π¨ CVE-2023-4387
A use-after-free flaw was found in vmxnet3_rq_alloc_rx_buf in drivers/net/vmxnet3/vmxnet3_drv.c in VMware's vmxnet3 ethernet NIC driver in the Linux Kernel. This issue could allow a local attacker to crash the system due to a double-free while cleaning up vmxnet3_rq_cleanup_all, which could also lead to a kernel information leak problem.
π@cveNotify
A use-after-free flaw was found in vmxnet3_rq_alloc_rx_buf in drivers/net/vmxnet3/vmxnet3_drv.c in VMware's vmxnet3 ethernet NIC driver in the Linux Kernel. This issue could allow a local attacker to crash the system due to a double-free while cleaning up vmxnet3_rq_cleanup_all, which could also lead to a kernel information leak problem.
π@cveNotify
π¨ CVE-2023-38737
IBM WebSphere Application Server Liberty 22.0.0.13 through 23.0.0.7 is vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources. IBM X-Force ID: 262567.
π@cveNotify
IBM WebSphere Application Server Liberty 22.0.0.13 through 23.0.0.7 is vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources. IBM X-Force ID: 262567.
π@cveNotify
Ibmcloud
IBM WebSphere Application Server Liberty denial of service CVE-2023-38737 Vulnerability Report
IBM X-Force Exchange is a threat intelligence sharing platform enabling research on security threats, aggregation of intelligence, and collaboration with peers
π¨ CVE-2023-34615
An issue was discovered JSONUtil thru 5.0 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies.
π@cveNotify
An issue was discovered JSONUtil thru 5.0 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies.
π@cveNotify
GitHub
Stack overflow error caused by jsonutil parsing of untrusted JSON String Β· Issue #10 Β· billdavidson/JSONUtil
Stack overflow error caused by jsonutil parsing of untrusted JSON String Description Using jsonutil to parse untrusted JSON String may be vulnerable to denial of service (DOS) attacks. If the parse...
π¨ CVE-2023-39955
Notes is a note-taking app for Nextcloud, an open-source cloud platform. Starting in version 4.4.0 and prior to version 4.8.0, when creating a note file with HTML, the content is rendered in the preview instead of the file being offered to download. Nextcloud Notes app version 4.8.0 contains a patch for the issue. No known workarounds are available.
π@cveNotify
Notes is a note-taking app for Nextcloud, an open-source cloud platform. Starting in version 4.4.0 and prior to version 4.8.0, when creating a note file with HTML, the content is rendered in the preview instead of the file being offered to download. Nextcloud Notes app version 4.8.0 contains a patch for the issue. No known workarounds are available.
π@cveNotify
HackerOne
Nextcloud disclosed on HackerOne: Notes attachments render HTML in...
Security advisory at https://github.com/nextcloud/security-advisories/security/advisories/GHSA-6g88-37x7-4vw6
π¨ CVE-2023-38633
A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files (on the local filesystem outside of the expected area), as demonstrated by href=".?../../../../../../../../../../etc/passwd" in an xi:include element.
π@cveNotify
A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files (on the local filesystem outside of the expected area), as demonstrated by href=".?../../../../../../../../../../etc/passwd" in an xi:include element.
π@cveNotify
GitLab
2.56.3 - stable Β· GNOME / librsvg Β· GitLab
This is a security release for bug
π¨ CVE-2023-32609
Improper access control in the Intel Unite(R) android application before version 4.2.3504 may allow an authenticated user to potentially enable information disclosure via local access.
π@cveNotify
Improper access control in the Intel Unite(R) android application before version 4.2.3504 may allow an authenticated user to potentially enable information disclosure via local access.
π@cveNotify
Intel
INTEL-SA-00932
π¨ CVE-2021-27523
An issue was discovered in open-falcon dashboard version 0.2.0, allows remote attackers to gain, modify, and delete sensitive information via crafted POST request to register interface.
π@cveNotify
An issue was discovered in open-falcon dashboard version 0.2.0, allows remote attackers to gain, modify, and delete sensitive information via crafted POST request to register interface.
π@cveNotify
GitHub
Report a security vulnerability in falcon dashboard to bypass register restriction through the function in register has been closedβ¦
Dear Author, Iβm testivy. I found that the latest version 0.2.0 of falcon dashboard has a bypass problem of the registeration.As the link below: http://book.open-falcon.com/en_0_2/quick_install/fro...
π¨ CVE-2021-26505
Prototype pollution vulnerability in MrSwitch hello.js version 1.18.6, allows remote attackers to execute arbitrary code via hello.utils.extend function.
