| Vulnerability ID | Description |
|---|---|
| ghsa-wjxw-8mxq-42mg (github) | The Salient Core plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.0.7 via the 'nectar_icon' shortcode 'icon_linea' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where php file type can be uploaded and included. |
| ghsa-fgmj-hpfp-f2jf (github) | The Salient Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'icon' shortcode in all versions up to, and including, 1.5.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. |
| ghsa-f4fp-m7qr-xp52 (github) | The Salient Shortcodes plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.5.3 via the 'icon' shortcode 'image' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where php file type can be uploaded and included. |
| ghsa-c7gm-g64m-839f (github) | The WordPress Automatic Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘autoplay’ parameter in all versions up to, and including, 3.94.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. |
| ghsa-9m45-35mq-gcp6 (github) | The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘tagName’ parameter in versions up to, and including, 4.5.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. |
| ghsa-5mrp-5g6h-8p37 (github) | The DethemeKit For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 2.1.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. |
| ghsa-2qwv-78pj-mrp7 (github) | The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'give_form' shortcode when used with a legacy form in all versions up to, and including, 3.10.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. |
| ghsa-rx9j-rfmx-2gc3 (github) | The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘_id’ parameter in all versions up to, and including, 3.10.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. |
| ghsa-ppfw-543c-9q84 (github) | Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR-600 router (rev. Bx) with firmware before 2.17b02 allow remote attackers to hijack the authentication of administrators for requests that (1) create an administrator account or (2) enable remote management via a crafted configuration module to hedwig.cgi, (3) activate new configuration settings via a SETCFG,SAVE,ACTIVATE action to pigwidgeon.cgi, or (4) send a ping via a ping action to diagnostic.php. |
| ghsa-95fh-63xw-wfh3 (github) | An informtion disclosure issue exists in D-LINK-DIR-605 B2 Firmware Version : 2.01MT. An attacker can obtain a user name and password by forging a post request to the / getcfg.php page |
| ghsa-jw9q-cpgg-x45m (github) | Cross-Site Request Forgery (CSRF) on Session Token vulnerability that could potentially lead to Remote Code Execution (RCE). |
| ghsa-c96h-cxx6-rmg9 (github) | In Tor Arti before 1.2.3, circuits sometimes incorrectly have a length of 3 (with full vanguards), aka TROVE-2024-004. |
| ghsa-9328-gcfq-p269 (github) | In Tor Arti before 1.2.3, STUB circuits incorrectly have a length of 2 (with lite vanguards), aka TROVE-2024-003. |
| ghsa-7ggm-4rjg-594w (github) | A remote code execution (RCE) vulnerability exists in the berriai/litellm project due to improper control of the generation of code when using the `eval` function unsafely in the `litellm.get_secret()` method. Specifically, when the server utilizes Google KMS, untrusted data is passed to the `eval` function without any sanitization. Attackers can exploit this vulnerability by injecting malicious values into environment variables through the `/config/update` endpoint, which allows for the update of settings in `proxy_server_config.yaml`. |
| ghsa-6q9q-x3xj-g3m7 (github) | An attacker could potentially intercept credentials via the task manager and perform unauthorized access to the Client Deploy Tool on Windows systems. |
| ghsa-64vh-gcrh-6whf (github) | SSL/TLS Renegotiation functionality potentially leading to DoS attack vulnerability. |
| ghsa-m82c-2r7m-qgcj (github) | In the Linux kernel through 6.7.2, an untrusted hypervisor can inject virtual interrupts 0 and 14 at any point in time and can trigger the SIGFPE signal handler in userspace applications. This affects AMD SEV-SNP and AMD SEV-ES. |
| ghsa-3fmq-x9q6-wm39 (github) | random_compat versions prior to 2.0 are affected by a security vulnerability related to the insecure usage of Cryptographically Secure Pseudo-Random Number Generators (CSPRNG). The affected versions use openssl_random_pseudo_bytes(), which may result in insufficient entropy and compromise the security of generated random numbers. |
| ghsa-g48f-pgwh-wwxx (github) | Vulnerability in onelogin/php-saml versions prior to 2.10.0 allows signature Wrapping attacks which may result in a malicious user gaining unauthorized access to a system. |
| ghsa-9wrw-p9rm-r782 (github) | In order to verify Signatures on Logoutrequests and LogoutResponses we use the verifySignature of the class XMLSecurityKey from the xmlseclibs library. That method end up calling openssl_verify() depending on the signature algorithm used. The openssl_verify() function returns 1 when the signature was successfully verified, 0 if it failed to verify with the given key, and -1 in case an error occurs. PHP allows translating numerical values to boolean implicitly, with the following correspondences: - 0 equals false. - Non-zero equals true. This means that an implicit conversion to boolean of the values returned by openssl_verify() will convert an error state, signaled by the value -1, to a successful verification of the signature (represented by the boolean true). The LogoutRequest/LogoutResponse signature validator was performing an implicit conversion to boolean of the values returned by the verify() method, which subsequently will return the same output as openssl_verify() under most circumstances. This means an error during signature verification is treated as a successful verification by the method. Since the signature validation of SAMLResponses were not affected, the impact of this security vulnerability is lower, but an update of the php-saml toolkit is recommended. |
| ghsa-r2r8-36pq-27cm (github) | Versions of nzo/url-encryptor-bundle prior to 5.0.1 and 4.3.2 are affected by a security vulnerability related to the lack of mandatory key and IV requirements. By default, the bundle uses the aes-256-ctr algorithm, which is susceptible to malleability attacks, potentially leading to Insecure Direct Object Reference (IDOR) vulnerabilities. Additionally, the reuse of keys enables users to decrypt and modify encrypted data if they can guess the plaintext of one ciphertext. |
| ghsa-rq6q-hjvh-5mwh (github) | A remote code execution vulnerability has been found in the Swift Mailer library (swiftmailer/swiftmailer) recently. [See this advisory for details](http://legalhackers.com/advisories/SwiftMailer-Exploit-Remote-Code-Exec-CVE-2016-10074-Vuln.html). If you are not using the default mail() transport, this particular problem does not affect you. Upgrading is of course still recommended! |
