๐จ CVE-2023-45715
The console may experience a service interruption when processing file names with invalid characters.
๐@cveNotify
The console may experience a service interruption when processing file names with invalid characters.
๐@cveNotify
Hcl-Software
Security Bulletin: HCL BigFix Platform is affected by multiple security vulnerabilities - Customer Support
HCL BigFix Platform is affected by Unauthenticated Stored Cross-Site Scripting (XSS) (CVE-2023-45706),
๐จ CVE-2024-25254
SuperScan v4.1 was discovered to contain a buffer overflow via the Hostname/IP parameter.
๐@cveNotify
SuperScan v4.1 was discovered to contain a buffer overflow via the Hostname/IP parameter.
๐@cveNotify
๐จ CVE-2024-50636
PyMOL 2.5.0 contains a vulnerability in its "Run Script" function, which allows the execution of arbitrary Python code embedded within .PYM files. Attackers can craft a malicious .PYM file containing a Python reverse shell payload and exploit the function to achieve Remote Command Execution (RCE). This vulnerability arises because PyMOL treats .PYM files as Python scripts without properly validating or restricting the commands within the script, enabling attackers to run unauthorized commands in the context of the user running the application.
๐@cveNotify
PyMOL 2.5.0 contains a vulnerability in its "Run Script" function, which allows the execution of arbitrary Python code embedded within .PYM files. Attackers can craft a malicious .PYM file containing a Python reverse shell payload and exploit the function to achieve Remote Command Execution (RCE). This vulnerability arises because PyMOL treats .PYM files as Python scripts without properly validating or restricting the commands within the script, enabling attackers to run unauthorized commands in the context of the user running the application.
๐@cveNotify
GitHub
Vulnerability notification ยท Issue #405 ยท schrodinger/pymol-open-source
Hello vendors, I'm a security researcher and I perform security testing for free. I have found a critical vulnerability on the Run Script function which allows attackers to gain remote code exe...
๐จ CVE-2024-11209
A vulnerability was found in Apereo CAS 6.6. It has been classified as critical. This affects an unknown part of the file /login?service of the component 2FA. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
๐@cveNotify
A vulnerability was found in Apereo CAS 6.6. It has been classified as critical. This affects an unknown part of the file /login?service of the component 2FA. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
๐@cveNotify
Gist
Multi-Factor Authentication (MFA) Bypass via Execution Manipulation in CAS.md
GitHub Gist: instantly share code, notes, and snippets.
๐1
๐1
๐จ CVE-2024-39609
Improper Access Control in UEFI firmware for some Intel(R) Server Board M70KLP may allow a privileged user to potentially enable escalation of privilege via local access.
๐@cveNotify
Improper Access Control in UEFI firmware for some Intel(R) Server Board M70KLP may allow a privileged user to potentially enable escalation of privilege via local access.
๐@cveNotify
Intel
INTEL-SA-01175
๐จ CVE-2024-41167
Improper input validation in UEFI firmware in some Intel(R) Server Board M10JNP2SB Family may allow a privileged user to potentially enable escalation of privilege via local access.
๐@cveNotify
Improper input validation in UEFI firmware in some Intel(R) Server Board M10JNP2SB Family may allow a privileged user to potentially enable escalation of privilege via local access.
๐@cveNotify
Intel
INTEL-SA-01175
๐จ CVE-2024-11208
A vulnerability was found in Apereo CAS 6.6 and classified as problematic. Affected by this issue is some unknown functionality of the file /login?service. The manipulation leads to session expiration. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
๐@cveNotify
A vulnerability was found in Apereo CAS 6.6 and classified as problematic. Affected by this issue is some unknown functionality of the file /login?service. The manipulation leads to session expiration. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
๐@cveNotify
Gist
Session Token Does Not Expire Upon Logout.md
GitHub Gist: instantly share code, notes, and snippets.
๐จ CVE-1999-0965
Race condition in xterm allows local users to modify arbitrary files via the logging option.
๐@cveNotify
Race condition in xterm allows local users to modify arbitrary files via the logging option.