π@cveNotify
Prototype pollution vulnerability in MrSwitch hello.js version 1.18.6, allows remote attackers to execute arbitrary code via hello.utils.extend function.
π@cveNotify
GitHub
Prototype Pollution in hello.js Β· Issue #634 Β· MrSwitch/hello.js
Abstract The function hello.utils.extend, defined in file hello.js, introduces a Prototype Pollution vulnerability, which could result in Cross-Site Scripting. hello.js/src/hello.js Lines 17 to 45 ...
π¨ CVE-2023-4384
A vulnerability has been found in MaximaTech Portal Executivo 21.9.1.140 and classified as problematic. This vulnerability affects unknown code of the component Cookie Handler. The manipulation leads to missing encryption of sensitive data. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-237316. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
π@cveNotify
A vulnerability has been found in MaximaTech Portal Executivo 21.9.1.140 and classified as problematic. This vulnerability affects unknown code of the component Cookie Handler. The manipulation leads to missing encryption of sensitive data. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-237316. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
π@cveNotify
Luigi PolidΓ³rio's Notion on Notion
PoC
Analyzing network traffic captured by sniffing, it was possible to find credentials that were being transmitted in clear text via cookie.
π¨ CVE-2023-4383
A vulnerability, which was classified as critical, was found in MicroWorld eScan Anti-Virus 7.0.32 on Linux. This affects an unknown part of the file runasroot. The manipulation leads to incorrect execution-assigned permissions. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-237315. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
π@cveNotify
A vulnerability, which was classified as critical, was found in MicroWorld eScan Anti-Virus 7.0.32 on Linux. This affects an unknown part of the file runasroot. The manipulation leads to incorrect execution-assigned permissions. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-237315. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
π@cveNotify
Gist
PhΓ’n tΓch lα» hα»ng priv esc trong escan 7.0.32
PhΓ’n tΓch lα» hα»ng priv esc trong escan 7.0.32. GitHub Gist: instantly share code, notes, and snippets.
π1
π¨ CVE-2023-4382
A vulnerability, which was classified as problematic, has been found in tdevs Hyip Rio 2.1. Affected by this issue is some unknown functionality of the file /user/settings of the component Profile Settings. The manipulation of the argument avatar leads to cross site scripting. The attack may be launched remotely. VDB-237314 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
π@cveNotify
A vulnerability, which was classified as problematic, has been found in tdevs Hyip Rio 2.1. Affected by this issue is some unknown functionality of the file /user/settings of the component Profile Settings. The manipulation of the argument avatar leads to cross site scripting. The attack may be launched remotely. VDB-237314 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
π@cveNotify
π¨ CVE-2023-32453
Dell BIOS contains an improper authentication vulnerability. A malicious user with physical access to the system may potentially exploit this vulnerability in order to modify a security-critical UEFI variable without knowledge of the BIOS administrator.
π@cveNotify
Dell BIOS contains an improper authentication vulnerability. A malicious user with physical access to the system may potentially exploit this vulnerability in order to modify a security-critical UEFI variable without knowledge of the BIOS administrator.
π@cveNotify
Dell
DSA-2023-190: Security Update for a Dell Client BIOS Vulnerability | Dell US
Dell Client BIOS remediation is available for an improper authentication vulnerability that could be exploited by malicious users to compromise the affected system.
π¨ CVE-2023-28075
Dell BIOS contain a Time-of-check Time-of-use vulnerability in BIOS. A local authenticated malicious user with physical access to the system could potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI in order to gain arbitrary code execution on the system.
π@cveNotify
Dell BIOS contain a Time-of-check Time-of-use vulnerability in BIOS. A local authenticated malicious user with physical access to the system could potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI in order to gain arbitrary code execution on the system.
π@cveNotify
Dell
DSA-2023-152: Security Update for a Dell Client BIOS Vulnerability | Dell US
Dell Client BIOS remediation is available for a Time-of-check Time-of-use (TOCTOU) vulnerability that may be exploited by malicious users to compromise the affected system.
π¨ CVE-2021-26504
Directory Traversal vulnerability in Foddy node-red-contrib-huemagic version 3.0.0, allows remote attackers to gain sensitive information via crafted request in res.sendFile API in hue-magic.js.
π@cveNotify
Directory Traversal vulnerability in Foddy node-red-contrib-huemagic version 3.0.0, allows remote attackers to gain sensitive information via crafted request in res.sendFile API in hue-magic.js.
