π¨ CVE-2021-28954
In Chris Walz bit before 1.0.5 on Windows, attackers can run arbitrary code via a .exe file in a crafted repository.
π@cveNotify
In Chris Walz bit before 1.0.5 on Windows, attackers can run arbitrary code via a .exe file in a crafted repository.
π@cveNotify
GitHub
Release v1.0.5 Β· chriswalz/bit
Changelog
6cb6e95 fix: bit pr now lists branches
dc4715d security: fix vulnerability on Windows where an exe in a malicious repository could run arbitrary code
6cb6e95 fix: bit pr now lists branches
dc4715d security: fix vulnerability on Windows where an exe in a malicious repository could run arbitrary code
π¨ CVE-2021-28953
The unofficial C/C++ Advanced Lint extension before 1.9.0 for Visual Studio Code allows attackers to execute arbitrary binaries if the user opens a crafted repository.
π@cveNotify
The unofficial C/C++ Advanced Lint extension before 1.9.0 for Visual Studio Code allows attackers to execute arbitrary binaries if the user opens a crafted repository.
π@cveNotify
GitHub
jbenden/vscode-c-cpp-flylint
A VS Code extension for advanced, modern, static analysis of C/C++ that supports a number of back-end analyzer programs. - jbenden/vscode-c-cpp-flylint
π¨ CVE-2021-28961
applications/luci-app-ddns/luasrc/model/cbi/ddns/detail.lua in the DDNS package for OpenWrt 19.07 allows remote authenticated users to inject arbitrary commands via POST requests.
π@cveNotify
applications/luci-app-ddns/luasrc/model/cbi/ddns/detail.lua in the DDNS package for OpenWrt 19.07 allows remote authenticated users to inject arbitrary commands via POST requests.
π@cveNotify
GitHub
luci-app-ddns: fix multiple authenticated RCEs Β· openwrt/luci@9df7ea4
The ddns detail model passes unsanitized values directly to sys.call() in
various places, which allows injecting arbitrary commands through a number
of fields.
Prevent that issue by quoting the va...
various places, which allows injecting arbitrary commands through a number
of fields.
Prevent that issue by quoting the va...
π¨ CVE-2019-12425
Apache OFBiz 17.12.01 is vulnerable to Host header injection by accepting arbitrary host
π@cveNotify
Apache OFBiz 17.12.01 is vulnerable to Host header injection by accepting arbitrary host
π@cveNotify
π¨ CVE-2020-13923
IDOR vulnerability in the order processing feature from ecommerce component of Apache OFBiz before 17.12.04
π@cveNotify
IDOR vulnerability in the order processing feature from ecommerce component of Apache OFBiz before 17.12.04
π@cveNotify
π¨ CVE-2020-9496
XML-RPC request are vulnerable to unsafe deserialization and Cross-Site Scripting issues in Apache OFBiz 17.12.03
π@cveNotify
XML-RPC request are vulnerable to unsafe deserialization and Cross-Site Scripting issues in Apache OFBiz 17.12.03
π@cveNotify
Packetstormsecurity
Apache OFBiz XML-RPC Java Deserialization β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π¨ CVE-2021-23360
This affects the package killport before 1.0.2. If (attacker-controlled) user input is given, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization. Running this PoC will cause the command touch success to be executed, leading to the creation of a file called success.
π@cveNotify
This affects the package killport before 1.0.2. If (attacker-controlled) user input is given, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization. Running this PoC will cause the command touch success to be executed, leading to the creation of a file called success.
π@cveNotify
π¨ CVE-2021-27807
A carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versions.
π@cveNotify
A carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versions.
π@cveNotify
π¨ CVE-2021-27906
A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versions.
π@cveNotify
A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versions.
π@cveNotify
π¨ CVE-2021-28957
lxml 4.6.2 allows XSS. It places the HTML action attribute into defs.link_attrs (in html/defs.py) for later use in input sanitization, but does not do the same for the HTML5 formaction attribute.
π@cveNotify
lxml 4.6.2 allows XSS. It places the HTML action attribute into defs.link_attrs (in html/defs.py) for later use in input sanitization, but does not do the same for the HTML5 formaction attribute.
π@cveNotify
π¨ CVE-2020-13963
SOPlanning before 1.47 has Incorrect Access Control because certain secret key information, and the related authentication algorithm, is public. The key for admin is hardcoded in the installation code, and there is no key for publicsp (which is a guest account).
π@cveNotify
SOPlanning before 1.47 has Incorrect Access Control because certain secret key information, and the related authentication algorithm, is public. The key for admin is hardcoded in the installation code, and there is no key for publicsp (which is a guest account).
π@cveNotify
π¨ CVE-2021-28153
An issue was discovered in GNOME GLib before 2.66.8. When g_file_replace() is used with G_FILE_CREATE_REPLACE_DESTINATION to replace a path that is a dangling symlink, it incorrectly also creates the target of the symlink as an empty file, which could conceivably have security relevance if the symlink is attacker-controlled. (If the path is a symlink to a file that already exists, then the contents of that file correctly remain unchanged.)
π@cveNotify
An issue was discovered in GNOME GLib before 2.66.8. When g_file_replace() is used with G_FILE_CREATE_REPLACE_DESTINATION to replace a path that is a dangling symlink, it incorrectly also creates the target of the symlink as an empty file, which could conceivably have security relevance if the symlink is attacker-controlled. (If the path is a symlink to a file that already exists, then the contents of that file correctly remain unchanged.)
