‼️CVE-2023-51663‼️
📖 Read more
Via "National Vulnerability Database"
Hail is an opensource, generalpurpose, Pythonbased data analysis tool with additional data types and methods for working with genomic data. Hail relies on OpenID Connect OIDC email addresses from ID tokens to verify the validity of a user's domain, but because users have the ability to change their email address, they could create accounts and use resources in clusters that they should not have access to. For example, a user could create a Microsoft or Google account and then change their email to testexample.org. This account can then be used to create a Hail Batch account in Hail Batch clusters whose organization domain is example.org. The attacker is not able to access private data or impersonate another user, but they would have the ability to run jobs if Hail Batch billing projects are enabled and create Azure Tenants if they have Azure Active Directory Administrator access.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-52137‼️
📖 Read more
Via "National Vulnerability Database"
The tjactionsverifychangedfileshttpsgithub.comtjactionsverifychangedfiles action allows for command injection in changed filenames, allowing an attacker to execute arbitrary code and potentially leak secrets. The verifychangedfileshttpsgithub.comtjactionsverifychangedfiles workflow returns the list of files changed within a workflow execution. This could potentially allow filenames that contain special characters such as which can be used by an attacker to take over the GitHub Runnerhttpsdocs.github.comenactionsusinggithubhostedrunnersaboutgithubhostedrunners if the output value is used in a raw fashion thus being directly replaced before execution inside a run block. By running custom commands, an attacker may be able to steal secrets such as GITHUBTOKEN if triggered on other events than pullrequest. This has been patched in versions 17httpsgithub.comtjactionsverifychangedfilesreleasestagv17 and 17.0.0httpsgithub.comtjactionsverifychangedfilesreleasestagv17.0.0 by enabling safeoutput by default and returning filename paths escaping special characters for bash environments.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-52139‼️
📖 Read more
Via "National Vulnerability Database"
Misskey is an open source, decentralized social media platform. Thirdparty applications may be able to access some endpoints or Websocket APIs that are incorrectly specified as kindhttpsgithub.commisskeydevmisskeyblob406b4bdbe79b5b0b68fcdcb3c4b6e419460a0258packagesbackendsrcserverapiendpoints.tsL811 or securehttpsgithub.commisskeydevmisskeyblob406b4bdbe79b5b0b68fcdcb3c4b6e419460a0258packagesbackendsrcserverapiendpoints.tsL805 without the user's permission and perform operations such as reading or adding nonpublic content. As a result, if the user who authenticated the application is an administrator, confidential information such as object storage secret keys and SMTP server passwords will be leaked, and general users can also create invitation codes without permission and leak nonpublic user information. This is patched in version 2023.12.1httpsgithub.commisskeydevmisskeycommitc96bc36fedc804dc840ea791a9355d7df0748e64.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-7171‼️
📖 Read more
Via "National Vulnerability Database"
A vulnerability was found in NovelPlus up to 4.2.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file noveladminsrcmainjavacomjava2nbnovelcontrollerFriendLinkController.java of the component Friendly Link Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The patch is named d6093d8182362422370d7eaf6c53afde9ee45215. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB249307.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-50035‼️
📖 Read more
Via "National Vulnerability Database"
PHPGurukul Small CRM 3.0 is vulnerable to SQL Injection on the Users login panel because of "password" parameter is directly used in the SQL query without any sanitization and the SQL Injection payload being executed.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-50069‼️
📖 Read more
Via "National Vulnerability Database"
WireMock with GUI versions 3.2.0.0 through 3.0.4.0 are vulnerable to stored crosssite scripting SXSS through the recording feature. An attacker can host a malicious payload and perform a test mapping pointing to the attacker's file, and the result will render on the Matched page in the Body area, resulting in the execution of the payload. This occurs because the response body is not validated or sanitized.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-50070‼️
📖 Read more
Via "National Vulnerability Database"
Sourcecodester Customer Support System 1.0 has multiple SQL injection vulnerabilities in customersupportajax.php?actionsaveticket via departmentid, customerid, and subject.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-50071‼️
📖 Read more
Via "National Vulnerability Database"
Sourcecodester Customer Support System 1.0 has multiple SQL injection vulnerabilities in customersupportajax.php?actionsavedepartment via id or name.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-52240‼️
📖 Read more
Via "National Vulnerability Database"
The Kantega SAML SSO OIDC Kerberos Single Signon apps before 6.20.0 for Atlassian products allow XSS if SAML POST Binding is enabled. This affects 4.4.2 through 4.14.8 before 4.14.9, 5.0.0 through 5.11.4 before 5.11.5, and 6.0.0 through 6.19.0 before 6.20.0. The full product names are Kantega SAML SSO OIDC Kerberos Single Signon for Jira Data Center Server Kantega SSO Enterprise, Kantega SAML SSO OIDC Kerberos Single Signon for Confluence Data Center Server Kantega SSO Enterprise, Kantega SAML SSO OIDC Kerberos Single Signon for Bitbucket Data Center Server Kantega SSO Enterprise, Kantega SAML SSO OIDC Kerberos Single Signon for Bamboo Data Center Server Kantega SSO Enterprise, and Kantega SAML SSO OIDC Kerberos Single Signon for FeCru Server Kantega SSO Enterprise. Here, FeCru refers to the Atlassian Fisheye and Crucible products running together.📖 Read more
Via "National Vulnerability Database"
👍1
‼️CVE-2023-50559‼️
📖 Read more
Via "National Vulnerability Database"
An issue was discovered in XiangShan v2.1, allows local attackers to obtain sensitive information via the L1D cache.📖 Read more
Via "National Vulnerability Database"
Hi community! 🌟
We'd like to let you know that, due to technical changes in the source from which we retrieve CVEs, we can now only send CVEs once a day to this channel. We're thinking about creating a new channel just for CVEs, while keeping this space for sharing news (as usual).
