GitHub

[lief] LIEF contains a segmentation violation

LIEF commit 365a16a was discovered to contain a segmentation violation via the component CoreFile.tcc:69. A patch is available at commit ca938740264f1fcb18f91cba8e4039c518ecb75b.
References

https://nvd.nist.gov/vuln/detail/CVE-2022-38497
https://githu…

[lief] LIEF vulnerable to heap based buffer overflow via print_binary function

Posted inHIGH
Posted byGitHub
09/14/202209/21/2022

LIEF commit 365a16a was discovered to contain a heap-buffer overflow via the function print_binary at /c/macho_reader.c. Commit 0033b6312fd311b2e45e379c04a83d77c1e58578 contains a patch.
References

https://nvd.nist.gov/vuln/detail/CVE-2022-38495
https…

[moodle/moodle] Moodle Cross-site Scripting vulnerability

In certain Moodle products after creating a course, it is possible to add in a arbitrary “Topic” a resource, in this case a “Database” with the type “Text” where its values “Field name” and “Field description” are vulnerable to Cross Site Scripting Sto…

[io.pebbletemplates:pebble] Pebble Templates protection mechanism bypass can lead to arbitrary code execution

Pebble Templates 3.1.5 allows attackers to bypass a protection mechanism and implement arbitrary code execution with springbok.
References

https://nvd.nist.gov/vuln/detail/CVE-2022-37767
https://github.com/Y4tacker/Web-Security/issues/3
https://github…

[com.graphql-java:graphql-java] graphql-java vulnerable to Denial of Service via GraphQL query that consumes CPU resources

Posted inHIGH
Posted byGitHub
09/13/202209/17/2022

graphql-java before 19.0, 18.3, and 17.4 is vulnerable to Denial of Service. An attacker send a malicious GraphQL query that consumes CPU resources. The fixed versions are 19.0, 18.3, and 17.4.
References

https://nvd.nist.gov/vuln/detail/CVE-2022-3773…

[org.apache.calcite:calcite-core] Apache Calcite before 1.32.0 vulnerable to potential XML External Entity (XXE) attack

In Apache Calcite prior to version 1.32.0 the SQL operators EXISTS_NODE, EXTRACT_XML, XML_TRANSFORM and EXTRACT_VALUE do not restrict XML External Entity references in their configuration, which makes them vulnerable to a potential XML External Entity …

[github.com/gophish/gophish] Gophish before 0.12.0 vulnerable to Open Redirect

This affects the package github.com/gophish/gophish before 0.12.0. The Open Redirect vulnerability exists in the next query parameter. The application uses url.Parse(r.FormValue(“next”)) to extract path and eventually redirect user to a relative URL, b…

[com.diffplug.gradle:goomph] Goomph before 3.37.2 allows malicious zip file to write contents to arbitrary locations

This affects the package com.diffplug.gradle:goomph before 3.37.2. It allows a malicious zip file to potentially break out of the expected destination directory, writing contents into arbitrary locations on the file system. Overwriting certain files/di…

[pdfkit] PDFKit vulnerable to Command Injection

The package pdfkit is vulnerable to Command Injection where the URL is not properly sanitized.
Note: This issue was patched in 0.8.7.2, but the patch was discovered to be ineffective. The updated patch version is 0.8.7.2
References

https://nvd.nist.go…

[rankmath/seo-by-rank-math] Rank Math SEO plugin vulnerable to Server-Side Request Forgery

Server-Side Request Forgery (SSRF) vulnerability in Rank Math SEO plugin <= 1.0.95 at WordPress.
References

https://nvd.nist.gov/vuln/detail/CVE-2022-36376
https://rankmath.com/changelog/
https://patchstack.com/database/vulnerability/seo-by-rank-ma…

トピトピニュース

Featured

[github.com/crewjam/saml] crewjam/saml vulnerable to signature bypass via multiple Assertion elements due to improper authentication

[org.keycloak:keycloak-core] Stored Cross-Site Scripting (XSS) in Keycloak via groups dropdown

[bitlyshortener] Package discontinued because Bitly lowered the free quota

[baserproject/basercms] baserproject/basercms vulnerable to cross-site scripting (XSS) vulnerability