π@cveNotify
GitLab
file-roller symlink attack (#2325) Β· Issues Β· GNOME / GLib Β· GitLab
Summary: A malicious archive may be able to overwrite arbitrary files with file-roller Steps to reproduce: 1- Download symlink.tar 2- Extract it with file-roller
π¨ CVE-2021-26701
.NET Core Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24112.
π@cveNotify
.NET Core Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24112.
π@cveNotify
π¨ CVE-2021-21772
A use-after-free vulnerability exists in the NMR::COpcPackageReader::releaseZIP() functionality of 3MF Consortium lib3mf 2.0.0. A specially crafted 3MF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
π@cveNotify
A use-after-free vulnerability exists in the NMR::COpcPackageReader::releaseZIP() functionality of 3MF Consortium lib3mf 2.0.0. A specially crafted 3MF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
π@cveNotify
π¨ CVE-2021-28543
Varnish varnish-modules before 0.17.1 allows remote attackers to cause a denial of service (daemon restart) in some configurations. This does not affect organizations that only install the Varnish Cache product; however, it is common to install both Varnish Cache and varnish-modules. Specifically, an assertion failure or NULL pointer dereference can be triggered in Varnish Cache through the varnish-modules header.append() and header.copy() functions. For some Varnish Configuration Language (VCL) files, this gives remote clients an opportunity to cause a Varnish Cache restart. A restart reduces overall availability and performance due to an increased number of cache misses, and may cause higher load on backend servers.
π@cveNotify
Varnish varnish-modules before 0.17.1 allows remote attackers to cause a denial of service (daemon restart) in some configurations. This does not affect organizations that only install the Varnish Cache product; however, it is common to install both Varnish Cache and varnish-modules. Specifically, an assertion failure or NULL pointer dereference can be triggered in Varnish Cache through the varnish-modules header.append() and header.copy() functions. For some Varnish Configuration Language (VCL) files, this gives remote clients an opportunity to cause a Varnish Cache restart. A restart reduces overall availability and performance due to an increased number of cache misses, and may cause higher load on backend servers.
π@cveNotify
π¨ CVE-2021-26070
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to evade behind-the-firewall protection of app-linked resources via a Broken Authentication vulnerability in the `makeRequest` gadget resource. The affected versions are before version 8.13.3, and from version 8.14.0 before 8.14.1.
π@cveNotify
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to evade behind-the-firewall protection of app-linked resources via a Broken Authentication vulnerability in the `makeRequest` gadget resource. The affected versions are before version 8.13.3, and from version 8.14.0 before 8.14.1.
π@cveNotify
π¨ CVE-2021-26069
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to download temporary files and enumerate project keys via an Information Disclosure vulnerability in the /rest/api/1.0/issues/{id}/ActionsAndOperations API endpoint. The affected versions are before version 8.5.11, from version 8.6.0 before 8.13.3, and from version 8.14.0 before 8.15.0.
π@cveNotify
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to download temporary files and enumerate project keys via an Information Disclosure vulnerability in the /rest/api/1.0/issues/{id}/ActionsAndOperations API endpoint. The affected versions are before version 8.5.11, from version 8.6.0 before 8.13.3, and from version 8.14.0 before 8.15.0.
π@cveNotify
π¨ CVE-2021-28955
git-bug before 0.7.2 has an Uncontrolled Search Path Element. It will execute git.bat from the current directory in certain PATH situations (most often seen on Windows).
π@cveNotify
git-bug before 0.7.2 has an Uncontrolled Search Path Element. It will execute git.bat from the current directory in certain PATH situations (most often seen on Windows).
π@cveNotify
GitHub
GitHub is where people build software. More than 83 million people use GitHub to discover, fork, and contribute to over 200 million projects.
π¨ CVE-2021-28956
** UNSUPPORTED WHEN ASSIGNED ** The unofficial vscode-sass-lint (aka Sass Lint) extension through 1.0.7 for Visual Studio Code allows attackers to execute arbitrary binaries if the user opens a crafted workspace. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
π@cveNotify
** UNSUPPORTED WHEN ASSIGNED ** The unofficial vscode-sass-lint (aka Sass Lint) extension through 1.0.7 for Visual Studio Code allows attackers to execute arbitrary binaries if the user opens a crafted workspace. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
π@cveNotify
GitHub
Comparing v1.0.6...v1.0.7 Β· glen-84/vscode-sass-lint
Sass Lint for Visual Studio Code. Contribute to glen-84/vscode-sass-lint development by creating an account on GitHub.
π¨ CVE-2021-28963
Shibboleth Service Provider before 3.2.1 allows content injection because template generation uses attacker-controlled parameters.
π@cveNotify
Shibboleth Service Provider before 3.2.1 allows content injection because template generation uses attacker-controlled parameters.
π@cveNotify
π¨ CVE-2021-21437
Agents are able to see linked Config Items without permissions, which are defined in General Catalog. This issue affects: OTRSCIsInCustomerFrontend 7.0.15 and prior versions, ITSMConfigurationManagement 7.0.24 and prior versions
π@cveNotify
Agents are able to see linked Config Items without permissions, which are defined in General Catalog. This issue affects: OTRSCIsInCustomerFrontend 7.0.15 and prior versions, ITSMConfigurationManagement 7.0.24 and prior versions
π@cveNotify
OTRS
OTRS Security Advisory 2021-07 | OTRS
March 22, 2021 β Please read carefully and check if the version of your OTRS system is affected by this vulnerability. Please send information regarding vulnerabilities in OTRS to: security@otrs.org PGP Key pub 2048R/9C227C6B 2011-03-21 uid OTRS Securityβ¦