‼ CVE-2023-24776 ‼
📖 Read
via "National Vulnerability Database".
Funadmin v3.2.0 was discovered to contain a remote code execution (RCE) vulnerability via the component \controller\Addon.php.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-26054 ‼
📖 Read
via "National Vulnerability Database".
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. In affected versions when the user sends a build request that contains a Git URL that contains credentials and the build creates a provenance attestation describing that build, these credentials could be visible from the provenance attestation. Git URL can be passed in two ways: 1) Invoking build directly from a URL with credentials. 2) If the client sends additional version control system (VCS) info hint parameters on builds from a local source. Usually, that would mean reading the origin URL from `.git/config` file. When a build is performed under specific conditions where credentials were passed to BuildKit they may be visible to everyone who has access to provenance attestation. Provenance attestations and VCS info hints were added in version v0.11.0. Previous versions are not vulnerable. In v0.10, when building directly from Git URL, the same URL could be visible in `BuildInfo` structure that is a predecessor of Provenance attestations. Previous versions are not vulnerable. This bug has been fixed in v0.11.4. Users are advised to upgrade. Users unable to upgrade may disable VCS info hints by setting `BUILDX_GIT_INFO=0`. `buildctl` does not set VCS hints based on `.git` directory, and values would need to be passed manually with `--opt`.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-26600 ‼
📖 Read
via "National Vulnerability Database".
ManageEngine ServiceDesk Plus through 14104, ServiceDesk Plus MSP through 14000, Support Center Plus through 14000, and Asset Explorer through 6987 allow privilege escalation via query reports.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-24763 ‼
📖 Read
via "National Vulnerability Database".
In the module "Xen Forum" (xenforum) for PrestaShop, an authenticated user can perform SQL injection in versions up to 2.13.0.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-23939 ‼
📖 Read
via "National Vulnerability Database".
Azure/setup-kubectl is a GitHub Action for installing Kubectl. This vulnerability only impacts versions before version 3. An insecure temporary creation of a file allows other actors on the Actions runner to replace the Kubectl binary created by this action because it is world writable. This Kubectl tool installer runs `fs.chmodSync(kubectlPath, 777)` to set permissions on the Kubectl binary, however, this allows any local user to replace the Kubectl binary. This allows privilege escalation to the user that can also run kubectl, most likely root. This attack is only possible if an attacker somehow breached the GitHub actions runner or if a user is utilizing an Action that maliciously executes this attack. This has been fixed and released in all versions `v3` and later. 775 permissions are used instead. Users are advised to upgrade. There are no known workarounds for this issue.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-27472 ‼
📖 Read
via "National Vulnerability Database".
quickentity-editor-next is an open source, system local, video game asset editor. In affected versions HTML tags in entity names are not sanitised (XSS vulnerability). Allows arbitrary code execution within the browser sandbox, among other things, simply from loading a file containing a script tag in any entity name. This issue has been patched in version 1.28.1 of the application. Users are advised to upgrade. There are no known workarounds for this vulnerability.📖 Read
via "National Vulnerability Database".
🕴 Shein Shopping App Glitch Copies Android Clipboard Contents 🕴
📖 Read
via "Dark Reading".
The Android app unnecessarily accessed clipboard device contents, which often includes passwords and other sensitive data.📖 Read
via "Dark Reading".
Dark Reading
Shein Shopping App Glitch Copies Android Clipboard Contents
The Android app unnecessarily accessed clipboard device contents, which often includes passwords and other sensitive data.
‼ CVE-2021-36394 ‼
📖 Read
via "National Vulnerability Database".
In Moodle, a remote code execution risk was identified in the Shibboleth authentication plugin.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-36393 ‼
📖 Read
via "National Vulnerability Database".
In Moodle, an SQL injection risk was identified in the library fetching a user's recent courses.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-42248 ‼
📖 Read
via "National Vulnerability Database".
QlikView 12.60.2 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the QvsViewClient functionality.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-24736 ‼
📖 Read
via "National Vulnerability Database".
PMB v7.4.6 was discovered to contain a remote code execution (RCE) vulnerability via the component /sauvegarde/restaure_act.php.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-24734 ‼
📖 Read
via "National Vulnerability Database".
An arbitrary file upload vulnerability in the camera_upload.php component of PMB v7.4.6 allows attackers to execute arbitrary code via a crafted image file.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-24735 ‼
📖 Read
via "National Vulnerability Database".
PMB v7.4.6 was discovered to contain an open redirect vulnerability via the component /opac_css/pmb.php. This vulnerability allows attackers to redirect victim users to an external domain via a crafted URL.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-36398 ‼
📖 Read
via "National Vulnerability Database".
In moodle, ID numbers displayed in the web service token list required additional sanitizing to prevent a stored XSS risk.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-36400 ‼
📖 Read
via "National Vulnerability Database".
In Moodle, insufficient capability checks made it possible to remove other users' calendar URL subscriptions.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-0093 ‼
📖 Read
via "National Vulnerability Database".
Okta Advanced Server Access Client versions 1.13.1 through 1.65.0 are vulnerable to command injection due to the third party library webbrowser. An outdated library, webbrowser, used by the ASA client was found to be vulnerable to command injection. To exploit this issue, an attacker would need to phish the user to enter an attacker controlled server URL during enrollment.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-24733 ‼
📖 Read
via "National Vulnerability Database".
PMB v7.4.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the query parameter at /admin/convert/export_z3950_new.php.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-36396 ‼
📖 Read
via "National Vulnerability Database".
In Moodle, insufficient redirect handling made it possible to blindly bypass cURL blocked hosts/allowed ports restrictions, resulting in a blind SSRF risk.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-36392 ‼
📖 Read
via "National Vulnerability Database".
In Moodle, an SQL injection risk was identified in the library fetching a user's enrolled courses.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-36399 ‼
📖 Read
via "National Vulnerability Database".
In Moodle, ID numbers displayed in the quiz override screens required additional sanitizing to prevent a stored XSS risk.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-36713 ‼
📖 Read
via "National Vulnerability Database".
Cross Site Scripting (XSS) vulnerability in the DataTables plug-in 1.9.2 for jQuery allows attackers to run arbitrary code via the sBaseName parameter to function _fnCreateCookie. NOTE: 1.9.2 is a version from 2012.📖 Read
via "National Vulnerability Database".