βΌ CVE-2023-26487 βΌ
π Read
via "National Vulnerability Database".
Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs.`lassoAppend' function accepts 3 arguments and internally invokes `push` function on the 1st argument specifying array consisting of 2nd and 3rd arguments as `push` call argument. The type of the 1st argument is supposed to be an array, but it's not enforced. This makes it possible to specify any object with a `push` function as the 1st argument, `push` function can be set to any function that can be access via `event.view` (no all such functions can be exploited due to invalid context or signature, but some can, e.g. `console.log`). The issue is that`lassoAppend` doesn't enforce proper types of its arguments. This issue opens various XSS vectors, but exact impact and severity depends on the environment (e.g. Core JS `setImmediate` polyfill basically allows `eval`-like functionality). This issue was patched in 5.23.0.π Read
via "National Vulnerability Database".
βΌ CVE-2023-23929 βΌ
π Read
via "National Vulnerability Database".
vantage6 is a privacy preserving federated learning infrastructure for secure insight exchange. Currently, the refresh token is valid indefinitely. The refresh token should get a validity of 24-48 hours. A fix was released in version 3.8.0.π Read
via "National Vulnerability Database".
βΌ CVE-2023-25403 βΌ
π Read
via "National Vulnerability Database".
CleverStupidDog yf-exam v 1.8.0 is vulnerable to Authentication Bypass. The program uses a fixed JWT key, and the stored key uses username format characters. Any user who logged in within 24 hours. A token can be forged with his username to bypass authentication.π Read
via "National Vulnerability Database".
βΌ CVE-2023-25402 βΌ
π Read
via "National Vulnerability Database".
CleverStupidDog yf-exam 1.8.0 is vulnerable to File Upload. There is no restriction on the suffix of the uploaded file, resulting in any file upload.π Read
via "National Vulnerability Database".
βΌ CVE-2023-26490 βΌ
π Read
via "National Vulnerability Database".
mailcow is a dockerized email package, with multiple containers linked in one bridged network. The Sync Job feature - which can be made available to standard users by assigning them the necessary permission - suffers from a shell command injection. A malicious user can abuse this vulnerability to obtain shell access to the Docker container running dovecot. The imapsync Perl script implements all the necessary functionality for this feature, including the XOAUTH2 authentication mechanism. This code path creates a shell command to call openssl. However, since different parts of the specified user password are included without any validation, one can simply execute additional shell commands. Notably, the default ACL for a newly-created mailcow account does not include the necessary permission. The Issue has been fixed within the 2023-03 Update (March 3rd 2023). As a temporary workaround the Syncjob ACL can be removed from all mailbox users, preventing from creating or changing existing Syncjobs.π Read
via "National Vulnerability Database".
βΌ CVE-2023-26779 βΌ
π Read
via "National Vulnerability Database".
CleverStupidDog yf-exam v 1.8.0 is vulnerable to Deserialization which can lead to remote code execution (RCE).π Read
via "National Vulnerability Database".
βΌ CVE-2023-26483 βΌ
π Read
via "National Vulnerability Database".
gosaml2 is a Pure Go implementation of SAML 2.0. SAML Service Providers using this library for SAML authentication support are likely susceptible to Denial of Service attacks. A bug in this library enables attackers to craft a `deflate`-compressed request which will consume significantly more memory during processing than the size of the original request. This may eventually lead to memory exhaustion and the process being killed. The maximum compression ratio achievable with `deflate` is 1032:1, so by limiting the size of bodies passed to gosaml2, limiting the rate and concurrency of calls, and ensuring that lots of memory is available to the process it _may_ be possible to help Go's garbage collector "keep up". Implementors are encouraged not to rely on this. This issue is fixed in version 0.9.0.π Read
via "National Vulnerability Database".
βΌ CVE-2023-26491 βΌ
π Read
via "National Vulnerability Database".
RSSHub is an open source and extensible RSS feed generator. When the URL parameters contain certain special characters, it returns an error page that does not properly handle XSS vulnerabilities, allowing for the execution of arbitrary JavaScript code. Users who access the deliberately constructed URL are affected. This vulnerability was fixed in version c910c4d28717fb860fbe064736641f379fab2c91. Please upgrade to this or a later version, there are no known workarounds.π Read
via "National Vulnerability Database".
βΌ CVE-2020-36663 βΌ
π Read
via "National Vulnerability Database".