| ghsa-6cj3-rc4p-f38f (github) | It has been discovered that Neos is vulnerable to several XSS attacks. Through these vulnerabilities, an attacker could tamper with page rendering, redirect victims to a fake login page, or capture user credentials (such as cookies). With the potential backdoor upload an attacker could gain access to the server itself, to an extent mainly limited by the server setup. ### Reflected Cross-Site Scripting (SXSS) with authentication A Neos backend user with permission to modify content can insert JavaScript instructions into content elements. The browser will execute the script in "Print" preview mode. A Neos backend user who can modify his profile information ("Title", "First Name", "Last name", "Middle Name", "Other Name") can inject JavaScript instructions in those parameters. Once set up, an administrator who wants to edit this user account will execute the code. Both attack vectors require a valid Neos backend user account. ### Reflected Cross-Site Scripting (RXSS) without authentication A non-persistent XSS using parameters passed during plugin execution is possible. If invalid parameters are passed, an error message may be shown (depending on the context Neos runs in and how the parameters are handled) that contains the unescaped parameter value. Note: Through the HTML content type the inclusion of arbitrary JavaScript is still possible for users with a valid Neos backend account. If you want to prohibit that, disable the nodetype or restrict access. ### Potential backdoor upload Through an issue with the underlying Flow framework (see the related Flow advisory Flow-SA-2015-001) any editor with access to the Media Management module can upload server side script files (when using Neos 2.0.x). If those scripts are executed by the server when accessed through their public URL, anything not blocked through other means is possible (information disclosure, placement of backdoors, data removal, …). |
| ghsa-43cf-7f3h-38rg (github) | It has been discovered that TYPO3 Neos is vulnerable to Privilege Escalation. Logged in editors could access, create and modify content nodes that exist in the workspace of other editors. |
| ghsa-6pq8-67pw-j6hw (github) | The PersistedUsernamePasswordProvider was prone to a information disclosure of account existance based on timing attacks as the hashing of passwords was only done in case an account was found. We changed the core so that the provider always does a password comparison in case credentials were submitted at all. |
| ghsa-3c5g-73f7-grvm (github) | Due to reports it has been validated that internal workspaces in Neos are accessible without authentication. Some users assumed this is a planned feature but it is not. A workspace preview should be an additional feature with respective security measures in place. Note that this only allows reading of internal workspaces not writing. And for clarification, an internal workspace is a workspace that is non public and doesn't have an owner. Given that an internal workspace exists in your installation, it is possible to view a page in context of that workspace by opening a link in this format: https://domain/path/to/page.html@workspace-name The issue is quite problematic when exploited but at the same time slightly less impactful than it sounds. First of all there is no default internal workspace, so the issue affects only workspaces created by users. That also means the workspace-name, which will also always include a hash is individual to a project and an exploiter must get hold of the workspace-name including the hash. This is non trivial as there is no indication of the existence of it, but obviously brute force and educated guessed can be made. |
| ghsa-9cw3-j7wg-jwj8 (github) | If you had used entity security and wanted to secure entities not just based on the user's role, but on some property of the user (like the company he belongs to), entity security did not work properly together with the doctrine query cache. This could lead to other users re-using SQL queries from the cache which were built for other users; and thus users could see entities which were not destined for them. ### Am I affected? - Do you use Entity Security? if no, you are not affected. - You disabled the Doctrine Cache (Flow_Persistence_Doctrine)? If this is the case, you are not affected. - You use Entity Security in custom Flow or Neos applications. Read on. - If you only used Entity Security based on roles (i.e. role A was allowed to see entities, but role B was denied): In this case, you are not affected. - If you did more advanced stuff using Entity Security (like checking that a customer only sees his own orders; or a hotel only sees its own bookings), you very likely needed to register a custom global object in Neos.Flow.aop.globalObjects. In this case, you are affected by the issue; and need to implement the CacheAwareInterface in your global object for proper caching. All Flow versions (starting in version 3.0, where Entity Security was introduced) were affected. |
| ghsa-5vv7-j593-mgjc (github) | It has been discovered that Flow 3.0.0 allows arbitrary file uploads, inlcuding server-side scripts, posing the risk of attacks. If those scripts are executed by the server when accessed through their public URL, anything not blocked through other means is possible (information disclosure, placement of backdoors, data removal, …). Note: The upload of files is only possible if the application built on Flow provides means to do so, and whether or not the upload of files poses a risk is dependent on the system setup. If uploaded script files are not executed by the server, there is no risk. In versions prior to 3.0.0 the upload of files with the extension php was blocked. In Flow 2.3.0 to 2.3.6 a potential XML External Entity processing vulnerability has been discovered in the MediaTypeConverter. |
| ghsa-7h74-7vcw-4mwp (github) | Due to a missing signature (HMAC) for a request argument, an attacker could unserialize arbitrary objects within FLOW3. To our knowledge it is neither possible to inject code through this vulnerability, nor are there exploitable objects within the FLOW3 Base Distribution. However, there might be exploitable objects within user applications. |
| ghsa-4rr6-gf59-ggw5 (github) | Several widely-used JSON Web Token (JWT) libraries, including node-jsonwebtoken, pyjwt, namshi/jose, php-jwt, and jsjwt, are affected by critical vulnerabilities that could allow attackers to bypass the verification step when using asymmetric keys (RS256, RS384, RS512, ES256, ES384, ES512). |
| Vulnerability ID | CVSS Base Score | Description | Vendor | Product | Publish Date | Last Update Date |
|---|---|---|---|---|---|---|
| cve-2024-3812 (NVD) | Salient Core <= 2.0.7 - Authenticated (Contributor+) Local File Inclusion via Shortcode | ThemeNectar | Salient Core | 2024-05-18T05:40:03.418Z | 2024-05-18T05:40:03.418Z | |
| cve-2024-3811 (NVD) | Salient Shortcodes <= 1.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | ThemeNectar | Salient Shortcodes | 2024-05-18T05:40:02.452Z | 2024-05-18T05:40:02.452Z | |
| cve-2024-3810 (NVD) | Salient Shortcodes <= 1.5.3 - Authenticated (Contributor+) Local File Inclusion via Shortcode | ThemeNectar | Salient Shortcodes | 2024-05-18T05:40:02.930Z | 2024-05-18T05:40:02.930Z | |
| cve-2024-4849 (NVD) | WordPress Automatic <= 3.94.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via autoplay Parameter | ValvePress | WordPress Automatic Plugin | 2024-05-18T05:40:01.841Z | 2024-05-18T05:40:01.841Z | |
| cve-2024-3437 (NVD) | SourceCodester Prison Management System Avatar add-admin.php unrestricted upload | SourceCodester | Prison Management System | 2024-04-08T00:00:05.558Z | 2024-05-18T04:52:43.552Z | |
| cve-2024-4891 (NVD) | Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates <= 4.5.12 - Authenticated (Contributor+) Stored Cross-Site Scripting | wpdevteam | Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates | 2024-05-18T04:30:53.061Z | 2024-05-18T04:30:53.061Z | |
| cve-2024-3714 (NVD) | GiveWP – Donation Plugin and Fundraising Platform <= 3.10.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | webdevmattcrom | GiveWP – Donation Plugin and Fundraising Platform | 2024-05-18T04:30:52.568Z | 2024-05-18T04:30:52.568Z | |