What do you think? What would you prefer (your decision will be the one we go with)?
Sorry for any inconvenience. 🙏
Let's keep staying informed together! 🧑💻
We'd like to let you know that, due to technical changes in the source from which we retrieve CVEs, we can now only send CVEs once a day to this channel. We're thinking about creating a new channel just for CVEs, while keeping this space for sharing news (as usual).
What do you think? What would you prefer (your decision will be the one we go with)?
Sorry for any inconvenience. 🙏
Let's keep staying informed together! 🧑💻
👍7
What's your preference for our channels? 🤔
Anonymous Poll
40%
Keep CVEs and news together in this channel.
60%
Create a new channel exclusively for CVEs.
‼️CVE-2023-41542‼️
📖 Read more
Via "National Vulnerability Database"
SQL injection vulnerability in jeecgboot version 3.5.3, allows remote attackers to escalate privileges and obtain sensitive information via the jmreportqurestSql component.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-41543‼️
📖 Read more
Via "National Vulnerability Database"
SQL injection vulnerability in jeecgboot v3.5.3, allows remote attackers to escalate privileges and obtain sensitive information via the component sysreplicatecheck.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2022-46486‼️
📖 Read more
Via "National Vulnerability Database"
A lack of pointervalidation logic in the sconedispatch component of SCONE before v5.8.0 for Intel SGX allows attackers to access sensitive information.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2022-46487‼️
📖 Read more
Via "National Vulnerability Database"
Improper initialization of x87 and SSE floatingpoint configuration registers in the sconeentry component of SCONE before 5.8.0 for Intel SGX allows a local attacker to compromise the execution integrity of floatingpoint operations in an enclave or access sensitive information via sidechannel analysis.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-38021‼️
📖 Read more
Via "National Vulnerability Database"
An issue was discovered in Fortanix EnclaveOS Confidential Computing Manager CCM Platform before 3.32 for Intel SGX. Lack of pointeralignment validation logic in entry functions allows a local attacker to access unauthorized information. This relates to the enclaveecall function and system call layer.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-38022‼️
📖 Read more
Via "National Vulnerability Database"
An issue was discovered in Fortanix EnclaveOS Confidential Computing Manager CCM Platform before 3.29 for Intel SGX. Insufficient pointer validation allows a local attacker to access unauthorized information. This relates to strlen and sgxiswithinuser.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-38023‼️
📖 Read more
Via "National Vulnerability Database"
An issue was discovered in SCONE Confidential Computing Platform before 5.8.0 for Intel SGX. Lack of pointeralignment logic in sconedispatch and other entry functions allows a local attacker to access unauthorized information, aka an "AEPIC Leak."📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-41544‼️
📖 Read more
Via "National Vulnerability Database"
SSTI injection vulnerability in jeecgboot version 3.5.3, allows remote attackers to execute arbitrary code via crafted HTTP request to the jmreportloadTableData component.📖 Read more
Via "National Vulnerability Database"
‼️CVE-2023-52252‼️
📖 Read more
Via "National Vulnerability Database"
Unified Remote 3.13.0 allows remote attackers to execute arbitrary Lua code because of a wildcarded AccessControlAllowOrigin for the Remote upload endpoint.📖 Read more
Via "National Vulnerability Database"