patches Upgrade to the latest 2022.10 LTS, 2023.10 LTS and 2024.04.7 version of the aimeos/aimeos-core...

5.5CVSS

7AI Score

0.0004EPSS

2024-05-29 02:38 PM
3
github
github

Aimeos denial of service vulnerability in SaaS and marketplace setups

Impact All SaaS and marketplace setups using Aimeos version from 2022/2023/2024 are affected by a potential denial of service attack Patches Upgrade to the latest 2022.10 LTS, 2023.10 LTS and 2024.04.7 version of the aimeos/aimeos-core...

5.5CVSS

7AI Score

0.0004EPSS

2024-05-29 02:38 PM
4
github
github

Vyper's raw_call `value=` kwargs not disabled for static and delegate calls

Summary Vyper compiler allows passing a value in builtin raw_call even if the call is a delegatecall or a staticcall. But in the context of delegatecall and staticcall the handling of value is not possible due to the semantics of the respective opcodes, and vyper will silently ignore the value=...

5.3CVSS

5.3AI Score

0.0005EPSS

2024-01-30 06:42 PM
8
github
github

Typo3 Arbitrary file upload and XML External Entity processing

It has been discovered that Flow 3.0.0 allows arbitrary file uploads, inlcuding server-side scripts, posing the risk of attacks. If those scripts are executed by the server when accessed through their public URL, anything not blocked through other means is possible (information disclosure,...

7.1AI Score

2024-06-05 06:26 PM
1
github
github

Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability

Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege...

5.5CVSS

5.8AI Score

0.0004EPSS

2024-06-11 06:30 PM
4
cve
cve

CVE-2020-1182

A remote code execution vulnerability exists in Microsoft Dynamics 365 for Finance and Operations (on-premises) version 10.0.11. An attacker who successfully exploited this vulnerability could gain remote code execution via server-side script execution on the victim server. An authenticated...

7.3CVSS

8AI Score

0.02EPSS

2020-08-17 07:15 PM
59
osv
osv

CVE-2024-22191

Avo is a framework to create admin panels for Ruby on Rails apps. A stored cross-site scripting (XSS) vulnerability was found in the key_value field of Avo v3.2.3 and v2.46.0. This vulnerability could allow an attacker to execute arbitrary JavaScript code in the victim's browser. The value of the.....

7.3CVSS

5.4AI Score

0.001EPSS

2024-01-16 10:15 PM
4
osv
osv

Silverstripe XSS in TreeDropdownField and TreeMultiSelectField

A cross-site scripting vulnerability has been discovered in the TreeDropdownField and TreeMultiSelectField. This vulnerability can only be exploited if a user with CMS access has posted malicious or unescaped HTML into any of the dataobjects used as a data source for either of these fields. This...

6.4AI Score

2024-05-23 02:57 PM
3
github
github

Moodle uses the same key for QR login and auto-login

A unique key should be generated for a user's QR login key and their auto-login key, so the same key cannot be used interchangeably between the...

6.9AI Score

0.0004EPSS

2024-06-18 09:30 PM
4
almalinux
almalinux

Moderate: ruby:3.1 security, bug fix, and enhancement update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fix(es): ruby: RCE vulnerability with .rdoc_options in RDoc (CVE-2024-27281) ruby: Buffer overread vulnerability in StringIO...

7.2AI Score

EPSS

2024-06-03 12:00 AM
2
nuclei
nuclei

D-LINK DNS-320L,DNS-320LW and DNS-327L - Information Disclosure

A vulnerability has been found in D-Link DNS-320L, DNS-320LW and DNS-327L up to 20240403 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/info.cgi of the component HTTP GET Request...