| cve-2024-4374 (NVD) | DethemeKit For Elementor <= 2.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets | detheme | DethemeKit For Elementor | 2024-05-18T04:30:51.945Z | 2024-05-18T04:30:51.945Z | |
| cve-2024-4865 (NVD) | Happy Addons for Elementor <= 3.10.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via _id Parameter | thehappymonster | Happy Addons for Elementor | 2024-05-18T03:06:58.279Z | 2024-05-18T03:06:58.279Z | |
| cve-2024-4264 (NVD) | Remote Code Execution in berriai/litellm | berriai | berriai/litellm | 2024-05-18T00:00:15.222Z | 2024-05-18T00:00:15.222Z | |
| cve-2024-23556 (NVD) | CVSS-v3.1: 5.9 | HCL BigFix Platform is impacted by a failure to restrict SSL/TLS renegotiation | HCL Software | BigFix Platform | 2024-05-17T23:40:50.064Z | 2024-05-17T23:40:50.064Z |
| cve-2024-23554 (NVD) | CVSS-v3.1: 5.7 | HCL BigFix Platform is susceptible to Cross-Site Request Forgery | HCL Software | BigFix Platform | 2024-05-17T23:31:39.585Z | 2024-05-17T23:31:39.585Z |
| cve-2024-23583 (NVD) | CVSS-v3.1: 6.7 | HCL BigFix Platform is susceptible to insufficiently protected credentials | HCL Software | BigFix Platform | 2024-05-17T23:06:36.167Z | 2024-05-17T23:06:36.167Z |
| cve-2024-35313 (NVD) | N/A | In Tor Arti before 1.2.3, circuits sometimes incorrectly have a length of 3 (with full vanguards), aka TROVE-2024-004. | n/a | n/a | 2024-05-17T21:29:58.431492 | |
| cve-2024-35312 (NVD) | N/A | In Tor Arti before 1.2.3, STUB circuits incorrectly have a length of 2 (with lite vanguards), aka TROVE-2024-003. | n/a | n/a | 2024-05-17T21:29:25.840283 | |
| cve-2024-25742 (NVD) | N/A | In the Linux kernel before 6.9, an untrusted hypervisor can inject virtual interrupt 29 (#VC) at any point in time and can trigger its handler. This affects AMD SEV-SNP and AMD SEV-ES. | n/a | n/a | 2024-05-17T21:19:48.853193 | |
| cve-2024-25743 (NVD) | N/A | In the Linux kernel through 6.9, an untrusted hypervisor can inject virtual interrupts 0 and 14 at any point in time and can trigger the SIGFPE signal handler in userspace applications. This affects AMD SEV-SNP and AMD SEV-ES. | n/a | n/a | 2024-05-17T21:13:28.367115 | |
| cve-2024-5069 (NVD) | SourceCodester Simple Online Mens Salon Management System view_service.php sql injection | SourceCodester | Simple Online Mens Salon Management System | 2024-05-17T21:00:05.326Z | 2024-05-17T21:00:05.326Z | |
| cve-2023-52424 (NVD) | N/A | The IEEE 802.11 standard sometimes enables an adversary to trick a victim into connecting to an unintended or untrusted network with Home WEP, Home WPA3 SAE-loop. Enterprise 802.1X/EAP, Mesh AMPE, or FILS, aka an "SSID Confusion" issue. This occurs because the SSID is not always used to derive the pairwise master key or session keys, and because there is not a protected exchange of an SSID during a 4-way handshake. | n/a | n/a | 2024-05-17T20:28:13.377007 | |
| cve-2022-40824 (NVD) | N/A | B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_where() function. Note: Multiple third parties have disputed this as not a valid vulnerability. | n/a | n/a | 2022-10-07T00:00:00 | 2024-05-17T20:27:08.768964 |
| cve-2022-40825 (NVD) | N/A | B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php where_in() function. Note: Multiple third parties have disputed this as not a valid vulnerability. | n/a | n/a | 2022-10-07T00:00:00 | 2024-05-17T20:26:23.088093 |
| cve-2022-40826 (NVD) | N/A | B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_having() function. Note: Multiple third parties have disputed this as not a valid vulnerability. | n/a | n/a | 2022-10-07T00:00:00 | 2024-05-17T20:24:56.912617 |
| cve-2022-40827 (NVD) | N/A | B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php where() function. Note: Multiple third parties have disputed this as not a valid vulnerability. | n/a | n/a | 2022-10-07T00:00:00 | 2024-05-17T20:24:10.545630 |
| cve-2022-40828 (NVD) | N/A | B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_where_not_in() function. Note: Multiple third parties have disputed this as not a valid vulnerability. | n/a | n/a | 2022-10-07T00:00:00 | 2024-05-17T20:23:38.365503 |
| cve-2022-40829 (NVD) | N/A | B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_like() function. Note: Multiple third parties have disputed this as not a valid vulnerability. | n/a | n/a | 2022-10-07T00:00:00 | 2024-05-17T20:23:02.430243 |
| cve-2022-40830 (NVD) | N/A | B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php where_not_in() function. Note: Multiple third parties have disputed this as not a valid vulnerability. | n/a | n/a | 2022-10-07T00:00:00 | 2024-05-17T20:22:22.788198 |
| cve-2022-40831 (NVD) | N/A | B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php like() function. Note: Multiple third parties have disputed this as not a valid vulnerability. | n/a | n/a | 2022-10-07T00:00:00 | 2024-05-17T20:21:43.519185 |
| cve-2022-40832 (NVD) | N/A | B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php having() function. Note: Multiple third parties have disputed this as not a valid vulnerability. | n/a | n/a | 2022-10-07T00:00:00 | 2024-05-17T20:20:57.690522 |
| cve-2022-40833 (NVD) | N/A | B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_where_in() function. Note: Multiple third parties have disputed this as not a valid vulnerability. | n/a | n/a | 2022-10-07T00:00:00 | 2024-05-17T20:20:01.424878 |
| cve-2022-40834 (NVD) | N/A | B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_not_like() function. Note: Multiple third parties have disputed this as not a valid vulnerability. | n/a | n/a | 2022-10-07T00:00:00 | 2024-05-17T20:19:16.755787 |
| Vulnerability ID | Description |
|---|---|
| pysec-2023-194 | langchain_experimental 0.0.14 allows an attacker to bypass the CVE-2023-36258 fix and execute arbitrary code via the PALChain in the python exec method. |
| pysec-2024-51 | A broken access control vulnerability exists in mlflow/mlflow versions before 2.10.1, where low privilege users with only EDIT permissions on an experiment can delete any artifacts. This issue arises due to the lack of proper validation for DELETE requests by users with EDIT permissions, allowing them to perform unauthorized deletions of artifacts. The vulnerability specifically affects the handling of artifact deletions within the application, as demonstrated by the ability of a low privilege user to delete a directory inside an artifact using a DELETE request, despite the official documentation stating that users with EDIT permission can only read and update artifacts, not delete them. |
| pysec-2023-243 | Missing SSL certificate validation in localstack v2.3.2 allows attackers to eavesdrop on communications between the host and server via a man-in-the-middle attack. |
| pysec-2024-50 | Synapse is an open-source Matrix homeserver. A remote Matrix user with malicious intent, sharing a room with Synapse instances before 1.105.1, can dispatch specially crafted events to exploit a weakness in the V2 state resolution algorithm. This can induce high CPU consumption and accumulate excessive data in the database of such instances, resulting in a denial of service. Servers in private federations, or those that do not federate, are not affected. Server administrators should upgrade to 1.105.1 or later. Some workarounds are available. One can ban the malicious users or ACL block servers from the rooms and/or leave the room and purge the room using the admin API. |