๐@cveNotify
Ibmcloud
IBM X-Force Exchange
IBM X-Force Exchange is a threat intelligence sharing platform enabling research on security threats, aggregation of intelligence, and collaboration with peers
๐จ CVE-2024-43449
Windows USB Video Class System Driver Elevation of Privilege Vulnerability
๐@cveNotify
Windows USB Video Class System Driver Elevation of Privilege Vulnerability
๐@cveNotify
๐จ CVE-2024-25170
An issue in Mezzanine v6.0.0 allows attackers to bypass access controls via manipulating the Host header.
๐@cveNotify
An issue in Mezzanine v6.0.0 allows attackers to bypass access controls via manipulating the Host header.
๐@cveNotify
GitHub
GitHub - shenhav12/CVE-2024-25170-Mezzanine-v6.0.0
Contribute to shenhav12/CVE-2024-25170-Mezzanine-v6.0.0 development by creating an account on GitHub.
๐จ CVE-2024-21058
Vulnerability in the Unified Audit component of Oracle Database Server. Supported versions that are affected are 19.3-19.22 and 21.3-21.13. Easily exploitable vulnerability allows high privileged attacker having SYSDBA privilege with network access via Oracle Net to compromise Unified Audit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Unified Audit accessible data. CVSS 3.1 Base Score 4.9 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N).
๐@cveNotify
Vulnerability in the Unified Audit component of Oracle Database Server. Supported versions that are affected are 19.3-19.22 and 21.3-21.13. Easily exploitable vulnerability allows high privileged attacker having SYSDBA privilege with network access via Oracle Net to compromise Unified Audit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Unified Audit accessible data. CVSS 3.1 Base Score 4.9 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N).
๐@cveNotify
๐จ CVE-2024-24198
smartdns commit 54b4dc was discovered to contain a misaligned address at smartdns/src/util.c.
๐@cveNotify
smartdns commit 54b4dc was discovered to contain a misaligned address at smartdns/src/util.c.
๐@cveNotify
GitHub
member access within misaligned address ยท Issue #1629 ยท pymumu/smartdns
้ฎ้ข็ฐ่ฑก ็ฎ่ฆๆ่ฟฐ้ฎ้ขๅบ็ฐ็็ฐ่ฑก smartdns/src/util.c Line 143 in 54b4dcd struct sockaddr_storage *addr_store = (struct sockaddr_storage *)addr; sockaddr_storage* need a 8-byte aligned address, but sockaddr* addr i...
๐จ CVE-2024-39884
A regression in the core of Apache HTTP Server 2.4.60 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted.
Users are recommended to upgrade to version 2.4.61, which fixes this issue.
๐@cveNotify
A regression in the core of Apache HTTP Server 2.4.60 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted.
Users are recommended to upgrade to version 2.4.61, which fixes this issue.
๐@cveNotify
๐จ CVE-2024-27532
wasm-micro-runtime (aka WebAssembly Micro Runtime or WAMR) 06df58f is vulnerable to NULL Pointer Dereference in function `block_type_get_result_types.
๐@cveNotify
wasm-micro-runtime (aka WebAssembly Micro Runtime or WAMR) 06df58f is vulnerable to NULL Pointer Dereference in function `block_type_get_result_types.
๐@cveNotify
Gist
Advisory for CVE-2024-27532
Advisory for CVE-2024-27532. GitHub Gist: instantly share code, notes, and snippets.
๐จ CVE-2024-46613
WeeChat before 4.4.2 has an integer overflow and resultant buffer overflow at core/core-string.c when there are more than two billion items in a list. This affects string_free_split_shared , string_free_split, string_free_split_command, and string_free_split_tags.
๐@cveNotify
WeeChat before 4.4.2 has an integer overflow and resultant buffer overflow at core/core-string.c when there are more than two billion items in a list. This affects string_free_split_shared , string_free_split, string_free_split_command, and string_free_split_tags.
๐@cveNotify
GitHub
Integer Overflow to Buffer Overflow vulnerability in "string_free_split" functions ยท Issue #2178 ยท weechat/weechat
Question Hi, we have detected that your project may be vulnerable to Integer Overflow to Buffer Overflow in the function of string_free_split_shared , string_free_split, string_free_split_command a...