π¨ CVE-2023-26115
All versions of the package word-wrap are vulnerable to Regular Expression Denial of Service (ReDoS) due to the usage of an insecure regular expression within the result variable.
π@cveNotify
All versions of the package word-wrap are vulnerable to Regular Expression Denial of Service (ReDoS) due to the usage of an insecure regular expression within the result variable.
π@cveNotify
Learn more about Maven with Snyk Open Source Vulnerability Database
Regular Expression Denial of Service (ReDoS) in org.webjars.npm:word-wrap | CVE-2023-26115 | Snyk
Low severity (3.7) Regular Expression Denial of Service (ReDoS) in org.webjars.npm:word-wrap | CVE-2023-26115
π¨ CVE-2023-25940
Dell PowerScale OneFS version 9.5.0.0 contains improper link resolution before file access vulnerability in isi_gather_info. A high privileged local attacker could potentially exploit this vulnerability, leading to system takeover and it breaks the compliance mode guarantees.
π@cveNotify
Dell PowerScale OneFS version 9.5.0.0 contains improper link resolution before file access vulnerability in isi_gather_info. A high privileged local attacker could potentially exploit this vulnerability, leading to system takeover and it breaks the compliance mode guarantees.
π@cveNotify
π¨ CVE-2023-32449
Dell PowerStore versions prior to 3.5 contain an improper verification of cryptographic signature vulnerability. An attacker can trick a high privileged user to install a malicious binary by bypassing the existing cryptographic signature checks
π@cveNotify
Dell PowerStore versions prior to 3.5 contain an improper verification of cryptographic signature vulnerability. An attacker can trick a high privileged user to install a malicious binary by bypassing the existing cryptographic signature checks
π@cveNotify
π¨ CVE-2023-20895
The VMware vCenter Server contains a memory corruption vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger a memory corruption vulnerability which may bypass authentication.
π@cveNotify
The VMware vCenter Server contains a memory corruption vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger a memory corruption vulnerability which may bypass authentication.
π@cveNotify
π¨ CVE-2023-26429
Control characters were not removed when exporting user feedback content. This allowed attackers to include unexpected content via user feedback and potentially break the exported data structure. We now drop all control characters that are not whitespace character during the export. No publicly available exploits are known.
π@cveNotify
Control characters were not removed when exporting user feedback content. This allowed attackers to include unexpected content via user feedback and potentially break the exported data structure. We now drop all control characters that are not whitespace character during the export. No publicly available exploits are known.
π@cveNotify
π¨ CVE-2023-26428
Attackers can successfully request arbitrary snippet IDs, including E-Mail signatures of other users within the same context. Signatures of other users could be read even though they are not explicitly shared. We improved permission handling when requesting snippets that are not explicitly shared with other users. No publicly available exploits are known.
π@cveNotify
Attackers can successfully request arbitrary snippet IDs, including E-Mail signatures of other users within the same context. Signatures of other users could be read even though they are not explicitly shared. We improved permission handling when requesting snippets that are not explicitly shared with other users. No publicly available exploits are known.
π@cveNotify
π¨ CVE-2023-26427
Default permissions for a properties file were too permissive. Local system users could read potentially sensitive information. We updated the default permissions for noreply.properties set during package installation. No publicly available exploits are known.
π@cveNotify
Default permissions for a properties file were too permissive. Local system users could read potentially sensitive information. We updated the default permissions for noreply.properties set during package installation. No publicly available exploits are known.
π@cveNotify
π¨ CVE-2023-36097
funadmin v3.3.2 and v3.3.3 are vulnerable to Insecure file upload via the plugins install.
π@cveNotify
funadmin v3.3.2 and v3.3.3 are vulnerable to Insecure file upload via the plugins install.
π@cveNotify
GitHub
Insecure file upload via plugins install in funadmin v3.3.2 - v3.3.3 Β· Issue #17 Β· funadmin/funadmin
Vulnerability Product:funadmin Vulnerability version:.3.3.2 - 3.3.3 Vulnerability type:Insecure file upload Vulnerability DetailsοΌ Vulnerability location app\backend\controller\Addon.php#localinsta...