| pysec-2023-260 | A reflected Cross-Site Scripting (XSS) vulnerability exists in the mlflow/mlflow repository, specifically within the handling of the Content-Type header in POST requests. An attacker can inject malicious JavaScript code into the Content-Type header, which is then improperly reflected back to the user without adequate sanitization or escaping, leading to arbitrary JavaScript execution in the context of the victim's browser. The vulnerability is present in the mlflow/server/auth/__init__.py file, where the user-supplied Content-Type header is directly injected into a Python formatted string and returned to the user, facilitating the XSS attack. |
| pysec-2024-49 | Lektor before 3.3.11 does not sanitize DB path traversal. Thus, shell commands might be executed via a file that is added to the templates directory, if the victim's web browser accesses an untrusted website that uses JavaScript to send requests to localhost port 5000, and the web browser is running on the same machine as the "lektor server" command. |
| pysec-2024-48 | Versions of the package black before 24.3.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the lines_with_leading_tabs_expanded function in the strings.py file. An attacker could exploit this vulnerability by crafting a malicious input that causes a denial of service. Exploiting this vulnerability is possible when running Black on untrusted input, or if you habitually put thousands of leading tab characters in your docstrings. |
| pysec-2024-47 | In Django 3.2 before 3.2.25, 4.2 before 4.2.11, and 5.0 before 5.0.3, the django.utils.text.Truncator.words() method (with html=True) and the truncatewords_html template filter are subject to a potential regular expression denial-of-service attack via a crafted string. NOTE: this issue exists because of an incomplete fix for CVE-2019-14232 and CVE-2023-43665. |
| pysec-2024-46 | Apache Airflow, versions 2.8.0 through 2.8.2, has a vulnerability that allows an authenticated user with limited permissions to access resources such as variables, connections, etc from the UI which they do not have permission to access. Users of Apache Airflow are recommended to upgrade to version 2.8.3 or newer to mitigate the risk associated with this vulnerability |
| pysec-2024-45 | LangChain through 0.1.10 allows ../ directory traversal by an actor who is able to control the final part of the path parameter in a load_chain call. This bypasses the intended behavior of loading configurations only from the hwchase17/langchain-hub GitHub repository. The outcome can be disclosure of an API key for a large language model online service, or remote code execution. (A patch is available as of release 0.1.29 of langchain-core.) |
| pysec-2024-44 | In RPyC before 6.0.0, when a server exposes a method that calls the attribute named __array__ for a client-provided netref (e.g., np.array(client_netref)), a remote attacker can craft a class that results in remote code execution. |
| pysec-2024-43 | LangChain through 0.1.10 allows ../ directory traversal by an actor who is able to control the final part of the path parameter in a load_chain call. This bypasses the intended behavior of loading configurations only from the hwchase17/langchain-hub GitHub repository. The outcome can be disclosure of an API key for a large language model online service, or remote code execution. |
| pysec-2024-42 | Apache Airflow, versions before 2.8.2, has a vulnerability that allows authenticated Ops and Viewers users to view all information on audit logs, including dag names and usernames they were not permitted to view. With 2.8.2 and newer, Ops and Viewer users do not have audit log permission by default, they need to be explicitly granted permissions to see the logs. Only admin users have audit log permission by default. Users of Apache Airflow are recommended to upgrade to version 2.8.2 or newer to mitigate the risk associated with this vulnerability |
| pysec-2023-259 | A vulnerability, which was classified as critical, has been found in MicroPython 1.21.0/1.22.0-preview. Affected by this issue is the function poll_set_add_fd of the file extmod/modselect.c. The manipulation leads to use after free. The exploit has been disclosed to the public and may be used. The patch is identified as 8b24aa36ba978eafc6114b6798b47b7bfecdca26. It is recommended to apply a patch to fix this issue. VDB-249158 is the identifier assigned to this vulnerability. |
| pysec-2023-258 | A vulnerability, which was classified as critical, has been found in MicroPython 1.21.0/1.22.0-preview. Affected by this issue is the function poll_set_add_fd of the file extmod/modselect.c. The manipulation leads to use after free. The exploit has been disclosed to the public and may be used. The patch is identified as 8b24aa36ba978eafc6114b6798b47b7bfecdca26. It is recommended to apply a patch to fix this issue. VDB-249158 is the identifier assigned to this vulnerability. |
| pysec-2023-257 | A vulnerability, which was classified as critical, has been found in MicroPython 1.21.0/1.22.0-preview. Affected by this issue is the function poll_set_add_fd of the file extmod/modselect.c. The manipulation leads to use after free. The exploit has been disclosed to the public and may be used. The patch is identified as 8b24aa36ba978eafc6114b6798b47b7bfecdca26. It is recommended to apply a patch to fix this issue. VDB-249158 is the identifier assigned to this vulnerability. |
| pysec-2023-256 | A vulnerability, which was classified as critical, has been found in MicroPython 1.21.0/1.22.0-preview. Affected by this issue is the function poll_set_add_fd of the file extmod/modselect.c. The manipulation leads to use after free. The exploit has been disclosed to the public and may be used. The patch is identified as 8b24aa36ba978eafc6114b6798b47b7bfecdca26. It is recommended to apply a patch to fix this issue. VDB-249158 is the identifier assigned to this vulnerability. |
| pysec-2023-255 | Command Injection in GitHub repository gradio-app/gradio prior to main. |
| pysec-2024-41 | diffoscope before 256 allows directory traversal via an embedded filename in a GPG file. Contents of any file, such as ../.ssh/id_rsa, may be disclosed to an attacker. This occurs because the value of the gpg --use-embedded-filenames option is trusted. |
| pysec-2024-40 | orjson.loads in orjson before 3.9.15 does not limit recursion for deeply nested JSON documents. |
| pysec-2024-39 | Versions of the package fastecdsa before 2.3.2 are vulnerable to Use of Uninitialized Variable on the stack, via the curvemath_mul function in src/curveMath.c, due to being used and interpreted as user-defined type. Depending on the variable's actual value it could be arbitrary free(), arbitrary realloc(), null pointer dereference and other. Since the stack can be controlled by the attacker, the vulnerability could be used to corrupt allocator structure, leading to possible heap exploitation. The attacker could cause denial of service by exploiting this vulnerability. |
| pysec-2023-254 | cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Calling `load_pem_pkcs7_certificates` or `load_der_pkcs7_certificates` could lead to a NULL-pointer dereference and segfault. Exploitation of this vulnerability poses a serious risk of Denial of Service (DoS) for any application attempting to deserialize a PKCS7 blob/certificate. The consequences extend to potential disruptions in system availability and stability. This vulnerability has been patched in version 41.0.6. |