A vulnerability, which was classified as problematic, was found in ArtesΓΒ£os SEOTools up to 0.17.1. This affects the function makeTag of the file OpenGraph.php. The manipulation of the argument value leads to open redirect. Upgrading to version 0.17.2 is able to address this issue. The name of the patch is ca27cd0edf917e0bc805227013859b8b5a1f01fb. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-222231.π Read
via "National Vulnerability Database".
βΌ CVE-2023-1175 βΌ
π Read
via "National Vulnerability Database".
Incorrect Calculation of Buffer Size in GitHub repository vim/vim prior to 9.0.1378.π Read
via "National Vulnerability Database".
βΌ CVE-2014-125091 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been found in codepeople cp-polls Plugin 1.0.1 and classified as critical. This vulnerability affects unknown code of the file cp-admin-int-message-list.inc.php. The manipulation of the argument lu leads to sql injection. The attack can be initiated remotely. Upgrading to version 1.0.2 is able to address this issue. The name of the patch is 6d7168cbf12d1c183bacc5cd5678f6f5b0d518d2. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-222268.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2015-10088 βΌ
π Read
via "National Vulnerability Database".
A vulnerability, which was classified as critical, was found in ayttm up to 0.5.0.89. This affects the function http_connect in the library libproxy/proxy.c. The manipulation leads to format string. It is possible to initiate the attack remotely. The name of the patch is 40e04680018614a7d2b68566b261b061a0597046. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-222267.π Read
via "National Vulnerability Database".
βΌ CVE-2008-10002 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been found in cfire24 ajaxlife up to 0.3.2 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 0.3.3 is able to address this issue. The name of the patch is 9fb53b67312fe3f4336e01c1e3e1bedb4be0c1c8. It is recommended to upgrade the affected component. VDB-222286 is the identifier assigned to this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2008-10003 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in iGamingModules flashgames 1.1.0. It has been classified as critical. Affected is an unknown function of the file game.php. The manipulation of the argument lid leads to sql injection. It is possible to launch the attack remotely. The name of the patch is 6e57683704885be32eea2ea614f80c9bb8f012c5. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-222288.π Read
via "National Vulnerability Database".
βΌ CVE-2023-1179 βΌ
π Read
via "National Vulnerability Database".
A vulnerability, which was classified as problematic, was found in SourceCodester Computer Parts Sales and Inventory System 1.0. Affected is an unknown function of the component Add Supplier Handler. The manipulation of the argument company_name/province/city/phone_number leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-222330 is the identifier assigned to this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-1180 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been found in SourceCodester Health Center Patient Record Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file hematology_print.php. The manipulation of the argument hem_id leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-222331.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2015-10089 βΌ
π Read
via "National Vulnerability Database".
A vulnerability classified as problematic has been found in flame.js. This affects an unknown part. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The name of the patch is e6c49b5f6179e31a534b7c3264e1d36aa99728ac. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-222291.π Read
via "National Vulnerability Database".
π₯1
βΌ CVE-2023-1181 βΌ
π Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - Stored in GitHub repository icret/easyimages2.0 prior to 2.6.7.π Read
via "National Vulnerability Database".
βΌ CVE-2021-4329 βΌ
π Read
via "National Vulnerability Database".
A vulnerability, which was classified as critical, has been found in json-logic-js 2.0.0. Affected by this issue is some unknown functionality of the file logic.js. The manipulation leads to command injection. Upgrading to version 2.0.1 is able to address this issue. The name of the patch is c1dd82f5b15d8a553bb7a0cfa841ab8a11a9c227. It is recommended to upgrade the affected component. VDB-222266 is the identifier assigned to this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2022-4927 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in ualbertalib NEOSDiscovery 1.0.70 and classified as problematic. This issue affects some unknown processing of the file app/views/bookmarks/_refworks.html.erb. The manipulation leads to use of web link to untrusted target with window.opener access. The attack may be initiated remotely. Upgrading to version 1.0.71 is able to address this issue. The name of the patch is abe9f57123e0c278ae190cd7402a623d66c51375. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-222287.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22419 βΌ
π Read
via "National Vulnerability Database".
Out-of-bounds read vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC Programming Software) Version 1.6.9.0 and earlier. When processing a comment block in stage information, the end of data cannot be verified and out-of-bounds read occurs. As a result, opening a specially crafted project file may lead to information disclosure and/or arbitrary code execution.π Read
via "National Vulnerability Database".