π¨ CVE-2023-36093
There is a storage type cross site scripting (XSS) vulnerability in the filing number of the Basic Information tab on the backend management page of EyouCMS v1.6.3
π@cveNotify
There is a storage type cross site scripting (XSS) vulnerability in the filing number of the Basic Information tab on the backend management page of EyouCMS v1.6.3
π@cveNotify
GitHub
EyouCMS v1.6.3 has stored xss Β· Issue #44 Β· weng-xianhu/eyoucms
There is a storage type cross site scripting vulnerability in the filing number of the Basic Information tab on the backend management page of EyouCMS v1.6.3 poc: </desc><script>alert(1...
π¨ CVE-2021-4342
Over 70 plugins and themes were vulnerable to Cross-Site Request Forgery due to improperly implemented nonce protection that could be bypassed.
π@cveNotify
Over 70 plugins and themes were vulnerable to Cross-Site Request Forgery due to improperly implemented nonce protection that could be bypassed.
π@cveNotify
Wordfence
Various Affected Software (Various Versions) - Cross-Site Request Forgery Bypass β Wordfence Intelligence
π¨ CVE-2023-3233
A vulnerability was found in Zhong Bang CRMEB up to 4.6.0. It has been classified as critical. Affected is the function get_image_base64 of the file api/controller/v1/PublicController.php. The manipulation leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-231504. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
π@cveNotify
A vulnerability was found in Zhong Bang CRMEB up to 4.6.0. It has been classified as critical. Affected is the function get_image_base64 of the file api/controller/v1/PublicController.php. The manipulation leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-231504. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
π@cveNotify
Vuldb
CVE-2023-3233: Zhong Bang CRMEB PublicController.php get_image_base64 server-side request forgery
A vulnerability was found in Zhong Bang CRMEB up to 4.6.0. It has been classified as critical. This vulnerability is traded as CVE-2023-3233.
π¨ CVE-2023-2569
A CWE-787: Out-of-Bounds Write vulnerability exists that could cause local denial-of-service,
elevation of privilege, and potentially kernel execution when a malicious actor with local user
access crafts a script/program using an IOCTL call in the Foxboro.sys driver.
π@cveNotify
A CWE-787: Out-of-Bounds Write vulnerability exists that could cause local denial-of-service,
elevation of privilege, and potentially kernel execution when a malicious actor with local user
access crafts a script/program using an IOCTL call in the Foxboro.sys driver.
π@cveNotify
π¨ CVE-2023-31975
yasm v1.3.0 was discovered to contain a memory leak via the function yasm_intnum_copy at /libyasm/intnum.c.
π@cveNotify
yasm v1.3.0 was discovered to contain a memory leak via the function yasm_intnum_copy at /libyasm/intnum.c.
π@cveNotify
GitHub
yasm memory leak Β· Issue #210 Β· yasm/yasm
I found a memory leak bug in yasm. Please confirm. Thanks! Test Environment Ubuntu 20.04, 64 bit yasm (version: v1.3.0 ;master) How to trigger Compile the program with AddressSanitizer Run command ...
π¨ CVE-2021-25322
A UNIX Symbolic Link (Symlink) Following vulnerability in python-HyperKitty of openSUSE Leap 15.2, Factory allows local attackers to escalate privileges from the user hyperkitty or hyperkitty-admin to root. This issue affects: openSUSE Leap 15.2 python-HyperKitty version 1.3.2-lp152.2.3.1 and prior versions. openSUSE Factory python-HyperKitty versions prior to 1.3.4-5.1.
π@cveNotify
A UNIX Symbolic Link (Symlink) Following vulnerability in python-HyperKitty of openSUSE Leap 15.2, Factory allows local attackers to escalate privileges from the user hyperkitty or hyperkitty-admin to root. This issue affects: openSUSE Leap 15.2 python-HyperKitty version 1.3.2-lp152.2.3.1 and prior versions. openSUSE Factory python-HyperKitty versions prior to 1.3.4-5.1.
π@cveNotify
π¨ CVE-2022-31251
A Incorrect Default Permissions vulnerability in the packaging of the slurm testsuite of openSUSE Factory allows local attackers with control over the slurm user to escalate to root. This issue affects: openSUSE Factory slurm versions prior to 22.05.2-3.3.
π@cveNotify
A Incorrect Default Permissions vulnerability in the packaging of the slurm testsuite of openSUSE Factory allows local attackers with control over the slurm user to escalate to root. This issue affects: openSUSE Factory slurm versions prior to 22.05.2-3.3.