| pysec-2024-38 | FastAPI is a web framework for building APIs with Python 3.8+ based on standard Python type hints. When using form data, `python-multipart` uses a Regular Expression to parse the HTTP `Content-Type` header, including options. An attacker could send a custom-made `Content-Type` option that is very difficult for the RegEx to process, consuming CPU resources and stalling indefinitely (minutes or more) while holding the main event loop. This means that process can't handle any more requests. It's a ReDoS(Regular expression Denial of Service), it only applies to those reading form data, using `python-multipart`. This vulnerability has been patched in version 0.109.1. |
| pysec-2024-37 | nonebot2 is a cross-platform Python asynchronous chatbot framework written in Python. This security advisory pertains to a potential information leak (e.g., environment variables) in instances where developers utilize `MessageTemplate` and incorporate user-provided data into templates. The identified vulnerability has been remedied in pull request #2509 and will be included in versions released from 2.2.0. Users are strongly advised to upgrade to these patched versions to safeguard against the vulnerability. A temporary workaround involves filtering underscores before incorporating user input into the message template. |
| pysec-2022-43059 | AIOHTTP 3.8.1 can report a "ValueError: Invalid IPv6 URL" outcome, which can lead to a Denial of Service (DoS). NOTE: multiple third parties dispute this issue because there is no example of a context in which denial of service would occur, and many common contexts have exception handing in the calling application |
| pysec-2024-36 | An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios. It was discovered that information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as decrypted secret values. |
| pysec-2023-253 | Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2. |
| pysec-2024-35 | Versions of the package dash-core-components before 2.13.0; all versions of the package dash-core-components; versions of the package dash before 2.15.0; all versions of the package dash-html-components; versions of the package dash-html-components before 2.0.16 are vulnerable to Cross-site Scripting (XSS) when the href of the a tag is controlled by an adversary. An authenticated attacker who stores a view that exploits this vulnerability could steal the data that's visible to another user who opens that view - not just the data already included on the page, but they could also, in theory, make additional requests and access other data accessible to this user. In some cases, they could also steal the access tokens of that user, which would allow the attacker to act as that user, including viewing other apps and resources hosted on the same server. **Note:** This is only exploitable in Dash apps that include some mechanism to store user input to be reloaded by a different user. |
| pysec-2024-12 | LlamaIndex (aka llama_index) through 0.9.34 allows SQL injection via the Text-to-SQL feature in NLSQLTableQueryEngine, SQLTableRetrieverQueryEngine, NLSQLRetriever, RetrieverQueryEngine, and PGVectorSQLQueryEngine. For example, an attacker might be able to delete this year's student records via "Drop the Students table" within English language input. |
| pysec-2024-34 | The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning (FL) and Multi-Party Computation (MPC). Nodes and servers get a ssh config by default that permits root login with password authentication. In a proper deployment, the SSH service is not exposed so there is no risk, but not all deployments are ideal. The default should therefore be less permissive. The vulnerability can be mitigated by removing the ssh part from the docker file and rebuilding the docker image. Version 4.2.0 patches the vulnerability. |
| Vulnerability ID | Description |
|---|---|
| gsd-2024-33903 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33902 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33901 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33900 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33899 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33898 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33897 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33896 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33895 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33894 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33893 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33892 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33891 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33890 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33889 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33888 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33887 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33886 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33885 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33884 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33883 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-4303 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-4302 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-4301 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-4300 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-4299 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-4298 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-4297 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-4296 | The format of the source doesn't require a description, click on the link for more details |
| gsd-2024-33882 | The format of the source doesn't require a description, click on the link for more details |
| Vulnerability ID | Description |
|---|---|
| mal-2024-1280 | --- _-= Per source details. Do not edit below this line.=-_ ## Source: ghsa-malware (a17b660a440d2cb884c99312341fc58bf33cac16bb05ecf3065ab4f40c073c4b) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it. |
| mal-2024-1291 | --- _-= Per source details. Do not edit below this line.=-_ ## Source: ghsa-malware (6c5e6f0820c8729977d62b9cc34c7461719fd4056fc5e8e9f44426ad3c1f60d7) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it. |
| mal-2024-1287 | --- _-= Per source details. Do not edit below this line.=-_ ## Source: ghsa-malware (308d5a6fa5eb0973b0ff8290c321ac60685b686f42543a7a09b16a5fe56a7457) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it. |
| mal-2024-1295 | --- _-= Per source details. Do not edit below this line.=-_ ## Source: ghsa-malware (4554cad7be69cbff28d6e2e4d3535b5d7b4158f2efa1c79eaaf705151ec686ff) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it. |
| mal-2024-1293 | --- _-= Per source details. Do not edit below this line.=-_ ## Source: ghsa-malware (45e4d71b34d2eb0cd66dc9d19da997d325017d19687f304f39e1138fe0a0f0fa) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it. |
| mal-2024-1283 | --- _-= Per source details. Do not edit below this line.=-_ ## Source: ghsa-malware (adbea70f2acb33710c8ecb7e13e55c24980ccd349854aa6c82915d2829359e15) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it. |
| mal-2024-1286 | --- _-= Per source details. Do not edit below this line.=-_ ## Source: ghsa-malware (63cea4fbbb1333188e78d11622c9b943608aea6770144dacf6e1184036a646b7) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it. |
| mal-2024-1285 | --- _-= Per source details. Do not edit below this line.=-_ ## Source: ghsa-malware (86831222f9b0a818e862c2db4a2e7f56259e7bae31f417c9464d2c19cb67dadb) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it. |
| mal-2024-1284 | --- _-= Per source details. Do not edit below this line.=-_ ## Source: ghsa-malware (c46cf6695c1ee706d7c20760d479bc271d109c548485e896885c9f7b6d704928) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it. |