π@cveNotify
GitHub
Security bug in hue-magic.js Β· Issue #217 Β· Foddy/node-red-contrib-huemagic
Describe the bug The res.sendFile API, used in file hue-magic.js, introduces a Path Traversal vulnerability. node-red-contrib-huemagic/huemagic/hue-magic.js Line 277 in 4cb9d2e res.sendFile(path.re...
π¨ CVE-2023-39952
Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 22.0.0 and prior to versions 22.2.10.13, 23.0.12.8, 24.0.12.4, 25.0.8, 26.0.3, and 27.0.1, a user can access files inside a subfolder of a groupfolder accessible to them, even if advanced permissions would block access to the subfolder. Nextcloud Server versions 25.0.8, 26.0.3, and 27.0.1 and Nextcloud Enterprise Server versions 22.2.10.13, 23.0.12.8, 24.0.12.4, 25.0.8, 26.0.3, and 27.0.1 contain a patch for this issue. No known workarounds are available.
π@cveNotify
Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 22.0.0 and prior to versions 22.2.10.13, 23.0.12.8, 24.0.12.4, 25.0.8, 26.0.3, and 27.0.1, a user can access files inside a subfolder of a groupfolder accessible to them, even if advanced permissions would block access to the subfolder. Nextcloud Server versions 25.0.8, 26.0.3, and 27.0.1 and Nextcloud Enterprise Server versions 22.2.10.13, 23.0.12.8, 24.0.12.4, 25.0.8, 26.0.3, and 27.0.1 contain a patch for this issue. No known workarounds are available.
π@cveNotify
GitHub
Advanced permissions not respected when copying entire group folders
### Impact
A user can access files inside a subfolder of a groupfolder accessible to them, even if advanced permissions would block access to the subfolder.
### Patches
It is recommended t...
A user can access files inside a subfolder of a groupfolder accessible to them, even if advanced permissions would block access to the subfolder.
### Patches
It is recommended t...
π¨ CVE-2021-25864
node-red-contrib-huemagic 3.0.0 is affected by hue/assets/..%2F Directory Traversal.in the res.sendFile API, used in file hue-magic.js, to fetch an arbitrary file.
π@cveNotify
node-red-contrib-huemagic 3.0.0 is affected by hue/assets/..%2F Directory Traversal.in the res.sendFile API, used in file hue-magic.js, to fetch an arbitrary file.
π@cveNotify
GitHub
Security bug in hue-magic.js Β· Issue #217 Β· Foddy/node-red-contrib-huemagic
Describe the bug The res.sendFile API, used in file hue-magic.js, introduces a Path Traversal vulnerability. node-red-contrib-huemagic/huemagic/hue-magic.js Line 277 in 4cb9d2e res.sendFile(path.re...
π¨ CVE-2023-4128
A use-after-free flaw was found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel. This flaw allows a local attacker to perform a local privilege escalation due to incorrect handling of the existing filter, leading to a kernel information leak issue.
π@cveNotify
A use-after-free flaw was found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel. This flaw allows a local attacker to perform a local privilege escalation due to incorrect handling of the existing filter, leading to a kernel information leak issue.
π@cveNotify
π¨ CVE-2022-29887
Cross-site Scripting (XSS) in some Intel(R) Manageability Commander software before version 2.3 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
π@cveNotify
Cross-site Scripting (XSS) in some Intel(R) Manageability Commander software before version 2.3 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
π@cveNotify
Intel
INTEL-SA-00893
π¨ CVE-2023-27392
Incorrect default permissions in the Intel(R) Support android application before version v23.02.07 may allow a privileged user to potentially enable information disclosure via local access.
π@cveNotify
Incorrect default permissions in the Intel(R) Support android application before version v23.02.07 may allow a privileged user to potentially enable information disclosure via local access.
π@cveNotify
Intel
INTEL-SA-00862
π¨ CVE-2022-44612
Use of hard-coded credentials in some Intel(R) Unison(TM) software before version 10.12 may allow an authenticated user user to potentially enable information disclosure via local access.
π@cveNotify
Use of hard-coded credentials in some Intel(R) Unison(TM) software before version 10.12 may allow an authenticated user user to potentially enable information disclosure via local access.
π@cveNotify
Intel
INTEL-SA-00897
π¨ CVE-2023-25182
Uncontrolled search path element in the Intel(R) Unite(R) Client software for Mac before version 4.2.11 may allow an authenticated user to potentially enable escalation of privilege via local access.
π@cveNotify
Uncontrolled search path element in the Intel(R) Unite(R) Client software for Mac before version 4.2.11 may allow an authenticated user to potentially enable escalation of privilege via local access.
π@cveNotify
Intel
INTEL-SA-00826