π@cveNotify
π¨ CVE-2021-25321
A UNIX Symbolic Link (Symlink) Following vulnerability in arpwatch of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4.0, SUSE OpenStack Cloud Crowbar 9; openSUSE Factory, Leap 15.2 allows local attackers with control of the runtime user to run arpwatch as to escalate to root upon the next restart of arpwatch. This issue affects: SUSE Linux Enterprise Server 11-SP4-LTSS arpwatch versions prior to 2.1a15. SUSE Manager Server 4.0 arpwatch versions prior to 2.1a15. SUSE OpenStack Cloud Crowbar 9 arpwatch versions prior to 2.1a15. openSUSE Factory arpwatch version 2.1a15-169.5 and prior versions. openSUSE Leap 15.2 arpwatch version 2.1a15-lp152.5.5 and prior versions.
π@cveNotify
A UNIX Symbolic Link (Symlink) Following vulnerability in arpwatch of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4.0, SUSE OpenStack Cloud Crowbar 9; openSUSE Factory, Leap 15.2 allows local attackers with control of the runtime user to run arpwatch as to escalate to root upon the next restart of arpwatch. This issue affects: SUSE Linux Enterprise Server 11-SP4-LTSS arpwatch versions prior to 2.1a15. SUSE Manager Server 4.0 arpwatch versions prior to 2.1a15. SUSE OpenStack Cloud Crowbar 9 arpwatch versions prior to 2.1a15. openSUSE Factory arpwatch version 2.1a15-169.5 and prior versions. openSUSE Leap 15.2 arpwatch version 2.1a15-lp152.5.5 and prior versions.
π@cveNotify
π¨ CVE-2023-31541
A unrestricted file upload vulnerability was discovered in the βBrowse and upload imagesβ feature of the CKEditor v1.2.3 plugin for Redmine, which allows arbitrary files to be uploaded to the server.
π@cveNotify
A unrestricted file upload vulnerability was discovered in the βBrowse and upload imagesβ feature of the CKEditor v1.2.3 plugin for Redmine, which allows arbitrary files to be uploaded to the server.
π@cveNotify
π¨ CVE-2023-36243
FLVMeta v1.2.1 was discovered to contain a buffer overflow via the xml_on_metadata_tag_only function at dump_xml.c.
π@cveNotify
FLVMeta v1.2.1 was discovered to contain a buffer overflow via the xml_on_metadata_tag_only function at dump_xml.c.
π@cveNotify
GitHub
Memory allocation failure in xml_on_metadata_tag_only() at dump_xml.c:271 Β· Issue #19 Β· noirotm/flvmeta
Memory allocation failure in xml_on_metadata_tag_only() at dump_xml.c:271 Memory allocation failure in the flvmeta at function xml_on_metadata_tag_only in dump_xml.c:271. Environment Ubuntu 18.04, ...
π¨ CVE-2023-36239
libming listswf 0.4.7 was discovered to contain a buffer overflow in the parseSWF_DEFINEFONTINFO() function at parser.c.
π@cveNotify
libming listswf 0.4.7 was discovered to contain a buffer overflow in the parseSWF_DEFINEFONTINFO() function at parser.c.
π@cveNotify
GitHub
Allocation size overflow in parseSWF_DEFINEFONTINFO() at parser.c:1948 Β· Issue #273 Β· libming/libming
Allocation size overflow in parseSWF_DEFINEFONTINFO() at parser.c:1948 Allocation size overflow in the listswf at function parseSWF_DEFINEFONTINFO in parser.c:1948. Environment Ubuntu 18.04, 64 bit...
π¨ CVE-2023-34923
XML Signature Wrapping (XSW) in SAML-based Single Sign-on feature in TOPdesk v12.10.12 allows bad actors with credentials to authenticate with the Identity Provider (IP) to impersonate any TOPdesk user via SAML Response manipulation.
π@cveNotify
XML Signature Wrapping (XSW) in SAML-based Single Sign-on feature in TOPdesk v12.10.12 allows bad actors with credentials to authenticate with the Identity Provider (IP) to impersonate any TOPdesk user via SAML Response manipulation.
π@cveNotify
Char49
TOPdesk vulnerable to XML Signature Wrapping Attacks | Char49
TOPdesk Single Signon integration based on SAML (Security Assertion Markup Language) was vulnerable to XML Signature Wrapping (XSW) attacks, allowing bad actors with credentials to authenticate with the Identity Provider (IdP) to impersonate any TOPdesk userβ¦