‼ CVE-2021-45803 ‼
📖 Read
via "National Vulnerability Database".
MartDevelopers iResturant 1.0 is vulnerable to SQL Injection. SQL Injection occurs because this view parameter value is added to the SQL query without additional verification when viewing reservation.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-45845 ‼
📖 Read
via "National Vulnerability Database".
The Path Sanity Check script of FreeCAD 0.19 is vulnerable to OS command injection, allowing an attacker to execute arbitrary commands via a crafted FCStd document.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-23033 ‼
📖 Read
via "National Vulnerability Database".
arm: guest_physmap_remove_page not removing the p2m mappings The functions to remove one or more entries from a guest p2m pagetable on Arm (p2m_remove_mapping, guest_physmap_remove_page, and p2m_set_entry with mfn set to INVALID_MFN) do not actually clear the pagetable entry if the entry doesn't have the valid bit set. It is possible to have a valid pagetable entry without the valid bit set when a guest operating system uses set/way cache maintenance instructions. For instance, a guest issuing a set/way cache maintenance instruction, then calling the XENMEM_decrease_reservation hypercall to give back memory pages to Xen, might be able to retain access to those pages even after Xen started reusing them for other purposes.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-45343 ‼
📖 Read
via "National Vulnerability Database".
In LibreCAD 2.2.0, a NULL pointer dereference in the HATCH handling of libdxfrw allows an attacker to crash the application using a crafted DXF document.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-23223 ‼
📖 Read
via "National Vulnerability Database".
The HTTP response will disclose the user password. This issue affected Apache ShenYu 2.4.0 and 2.4.1.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-45802 ‼
📖 Read
via "National Vulnerability Database".
MartDevelopers iResturant 1.0 is vulnerable to SQL Injection. SQL Injection occurs because the email and phone parameter values are added to the SQL query without any verification at the time of membership registration.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-23035 ‼
📖 Read
via "National Vulnerability Database".
Insufficient cleanup of passed-through device IRQs The management of IRQs associated with physical devices exposed to x86 HVM guests involves an iterative operation in particular when cleaning up after the guest's use of the device. In the case where an interrupt is not quiescent yet at the time this cleanup gets invoked, the cleanup attempt may be scheduled to be retried. When multiple interrupts are involved, this scheduling of a retry may get erroneously skipped. At the same time pointers may get cleared (resulting in a de-reference of NULL) and freed (resulting in a use-after-free), while other code would continue to assume them to be valid.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-45844 ‼
📖 Read
via "National Vulnerability Database".
Improper sanitization in the invocation of ODA File Converter from FreeCAD 0.19 allows an attacker to inject OS commands via a crafted filename.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-45342 ‼
📖 Read
via "National Vulnerability Database".
A buffer overflow vulnerability in CDataList of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an attacker to achieve Remote Code Execution using a crafted JWW document.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-45847 ‼
📖 Read
via "National Vulnerability Database".
Several missing input validations in the 3MF parser component of Slic3r libslic3r 1.3.0 can each allow an attacker to cause an application crash using a crafted 3MF input file.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-46113 ‼
📖 Read
via "National Vulnerability Database".
In MartDevelopers KEA-Hotel-ERP open source as of 12-31-2021, a remote code execution vulnerability can be exploited by uploading PHP files using the file upload vulnerability in this service.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-23034 ‼
📖 Read
via "National Vulnerability Database".
A PV guest could DoS Xen while unmapping a grant To address XSA-380, reference counting was introduced for grant mappings for the case where a PV guest would have the IOMMU enabled. PV guests can request two forms of mappings. When both are in use for any individual mapping, unmapping of such a mapping can be requested in two steps. The reference count for such a mapping would then mistakenly be decremented twice. Underflow of the counters gets detected, resulting in the triggering of a hypervisor bug check.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-23945 ‼
📖 Read
via "National Vulnerability Database".
Missing authentication on ShenYu Admin when register by HTTP. This issue affected Apache ShenYu 2.4.0 and 2.4.1.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-45029 ‼
📖 Read
via "National Vulnerability Database".
Groovy Code Injection & SpEL Injection which lead to Remote Code Execution. This issue affected Apache ShenYu 2.4.0 and 2.4.1.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-23944 ‼
📖 Read
via "National Vulnerability Database".
User can access /plugin api without authentication. This issue affected Apache ShenYu 2.4.0 and 2.4.1.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-21697 ‼
📖 Read
via "National Vulnerability Database".
Jupyter Server Proxy is a Jupyter notebook server extension to proxy web services. Versions of Jupyter Server Proxy prior to 3.2.1 are vulnerable to Server-Side Request Forgery (SSRF). Any user deploying Jupyter Server or Notebook with jupyter-proxy-server extension enabled is affected. A lack of input validation allows authenticated clients to proxy requests to other hosts, bypassing the `allowed_hosts` check. Because authentication is required, which already grants permissions to make the same requests via kernel or terminal execution, this is considered low to moderate severity. Users may upgrade to version 3.2.1 to receive a patch or, as a workaround, install the patch manually.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-45846 ‼
📖 Read
via "National Vulnerability Database".
A flaw in the AMF parser of Slic3r libslic3r 1.3.0 allows an attacker to cause an application crash using a crafted AMF document, where a metadata tag lacks a "type" attribute.📖 Read
via "National Vulnerability Database".
🕴 Cyber-Physical Security: What It Is and What You Should Do 🕴
📖 Read
via "Dark Reading".
Ancillary installations like the Internet of Things, operational technology, and industrial control systems enable lots of great functionality, and they face most of the same risks as IT infrastructure.📖 Read
via "Dark Reading".
Dark Reading
Cyber-Physical Security: What It Is and What You Should Do
Ancillary installations like the Internet of Things, operational technology, and industrial control systems enable lots of great functionality, and they face most of the same risks as IT infrastructure.
🗓️ PrinterLogic vendor addresses triple RCE threat against all connected endpoints 🗓️
📖 Read
via "The Daily Swig".
High severity flaws show centralized management means centralized risk, say researchers📖 Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
PrinterLogic vendor addresses triple RCE threat against all connected endpoints
High severity flaws show centralized management means centralized risk, say researchers
👍1
🕴 4 Steps Toward Knowing Your Exploitable Attack Surface 🕴
📖 Read
via "Dark Reading".
Actionable steps you can take today to identify the true risk your organization faces — learn how to separate the exploitable vulnerabilities from the rest.📖 Read
via "Dark Reading".
Dark Reading
4 Steps Toward Knowing Your Exploitable Attack Surface
Actionable steps you can take today to identify the true risk your organization faces — learn how to separate the exploitable vulnerabilities from the rest.
❌ AdSanity, AccessPress Plugins Open Scads of WordPress Sites to Takeover ❌
📖 Read
via "Threat Post".
A critical security bug and a months-long, ongoing supply-chain attack spell trouble for WordPress users.📖 Read
via "Threat Post".
Threat Post
AdSanity, AccessPress Plugins Open Scads of WordPress Sites to Takeover
A critical security bug and a months-long, ongoing supply-chain attack spell trouble for WordPress users.