Impact
In all the versions of NuProcess where it forks processes by using the JVM’s Java_java_lang_UNIXProcess_forkAndExec method (1.2.0+), attackers can use NUL characters in their strings to perform command line injection. Java’s ProcessBuilder isn’t…
[matrix-js-sdk] matrix-js-sdk subject to user spoofing via Olm/Megolm protocol confusion
Impact
An attacker cooperating with a malicious homeserver can construct messages that legitimately appear to have come from another person, without any indication such as a grey shield.
Additionally, a sophisticated attacker cooperating with a malicio…
[matrix-js-sdk] matrix-js-sdk subject to impersonated messages due to permissive key forwarding
Impact
An attacker cooperating with a malicious homeserver can construct messages appearing to have come from another person. Such messages will be marked with a grey shield on some platforms, but this may be missing in others.
This attack is possible …
[rdiffweb] rdiffweb vulnerable to password complexity bypass leading to weak passwords
ikus060/rdiffweb prior to 2.4.9 allows a user to set there password to all spaces. While rdiffweb has a password policy requiring passwords to be between 8 and 128 characters, it does not validate the password entropy, allowing users to bypass password…
[inventree] Inventree vulnerable to Stored Cross-site Scripting
Inventree prior to 0.8.3 is vulnerable to stored cross-site scripting by uploading SVG files. Version 0.8.3 contains a patch for this issue.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-3355
https://github.com/inventree/inventree/commit/5a08ef…
[feehi/feehicms] FeehiCMS vulnerable to Cross-Site scripting via crafted payload
FeehiCMS versions 2.0.1.1 and prior contain a cross-site scripting (XSS) vulnerability via a crafted payload injected into the Comment box under the Single Page module. There are no patches and no known workarounds for this issue.
References
https://n…
[github.com/dutchcoders/transfer.sh] Dutchoders transfer.sh contains an XSS vulnerability via malicious file upload
dutchcoders Transfer.sh versions 1.4.0 and prior are vulnerable to Cross Site Scripting (XSS) via a malicious document uploaded in transfer.sh. There is a fix commit merged into main for this issue, but an updated version has not yet been released.
Re…
[rdiffweb] rdiffweb’s unlimited length Fullname field can lead to DoS
rdiffweb prior to 2.5.0a3 does not validate email length, allowing users to insert an email longer than 255 characters. If a user signs up with an email with a length of 1 million or more characters and logs in, withdraws, or changes their email, the s…
[com.amazon.redshift:redshift-jdbc42] AWS Redshift JDBC Driver fails to validate class type during object instantiation
In Amazon AWS Redshift JDBC Driver (aka amazon-redshift-jdbc-driver or redshift-jdbc42) before 2.1.0.8, the Object Factory does not check the class type when instantiating an object from a class name. This issue has been fixed in version 2.1.0.8.
Refer…
[matrix-js-sdk] Improper beacon events in matrix-js-sdk can result in availability issues
Impact
Improperly formed beacon events (from MSC3488) can disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer’s ability to process data safely. Note that the matrix-js-sdk can appear to be operating normall…