5.3CVSS

6.9AI Score

0.001EPSS

2024-06-18 05:41 AM
1
oraclelinux
oraclelinux

python39:3.9 and python39-devel:3.9 security update

mod_wsgi numpy python39 [3.9.19-1] - Update to 3.9.19 - Security fixes for CVE-2023-6597 and CVE-2024-0450 - Fix tests for XMLPullParser with Expat with fixed CVE Resolves: RHEL-33676, RHEL-33688 python3x-pip python3x-setuptools python3x-six python-cffi python-chardet python-cryptography...

7.8CVSS

7.2AI Score

EPSS

2024-05-31 12:00 AM
2
github
github

Silverstripe XSS in TreeDropdownField and TreeMultiSelectField

A cross-site scripting vulnerability has been discovered in the TreeDropdownField and TreeMultiSelectField. This vulnerability can only be exploited if a user with CMS access has posted malicious or unescaped HTML into any of the dataobjects used as a data source for either of these fields. This...

6.4AI Score

2024-05-23 02:57 PM
2
nuclei
nuclei

D-Link Network Attached Storage - Command Injection and Backdoor Account

UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. Affected is an unknown function of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the...

9.8CVSS

8.8AI Score

0.935EPSS

2024-04-09 05:15 PM
27
oraclelinux
oraclelinux

kernel security and bug fix update

[5.14.0-427.18.1_4.OL9] - Disable UKI signing [Orabug: 36571828] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update...

6.7AI Score

0.0004EPSS

2024-05-23 12:00 AM
8
nuclei
nuclei

Cisco Small Business 200,300 and 500 Series Switches - Open Redirect

Cisco Small Business 200,300 and 500 Series Switches contain an open redirect vulnerability in the Web UI. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized...

6.1CVSS

5.4AI Score

0.053EPSS

2023-05-22 06:08 PM
4
osv
osv

Moderate: ruby:3.1 security, bug fix, and enhancement update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fix(es): ruby: RCE vulnerability with .rdoc_options in RDoc (CVE-2024-27281) ruby: Buffer overread vulnerability in StringIO...

9AI Score

EPSS

2024-06-03 12:00 AM
8
wpvulndb
wpvulndb

LatePoint Plugin < 4.9.9.1 - Missing Authorization and Sensitive Information Exposure via IDOR

Description The LatePoint Plugin plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the 'start_or_use_session_for_customer' function in all versions up to and including 4.9.9. This makes it possible for unauthenticated...

9.1CVSS

6.6AI Score

0.001EPSS

2024-06-13 12:00 AM
1
osv
osv

[Out of Bounds Read and Write in configureProducer in C2BqBuffer.cpp in libcodec2_vndk]

In Import of C2SurfaceSyncObj.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for...

4.4CVSS

6.5AI Score

0.0004EPSS

2023-03-01 12:00 AM
2
nuclei
nuclei

Atlassian Crowd and Crowd Data Center - Unauthenticated Remote Code Execution

Atlassian Crowd and Crowd Data Center is susceptible to a remote code execution vulnerability because the pdkinstall development plugin is incorrectly enabled in release builds. Attackers who can send unauthenticated or authenticated requests to a Crowd or Crowd Data Center instance can exploit...

9.8CVSS

9.7AI Score

0.974EPSS

2020-08-16 03:54 PM
6
oraclelinux
oraclelinux

tomcat security and bug fix update

[1:9.0.87-1.el9_4.1] - Resolves: RHEL-34815 - Rebase tomcat to version 9.0.87 - Resolves: RHEL-31048 tomcat: Apache Tomcat: WebSocket DoS with incomplete closing handshake (CVE-2024-23672) - Resolves: RHEL-31032 tomcat: : Apache Tomcat: HTTP/2 header handling DoS (CVE-2024-24549) - Resolves:...

6.5AI Score

0.0004EPSS

2024-05-23 12:00 AM
8
osv
osv

Moderate: fence-agents security and bug fix update

The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Security Fix(es): urllib3: Request body not stripped after redirect from 303 status...