| mal-2024-1296 | --- _-= Per source details. Do not edit below this line.=-_ ## Source: ghsa-malware (8ed8a707955886dfaa2b55283c703e3acbc8f5db17a426587702b53e53a9c0fb) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it. |
| mal-2024-1290 | --- _-= Per source details. Do not edit below this line.=-_ ## Source: ghsa-malware (90d2e2f79b4c5000c976cd4c1e99d091bb46b7dbee831bff50b3c69ff36e7dbf) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it. |
| mal-2024-1281 | --- _-= Per source details. Do not edit below this line.=-_ ## Source: ghsa-malware (4e6853d07fc7ca8efb0ffc45302b6b677a4b83c2e2de0e773616d9009f9b0ad8) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it. |
| mal-2024-1288 | --- _-= Per source details. Do not edit below this line.=-_ ## Source: ghsa-malware (6d7bd1b87c4b816789f583c6667d202f613eab5d352c1fcbe90fe1b182a0d13c) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it. |
| mal-2024-1282 | --- _-= Per source details. Do not edit below this line.=-_ ## Source: ghsa-malware (6cdabf6ac5434305cb152ee0eaf4d9cbac6f1de324ae91052537dc8fcfa94410) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it. |
| mal-2024-1294 | --- _-= Per source details. Do not edit below this line.=-_ ## Source: ghsa-malware (6da5a4c9da80939fd8b4009200d8e59514e1d3a5664d9b7150b27f40250a584d) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it. |
| mal-2024-1289 | --- _-= Per source details. Do not edit below this line.=-_ ## Source: ghsa-malware (fa5e340610d92b601dc5de1615c159ce6efea84fa66dccd8d99128054d7cf5c8) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it. |
| mal-2024-1292 | --- _-= Per source details. Do not edit below this line.=-_ ## Source: ghsa-malware (271bfa6075e1282de1c0d5269d79377fe6b16e9d60fa41a2a6a070cb97795905) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it. |
| mal-2024-1279 | --- _-= Per source details. Do not edit below this line.=-_ ## Source: ghsa-malware (b3dcc117202e21ae1b180b5f80af9dc0a1c0082aee807792f2aeb5b62c8e647d) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it. |
| mal-2024-1278 | --- _-= Per source details. Do not edit below this line.=-_ ## Source: ghsa-malware (736ee4fff51c88da50dc79bba67dcb4ee43dd8242b6d75beb08f8ca5f9bc841c) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it. |
| mal-2024-1277 | --- _-= Per source details. Do not edit below this line.=-_ ## Source: ghsa-malware (b16145b8b3fe74af3fb0b6c48f0e4f6454bc4b9b0d79f991d6373bc094ad279a) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it. |
| mal-2024-1272 | --- _-= Per source details. Do not edit below this line.=-_ ## Source: ossf-package-analysis (48accd040235db7bd6be1bcdc1f268ed9f438c3d3029090ee357139bbe870759) The OpenSSF Package Analysis project identified '@portal-packages/core' @ 15.105.105 (npm) as malicious. It is considered malicious because: - The package communicates with a domain associated with malicious activity. - The package executes one or more commands associated with malicious behavior. |
| mal-2024-1274 | --- _-= Per source details. Do not edit below this line.=-_ ## Source: ossf-package-analysis (c0d823ab954cd19f85bb933d25f8230386023a6a1fd15430efce0298f6a25aa9) The OpenSSF Package Analysis project identified 'ui-common-components-angular' @ 1.3.1 (npm) as malicious. It is considered malicious because: - The package communicates with a domain associated with malicious activity. - The package executes one or more commands associated with malicious behavior. |
| mal-2024-1273 | --- _-= Per source details. Do not edit below this line.=-_ ## Source: ossf-package-analysis (c4d7b54aa00bce85364eddf568913642023e355ba669803fa01e20a143e93a47) The OpenSSF Package Analysis project identified 'metrics-balancer' @ 0.2.0 (npm) as malicious. It is considered malicious because: - The package communicates with a domain associated with malicious activity. |
| mal-2024-1275 | --- _-= Per source details. Do not edit below this line.=-_ ## Source: ossf-package-analysis (543a89535f49dbd2c40707219fba6c80040d752e90ba3347abf1d61e9ea0e477) The OpenSSF Package Analysis project identified '@portal-packages/utils' @ 3.0.99 (npm) as malicious. It is considered malicious because: - The package executes one or more commands associated with malicious behavior. |
| mal-2024-1276 | --- _-= Per source details. Do not edit below this line.=-_ ## Source: ossf-package-analysis (65b5439bd3051d2315be6f4ae90f3235c5e41c2d9afa4a3c8f6ff3271c31cb9a) The OpenSSF Package Analysis project identified 'cz-ifood-conventional-changelog' @ 1.0.101 (npm) as malicious. It is considered malicious because: - The package executes one or more commands associated with malicious behavior. |
| mal-2024-1267 | --- _-= Per source details. Do not edit below this line.=-_ ## Source: ossf-package-analysis (82ce80367972231229038d234d1114c39f459b1c4bfe4a03392a3cfa35d4454b) The OpenSSF Package Analysis project identified 'commitlint-config-ifood' @ 1.95.102 (npm) as malicious. It is considered malicious because: - The package communicates with a domain associated with malicious activity. |
| mal-2024-1271 | --- _-= Per source details. Do not edit below this line.=-_ ## Source: ghsa-malware (dd6b41d316342a401f8e262adb37d1982a359946c37d5b6dbbf9903eed6c6ea0) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it. |
| mal-2024-1269 | --- _-= Per source details. Do not edit below this line.=-_ ## Source: ghsa-malware (05c6cf9e3c0564724471422898f07aea9b5234d6c00d38d95441a3fbe18cd004) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it. |
| mal-2024-1270 | --- _-= Per source details. Do not edit below this line.=-_ ## Source: ghsa-malware (cf9eff937bcee16db9ca91202bb07969de9b49b32196de1bb49ade4bcbe83d31) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it. |
| mal-2024-1268 | --- _-= Per source details. Do not edit below this line.=-_ ## Source: ghsa-malware (e32870b3e9ee7f6a8468b3fea4e188d906aa415456731059a4eb93984078ab9a) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it. |
| Vulnerability ID | Description |
|---|---|
| wid-sec-w-2024-1093 | Microsoft Edge: Mehrere Schwachstellen ermöglichen Umgehen von Sicherheitsvorkehrungen |
| wid-sec-w-2024-1092 | IBM Security Guardium: Mehrere Schwachstellen |
| wid-sec-w-2024-1091 | Red Hat OpenShift: Mehrere Schwachstellen |
| wid-sec-w-2024-1090 | IBM App Connect Enterprise: Schwachstelle ermöglicht Cross-Site Scripting |
| wid-sec-w-2024-1089 | vim: Schwachstelle ermöglicht Denial of Service |
| wid-sec-w-2024-1080 | Google Chrome: Schwachstelle ermöglicht nicht spezifizierten Angriff |
| wid-sec-w-2024-1075 | F5 BIG-IP: Mehrere Schwachstellen |
| wid-sec-w-2024-1070 | Google Chrome: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff |
| wid-sec-w-2024-1055 | OpenSSH: Mehrere Schwachstellen |
| wid-sec-w-2024-1031 | Bouncy Castle: Mehrere Schwachstellen |
| wid-sec-w-2024-1011 | Google Chrome / Microsoft Edge: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff |
| wid-sec-w-2024-0997 | Tinyproxy: Mehrere Schwachstellen |
| wid-sec-w-2024-0992 | Tenable Security Nessus Network Monitor: Mehrere Schwachstellen |
| wid-sec-w-2024-0962 | Google Chrome und Microsoft Edge: Mehrere Schwachstellen |
| wid-sec-w-2024-0956 | IBM App Connect Enterprise: Mehrere Schwachstellen |
| wid-sec-w-2024-0939 | ffmpeg: Mehrere Schwachstellen |
| wid-sec-w-2024-0930 | Red Hat Enterprise Linux (sssd): Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen |
| wid-sec-w-2024-0923 | ffmpeg: Mehrere Schwachstellen ermöglichen Denial of Service |
| wid-sec-w-2024-0912 | Google Chrome: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff |
| wid-sec-w-2024-0909 | Mozilla Firefox und Thunderbird: Mehrere Schwachstellen |
