Skip to content

トピトピニュース

Header Image
Category

CRITICAL

187 Posts

Featured

Posted byGitHub
[github.com/crewjam/saml] crewjam/saml vulnerable to signature bypass via multiple Assertion elements due to improper authentication
Posted byGitHub
[org.jeecgframework.boot:jeecg-boot-common] Jeecg-boot vulnerable to SQL Injection
Posted byGitHub
[electron] Heap buffer overflow in GPU
Posted byGitHub
[wger] wger vulnerable to brute force attempts

[ezsystems/ezplatform-admin-ui] eZ Platform users with the Company admin role can assign any role to any user

  • Posted inCRITICAL
  • Posted byGitHub
  • 11/11/202211/11/2022

Critical severity. Users with the Company admin role (introduced by the company account feature in v4) can assign any role to any user. This also applies to any other user that has the role / assign policy. Any subtree limitation in place does not have…

[ibexa/admin-ui] Ibexa DXP users with the Company admin role can assign any role to any user

  • Posted inCRITICAL
  • Posted byGitHub
  • 11/11/202211/11/2022

Critical severity. Users with the Company admin role (introduced by the company account feature in v4) can assign any role to any user. This also applies to any other user that has the role / assign policy. Any subtree limitation in place does not have…

[ibexa/core] Ibexa DXP users with the Company admin role can assign any role to any user

  • Posted inCRITICAL
  • Posted byGitHub
  • 11/11/2022

Critical severity. Users with the Company admin role (introduced by the company account feature in v4) can assign any role to any user. This also applies to any other user that has the role / assign policy. Any subtree limitation in place does not have…

[ibexa/admin-ui] ibexa/admin-ui vulnerable to Cross-site Scripting in content type name/shortname

  • Posted inCRITICAL
  • Posted byGitHub
  • 11/11/202211/11/2022

Critical severity. It is possible to inject JavaScript XSS in the content type entries “name” and “short name”. To exploit this, one must already have permission to edit content types, which limits it in many cases to people who are already administrat…

[ezsystems/ezplatform-admin-ui] ezplatform-admin-ui vulnerable to Cross-Site Scripting (XSS)

  • Posted inCRITICAL
  • Posted byGitHub
  • 11/11/2022

It is possible to inject JavaScript XSS in the content type entries “name” and “short name”. To exploit this, one must already have permission to edit content types, which limits it in many cases to people who are already administrators. However, pleas…

[ibexa/graphql] GraphQL queries can expose password hashes

  • Posted inCRITICAL
  • Posted byGitHub
  • 11/11/202211/11/2022

Impact
Unauthenticated GraphQL queries for user accounts can expose password hashes of users that have created or modified content, typically but not necessarily limited to administrators and editors.
Patches
Affected versions: Ibexa DXP v3.3.*, v4.2.*…

[github.com/go-vela/worker] Vela Insecure Defaults

  • Posted inCRITICAL
  • Posted byGitHub
  • 11/10/202211/18/2022

Impact
Some current default configurations for Vela allow exploitation and container breakouts.
Default Privileged Images
Running Vela plugins as privileged Docker containers allows a malicious user to easily break out of the container and gain access …

[parse-server] Remote code execution via MongoDB BSON parser through prototype pollution

  • Posted inCRITICAL
  • Posted byGitHub
  • 11/09/202211/12/2022

Impact
An attacker can use this prototype pollution sink to trigger a remote code execution through the MongoDB BSON parser.
Patches
Prevent prototype pollution in MongoDB database adapter.
Workarounds
Disable remote code execution through the MongoDB…

[github.com/btcsuite/btcd] btcd mishandles witness size checking

  • Posted inCRITICAL
  • Posted byGitHub
  • 11/07/202211/15/2022

btcd before 0.23.2, as used in Lightning Labs lnd before 0.15.2-beta and other Bitcoin-related products, mishandles witness size checking.
References

https://nvd.nist.gov/vuln/detail/CVE-2022-44797
https://github.com/lightningnetwork/lnd/issues/7002
h…

[github.com/pingcap/tidb] TiDB vulnerable to Use of Externally-Controlled Format String

  • Posted inCRITICAL
  • Posted byGitHub
  • 11/05/202211/06/2022

TiDB is vulnerable to Use of Externally-Controlled Format String. A patch is available on the master branch and expected to be part of versions 6.4.0 and 6.1.3.
References

https://nvd.nist.gov/vuln/detail/CVE-2022-3023
https://github.com/pingcap/tidb/…

Posts navigation

Previous Posts 1 2 3 4 5 … 19 Next Posts
トピトピニュース
WordPress theme by componentz

Archives

2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30
Hit enter to search or ESC to close