6.1CVSS

6.8AI Score

0.001EPSS

2024-05-22 12:00 AM
3
veracode
veracode

LDAP Injection

Apache Derby is vulnerable to LDAP Injection. The vulnerability is due to improper input validation in the username field which can be used to bypass authentication checks. This can be exploited by an attacker by injecting malicious usernames, and as a result fill up the disk by creating junk...

9.8CVSS

7.1AI Score

0.002EPSS

2023-11-21 06:47 AM
8
osv
osv

ZendFramework local file inclusion vector in `Zend_View::setScriptPath()` and `render()`

Zend_View is a component that utilizes PHP as a templating language. To utilize it, you specify "script paths" that contain view scripts, and then render() view scripts by specifying subdirectories within those script paths; the output is then returned as a string value which may be cached or...

7AI Score

2024-06-07 09:07 PM
osv
osv

LNbits improperly handles potential network and payment failures when using Eclair backend

Summary Paying invoices in Eclair that do not get settled within the internal timeout (about 30s) lead to a payment being considered failed, even though it may still be in flight. Details Using blocking: true on the API call will lead to a timeout error if a payment does not get settled in the 30s....

8.1CVSS

6.7AI Score

0.0004EPSS

2024-06-17 09:24 PM
6
osv
osv

Moderate: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section....

9.8CVSS

6.7AI Score

EPSS

2024-05-22 12:00 AM
5
almalinux
almalinux

Moderate: resource-agents security and bug fix update

The resource-agents packages provide the Pacemaker and RGManager service managers with a set of scripts. These scripts interface with several services to allow operating in a high-availability (HA) environment. Security Fix(es): urllib3: Request body not stripped after redirect from 303 status...

5.9CVSS

6.6AI Score

0.001EPSS

2024-05-22 12:00 AM
3
almalinux
almalinux

Moderate: kernel-rt security and bug fix update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer...

6.9AI Score

2024-05-22 12:00 AM
2
github
github

ZendFramework local file inclusion vector in `Zend_View::setScriptPath()` and `render()`

Zend_View is a component that utilizes PHP as a templating language. To utilize it, you specify "script paths" that contain view scripts, and then render() view scripts by specifying subdirectories within those script paths; the output is then returned as a string value which may be cached or...

7AI Score

2024-06-07 09:07 PM
3
osv
osv

Improve one-time permissions handling and revoking mechanism to prevent security issues

In multiple functions of OneTimePermissionUserManager.java, there is a possible one-time permission retention due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for...

5.5CVSS

6.7AI Score

0.0004EPSS

2023-07-01 12:00 AM
3
osv
osv

Malicious app can bypass one-time permission revocation and keep it granted

In getGroupState of GrantPermissionsViewModel.kt, there is a possible way to keep a one-time permission granted due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS

6.7AI Score

0.0004EPSS

2023-03-01 12:00 AM
4
osv
osv

Proxy PAC URL can use several URL schemes, including file: and jar:

In get of PacProxyService.java, there is a possible system service crash due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for...

5.5CVSS

6.3AI Score

0.0004EPSS

2022-08-01 12:00 AM
9
osv
osv

Moderate: resource-agents security and bug fix update

The resource-agents packages provide the Pacemaker and RGManager service managers with a set of scripts. These scripts interface with several services to allow operating in a high-availability (HA) environment. Security Fix(es): urllib3: Request body not stripped after redirect from 303 status...

5.9CVSS

6.4AI Score

0.001EPSS

2024-05-22 12:00 AM
3
osv
osv

Moderate: kernel-rt security and bug fix update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer...

9.8CVSS

7AI Score

EPSS

2024-05-22 12:00 AM
osv
osv

[Out of Bounds Read and Write in onQueueFilled in outQueue in libstagefright_soft_mpeg4dec]

In onQueueFilled of SoftMPEG4.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.4AI Score

0.0004EPSS

2024-03-01 12:00 AM
6
Total number of security vulnerabilities2651621