| wid-sec-w-2024-0905 | FreeRDP: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff |
| wid-sec-w-2024-0880 | less: Schwachstelle ermöglicht Codeausführung |
| wid-sec-w-2024-0856 | ffmpeg: Schwachstelle ermöglicht Codeausführung und DoS |
| wid-sec-w-2024-0846 | Google Chrome / Microsoft Edge: Mehrere Schwachstellen |
| wid-sec-w-2024-0831 | Xen: Mehrere Schwachstellen ermöglichen Denial of Service |
| wid-sec-w-2024-0789 | HTTP/2: Mehrere Schwachstellen ermöglichen Denial of Service |
| wid-sec-w-2024-0776 | Node.js: Mehrere Schwachstellen |
| wid-sec-w-2024-0765 | Google Chrome und Microsoft Edge: Mehrere Schwachstellen |
| wid-sec-w-2024-0723 | Google Chrome: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff |
| wid-sec-w-2024-0701 | Varnish HTTP Cache: Schwachstelle ermöglicht Denial of Service |
| Vulnerability ID | Description |
|---|---|
| ssa-750274 | SSA-750274: Impact of CVE-2024-3400 on RUGGEDCOM APE1808 devices configured with Palo Alto Networks Virtual NGFW |
| ssa-885980 | SSA-885980: Multiple Vulnerabilities in Scalance W1750D |
| ssa-832273 | SSA-832273: Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 devices |
| ssa-831302 | SSA-831302: Vulnerabilities in the BIOS of the SIMATIC S7-1500 TM MFP before V1.3.0 |
| ssa-822518 | SSA-822518: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW before V11.0.1 on RUGGEDCOM APE1808 devices |
| ssa-794697 | SSA-794697: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP before V1.1 |
| ssa-753746 | SSA-753746: Denial of Service Vulnerabilities in SIMATIC WinCC Affecting Other SIMATIC Software Products |
| ssa-730482 | SSA-730482: Denial of Service Vulnerability in SIMATIC WinCC |
| ssa-716164 | SSA-716164: Multiple Vulnerabilities in Scalance W1750D |
| ssa-712929 | SSA-712929: Denial of Service Vulnerability in OpenSSL (CVE-2022-0778) Affecting Industrial Products |
| ssa-711309 | SSA-711309: Denial of Service Vulnerability in the OPC UA Implementations of SIMATIC Products |
| ssa-691715 | SSA-691715: Vulnerability in OPC Foundation Local Discovery Server Affecting Siemens Products |
| ssa-556635 | SSA-556635: Multiple Vulnerabilities in Telecontrol Server Basic before V3.1.2.0 |
| ssa-457702 | SSA-457702: Wi-Fi Encryption Bypass Vulnerabilities in SCALANCE W700 Product Family |
| ssa-455250 | SSA-455250: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 devices |
| ssa-398330 | SSA-398330: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1 |
| ssa-265688 | SSA-265688: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.1 |
| ssa-222019 | SSA-222019: X_T File Parsing Vulnerabilities in Parasolid |
| ssa-203374 | SSA-203374: Multiple OpenSSL Vulnerabilities in SCALANCE W1750D Devices |
| ssa-128433 | SSA-128433: Multiple Vulnerabilities in SINEC NMS before V2.0 SP2 |
| ssa-968170 | SSA-968170: Remote Code Execution Vulnerability in SIMATIC STEP 7 V5.x and Derived Products |
| ssa-943925 | SSA-943925: Multiple Vulnerabilities in SINEC NMS before V2.0 SP1 |
| ssa-918992 | SSA-918992: Unused HTTP Service on SENTRON 3KC ATC6 Ethernet Module |
| ssa-871717 | SSA-871717: Multiple Vulnerabilities in Polarion ALM |
| ssa-792319 | SSA-792319: Missing Read Out Protection in SENTRON 7KM PAC3x20 Devices |
| ssa-770721 | SSA-770721: Multiple Vulnerabilities in SIMATIC RF160B before V2.2 |
| ssa-699386 | SSA-699386: Multiple Vulnerabilities in SCALANCE XB-200 / XC-200 / XP-200 / XF-200BA / XR-300WG Family before V4.5 |
| ssa-693975 | SSA-693975: Denial-of-Service Vulnerability in the Web Server of Industrial Products |
| ssa-653855 | SSA-653855: Information Disclosure vulnerability in SINEMA Remote Connect Client before V3.1 SP1 |
| ssa-592380 | SSA-592380: Denial of Service Vulnerability in SIMATIC S7-1500 CPUs and related products |
| Vulnerability ID | Description |
|---|---|
| rhba-2023_2977 | Red Hat Bug Fix Advisory: linux-firmware bug fix and enhancement update |
| rhba-2023_6928 | Red Hat Bug Fix Advisory: go-toolset:rhel8 bug fix and enhancement update |
| rhba-2024_1440 | Red Hat Bug Fix Advisory: MTV 2.5.6 Images |
| rhba-2024_1136 | Red Hat Bug Fix Advisory: podman bug fix update |
| rhba-2023_6364 | Red Hat Bug Fix Advisory: golang and delve bug fix and enhancement update |
| rhba-2024_1127 | Red Hat Bug Fix Advisory: libssh bug fix update |
| rhba-2023_7648 | Red Hat Bug Fix Advisory: MTV 2.5.3 Images |
| rhba-2024_0928 | Red Hat Bug Fix Advisory: MTV 2.5.5 Images |
| rhba-2023_6109 | Red Hat Bug Fix Advisory: MTV 2.4.3 Images |
| rhea-2023_6562 | Red Hat Enhancement Advisory: nginx:1.22 bug fix and enhancement update |
| rhba-2023_6078 | Red Hat Bug Fix Advisory: MTV 2.5.2 Images |
| rhea-2022_5139 | Red Hat Enhancement Advisory: nodejs:12 bug fix and enhancement update |
| rhba-2023_2181 | Red Hat Bug Fix Advisory: delve, golang, and go-toolset bug fix and enhancement update |
| rhea-2022_5221 | Red Hat Enhancement Advisory: nodejs:12 bug fix and enhancement update |
| rhba-2023_5806 | Red Hat Bug Fix Advisory: Red Hat Ansible Automation Platform 2.4 Container Release Update |
| rhea-2022_5615 | Red Hat Enhancement Advisory: nodejs:12 bug fix and enhancement update |
| rhba-2023_3611 | Red Hat Bug Fix Advisory: Release of Bug Advisories for the OpenShift Jenkins and Jenkins agent base image |
| rhea-2023_6741 | Red Hat Enhancement Advisory: .NET 8.0 bugfix update |
| rhea-2022_4925 | Red Hat Enhancement Advisory: nodejs:12 bug fix and enhancement update |
| rhea-2023_7235 | Red Hat Enhancement Advisory: ACS 4.3 enhancement update |
| rhea-2022_1596 | Red Hat Enhancement Advisory: OpenShift Virtualization 4.9.4 Images |
| rhba-2023_1750 | Red Hat Bug Fix Advisory: OpenShift Container Platform 4.12.13 bug fix update |
| rhba-2023_1649 | Red Hat Bug Fix Advisory: OpenShift Container Platform 4.11.35 packages and security update |
| rhba-2023_0564 | Red Hat Bug Fix Advisory: OpenShift Container Platform 4.11.26 packages update |
| rhba-2022_5876 | Red Hat Bug Fix Advisory: OpenShift Container Platform 4.10.26 extras update |
| rhba-2021_2979 | Red Hat Bug Fix Advisory: OpenShift Container Platform 4.7.23 packages update |
| rhba-2023_0568 | Red Hat Bug Fix Advisory: OpenShift Container Platform 4.12.2 packages update |
| rhba-2021_2854 | Red Hat Bug Fix Advisory: Migration Toolkit for Containers (MTC) 1.4.6 release advisory |
| rhba-2023_1759 | Red Hat Bug Fix Advisory: OpenShift Container Platform 4.11.37 packages and security update |
| rhba-2023_1507 | Red Hat Bug Fix Advisory: OpenShift Container Platform 4.12.10 packages update |
| Vulnerability ID | Description |
|---|---|
| icsa-24-109-01 | Unitronics Vision series PLCs |
| icsa-21-287-03 | Mitsubishi Electric MELSEC iQ-R Series |
| icsa-24-107-04 | RoboDK RoboDK |
| icsa-24-107-03 | Rockwell Automation ControlLogix and GuardLogix |
| icsa-24-107-02 | Electrolink FM/DAB/TV Transmitter |
| icsa-24-107-01 | Measuresoft ScadaPro |
| icsa-24-102-09 | Rockwell Automation 5015-AENFTXT |
| icsa-24-100-01 | SUBNET PowerSYSTEM Server and Substation Server |
| icsa-24-102-08 | Siemens Telecontrol Server Basic |
| icsa-24-102-07 | Siemens SINEC NMS |
| icsa-24-102-06 | Siemens Parasolid |
| icsa-24-102-05 | Siemens Scalance W1750D |
| icsa-24-102-04 | Siemens RUGGEDCOM APE1808 |
| icsa-24-102-03 | Siemens RUGGEDCOM APE1808 before V11.0.1 |
| icsa-24-102-02 | Siemens SIMATIC WinCC |
| icsa-24-102-01 | Siemens SIMATIC S7-1500 |
| icsa-24-095-02 | Schweitzer Engineering Laboratories SEL 700 series relays |
| icsa-24-095-01 | Hitachi Energy Asset Suite 9 |
| icsa-24-093-01 | IOSIX IO-1020 Micro ELD |
| icsa-24-086-04 | Rockwell Automation FactoryTalk View ME |
| icsa-24-086-03 | Rockwell Automation Arena Simulation |
| icsa-24-086-02 | Rockwell Automation PowerFlex 527 |
| icsa-24-086-01 | AutomationDirect C-MORE EA9 HMI |
| icsa-24-081-01 | Advantech WebAccess/SCADA |
| icsa-24-079-01 | Franklin Fueling System EVO 550/5000 |
| icsa-24-074-14 | Mitsubishi Electric MELSEC-Q/L Series |
| icsa-24-074-13 | Softing edgeConnector |
| icsa-24-074-12 | Delta Electronics DIAEnergie |
| icsa-24-074-07 | Siemens SIMATIC |
| icsa-23-143-03 | Mitsubishi Electric MELSEC Series CPU module (Update C) |
| Vulnerability ID | Description |
|---|---|
| cisco-sa-duo-infodisc-rlceqm6t | Cisco Duo Authentication for Windows Logon and RDP Information Disclosure Vulnerability |
| cisco-sa-secure-privesc-syxqo6ds | Cisco Secure Client for Linux with ISE Posture Module Privilege Escalation Vulnerability |
| cisco-sa-secure-client-crlf-w43v4g7 | Cisco Secure Client Carriage Return Line Feed Injection Vulnerability |
| cisco-sa-sb-wap-multi-85g83crb | Cisco Small Business 100, 300, and 500 Series Wireless Access Points Command Injection and Buffer Overflow Vulnerabilities |
| cisco-sa-duo-win-bypass-pn42kkbm | Cisco Duo Authentication for Windows Logon and RDP Authentication Bypass Vulnerability |
| cisco-sa-appd-xss-3jwqsmnt | Cisco AppDynamics Controller Cross-Site Scripting Vulnerability |
| cisco-sa-appd-traversal-m7n8mzpf | Cisco AppDynamics Controller Path Traversal Vulnerability |
| cisco-sa-curl-libcurl-d9ds39cv | cURL and libcurl Vulnerability Affecting Cisco Products: October 2023 |
| cisco-sa-ucsfi-imm-syn-p6kztdqc | Cisco UCS 6400 and 6500 Series Fabric Interconnects Intersight Managed Mode Denial of Service Vulnerability |
| cisco-sa-nxos-po-acl-tkyepgvl | Cisco Nexus 3000 and 9000 Series Switches Port Channel ACL Programming Vulnerability |
| cisco-sa-nxos-lldp-dos-z7pnctgt | Cisco FXOS and NX-OS Software Link Layer Discovery Protocol Denial of Service Vulnerability |
| cisco-sa-nxos-ebgp-dos-l3qcwvj | Cisco NX-OS Software External Border Gateway Protocol Denial of Service Vulnerability |
| cisco-sa-ipv6-mpls-dos-r9ycxkwm | Cisco NX-OS Software MPLS Encapsulated IPv6 Denial of Service Vulnerability |
| cisco-sa-cimc-xss-umytyetr | Cisco Integrated Management Controller Cross-Site Scripting Vulnerability |
| cisco-sa-cuic-access-control-jjszqmjj | Cisco Unified Intelligence Center Insufficient Access Control Vulnerability |
| cisco-sa-asaftd-info-disclose-9ejtycmb | Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Information Disclosure Vulnerability |
| cisco-sa-clamav-hdffu6t | ClamAV OLE2 File Format Parsing Denial of Service Vulnerability |
| cisco-sa-expressway-csrf-knnzdmj3 | Cisco Expressway Series Cross-Site Request Forgery Vulnerabilities |
| cisco-sa-ftd-snort3acp-bypass-3bdr2beh | Multiple Cisco Products Snort 3 Access Control Policy Bypass Vulnerability |
| cisco-sa-cuc-unauth-afu-froyscsd | Cisco Unity Connection Unauthenticated Arbitrary File Upload Vulnerability |
| cisco-sa-cucm-rce-bwnzqcum | Cisco Unified Communications Products Remote Code Execution Vulnerability |
| cisco-sa-sb-bus-acl-bypass-5zn9hnjk | Cisco Small Business Series Switches Stacked Reload ACL Bypass Vulnerability |
| cisco-sa-cuc-xss-9tfuu5ms | Cisco Unity Connection Cross-Site Scripting Vulnerability |
| cisco-sa-sdwan-privesc-cli-xkgwmqku | Cisco SD-WAN Software Arbitrary File Corruption Vulnerability |
| cisco-sa-sd-wan-file-access-vw36d28p | Cisco SD-WAN Solution Improper Access Control Vulnerability |
| cisco-sa-broadworks-xss-6syj82ju | Cisco BroadWorks Application Delivery Platform and Xtended Services Platform Stored Cross-Site Scripting Vulnerability |
| cisco-sa-tms-portal-xss-axnevg3s | Cisco TelePresence Management Suite Cross-Site Scripting Vulnerabilities |
| cisco-sa-thouseyes-privesc-dmzhg3qv | Cisco ThousandEyes Enterprise Agent Virtual Appliance Privilege Escalation Vulnerability |
| cisco-sa-sb-wap-inject-bhstwgxo | Cisco WAP371 Wireless Access Point Command Injection Vulnerability |
| cisco-sa-pi-epnm-wkzjeyeq | Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Vulnerabilities |
| Vulnerability ID | Description |
|---|---|
| sca-2024-0001 | Vulnerability in SICK Logistics Analytics Products and SICK Field Analytics |
| sca-2023-0011 | Vulnerability in multiple SICK Flexi Soft Gateways |
| sca-2023-0010 | Vulnerabilities in SICK Application Processing Unit |
| sca-2023-0008 | Vulnerability in SICK SIM1012 |
| sca-2023-0009 | Vulnerability in Wibu-Systems CodeMeter Runtime affects multiple SICK products |
| sca-2023-0007 | Vulnerabilities in SICK LMS5xx |
| sca-2023-0006 | Vulnerabilities in SICK ICR890-4 |
| sca-2023-0005 | Vulnerabilities in SICK EventCam App |
| sca-2023-0004 | Vulnerabilities in SICK FTMg |
| sca-2023-0003 | Vulnerability in SICK Flexi Soft and Flexi Classic Gateways |
| Vulnerability ID | Description |
|---|---|
| nn-2023_17-01 | Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1 |
| nn-2024_1-01 | DoS on IDS parsing of malformed Radius packets in Guardian before 23.4.1 |
| nn-2023_12-01 | Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0 |
| nn-2023_9-01 | Authenticated SQL Injection on Query functionality in Guardian/CMC before 22.6.3 and 23.1.0 |
| nn-2023_8-01 | Session Fixation in Guardian/CMC before 22.6.2 |
| nn-2023_7-01 | DoS via SAML configuration in Guardian/CMC before 22.6.2 |
| nn-2023_6-01 | Partial DoS on Reports section due to null report name in Guardian/CMC before 22.6.2 |
| nn-2023_5-01 | Information disclosure via the debug function in assertions in Guardian/CMC before 22.6.2 |
| nn-2023_4-01 | Stored Cross-Site Scripting (XSS) in Threat Intelligence rules in Guardian/CMC before 22.6.2 |
| nn-2023_3-01 | Authenticated Blind SQL Injection on alerts count in Guardian/CMC before 22.6.2 |
| nn-2023_2-01 | Authenticated Blind SQL Injection on sorting in Guardian/CMC before 22.6.2 |
| nn-2023_11-01 | SQL Injection on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 |
| nn-2023_10-01 | DoS on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 |
| nn-2023_1-01 | Authenticated SQL Injection on Alerts in Guardian/CMC before 22.5.2 |
| nn-2022_2-02 | Authenticated RCE on project configuration import in Guardian/CMC before 22.0.0 |
| nn-2022_2-01 | Authenticated RCE on logo report upload in Guardian/CMC before 22.0.0 |
| nn-2021_2-01 | Authenticated command path traversal on timezone settings in Guardian/CMC before 20.0.7.4 |
| nn-2021_1-01 | Authenticated command injection when changing date settings or hostname in Guardian/CMC before 20.0.7.4 |
| nn-2020_3-01 | Angular template injection on custom report name field |
| nn-2020_2-01 | Cross-site request forgery attack on change password form |
| nn-2019_2-01 | CSV Injection on node label |
| nn-2019_1-01 | Stored XSS in field name data model |
| Vulnerability ID | Description |
|---|---|
| oxas-adv-2024-0001 | OX App Suite Security Advisory OXAS-ADV-2024-0001 |
| oxas-adv-2023-0007 | OX App Suite Security Advisory OXAS-ADV-2023-0007 |
| oxas-adv-2023-0006 | OX App Suite Security Advisory OXAS-ADV-2023-0006 |
| oxas-adv-2023-0005 | OX App Suite Security Advisory OXAS-ADV-2023-0005 |
| oxas-adv-2023-0004 | OX App Suite Security Advisory OXAS-ADV-2023-0004 |
| oxas-adv-2023-0003 | OX App Suite Security Advisory OXAS-ADV-2023-0003 |
| oxas-adv-2023-0002 | OX App Suite Security Advisory OXAS-ADV-2023-0002 |
| oxas-adv-2023-0001 | OX App Suite Security Advisory OXAS-ADV-2023-0001 |
| oxas-adv-2022-0002 | OX App Suite Security Advisory OXAS-ADV-2022-0002 |
| oxas-adv-2022-0001 | OX App Suite Security Advisory OXAS-ADV-2022-0001 |