VuXML entries as processed by FreshPorts | Date | Decscription | Port(s) |
2022-10-06 | VuXML IDf4f15051-4574-11ed-81a1-080027881239
Django reports: CVE-2022-41323: Potential denial-of-service vulnerability in internationalized URLs. more. | py310-django32 py310-django40 py310-django41 py37-django32 py38-django32 py38-django40 py38-django41 py39-django32 py39-django40 py39-django41
more Wavebox 4.9.0 Download IDc2a89e8f-44e9-11ed-9215-00e081b7aa2d
Jenkins Security Advisory: (High) SECURITY-2886 / CVE-2022-41224XSS vulnerability more. | jenkins
more detail |
2022-10-04 | VuXML ID854c2afb-4424-11ed-af97-adcabf310f9b
The Go project reports: archive/tar: unbounded memory consumption when reading headers Reader.Read did not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, Wavebox 4.9.0 Download, potentially causing resource exhaustion or panics. Reader.Read now limits the maximum size of header blocks to 1 MiB.
net/http/httputil: ReverseProxy should not forward unparseable query parameters Requests forwarded by ReverseProxy included the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. ReverseProxy will now sanitize the query parameters in the forwarded query when the outbound request's Form field is set after the ReverseProxy.Director function returns, indicating that the proxy has parsed the query Wavebox 4.9.0 Download parameters. Proxies which do not parse query parameters continue to forward the original query parameters unchanged.
regexp/syntax: limit memory used by parsing regexps The parsed regexp representation is linear in the size of the input, but in some cases the constant factor can be as high as 40,000, making relatively small regexps consume much larger amounts of memory. Each regexp being parsed is now limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are now rejected. Normal use of regular expressions is unaffected. more. | go118 go119
more detail |
2022-10-04 | VuXML IDd487d4fc-43a8-11ed-8b01-b42e991fc52e
Zyantific reports: Zydis users of versions v3.2.0 and older that use the string functions provided Wavebox 4.9.0 Download zycore in order to append untrusted user data to the formatter buffer within their custom formatter hooks can run into heap buffer overflows. Older versions of Zydis failed to properly initialize the string object within the formatter buffer, forgetting to initialize a few fields, leaving their value to chance, Wavebox 4.9.0 Download. This could then in turn cause zycore functions like ZyanStringAppend to make incorrect calculations for the new target size, resulting in heap memory corruption. more. | zydis
more detail |
2022-10-02 | VuXML ID67057b48-41f4-11ed-86c3-080027881239
Mediawiki reports: (T316304, CVE-2022-41767) SECURITY: reassignEdits doesn't update results in an IP range check Wavebox 4.9.0 Download Special:Contributions. (T309894, CVE-2022-41765) SECURITY: HTMLUserTextField exposes existence of hidden users. (T307278, CVE-2022-41766) SECURITY: On action=rollback the message "alreadyrolled" can leak revision deleted user name. more. | mediawiki135 mediawiki137 mediawiki138
more detail |
2022-09-30 | VuXML ID04422df1-40d8-11ed-9be7-454b1dd82c64
Gitlab reports: Denial of Service via cloning an issue Arbitrary PUT request as victim user through Sentry error list Content injection via External Status Checks Project maintainers can access Datadog API Key from logs Unsafe serialization of Json data could lead to sensitive data leakage Import bug allows importing of private local git repos Maintainer can leak Github access tokens by changing integration URL (even after 15.2.1 patch) Unauthorized users able Windirstat 1.1.2 Free Download create issues in any project Bypass group IP restriction on Dependency Proxy Healthcheck endpoint allow list can be bypassed when kaspersky total security 2019 crack lifetime activation Activators Patch over HTTP in an HTTPS enabled system Disclosure of Todo details to guest users A user's primary email may be disclosed through group member events webhooks Content manipulation due to branch/tag name confusion Wavebox 4.9.0 Download the default branch name Leakage of email addresses in WebHook logs Specially crafted output makes job logs inaccessible Enforce editing approval rules on project level more. | gitlab-ce
more detail |
2022-09-30 | VuXML IDd459c914-4100-11ed-9bc7-3065ec8fd3ec
Chrome Releases reports: This release contains 3 security fixes, including: - [1366813] High CVE-2022-3370: Use after free in Custom Elements. Reported by Aviv A. on 2022-09-22
- [1366399] High CVE-2022-3373: Out of bounds write in V8, Wavebox 4.9.0 Download. Reported Wavebox 4.9.0 Download Tibor Klajnscek on 2022-09-21
more. | chromium
more detail |
2022-09-29 | VuXML ID5a1c2e06-3fb7-11ed-a402-b42e991fc52e
A vulnerability named 'Non-Responsive Delegation Attack' (NRDelegation Attack) has been discovered in various DNS resolving software. The NRDelegation Attack works by having a malicious delegation with a considerable number of non responsive nameservers. The attack starts by querying a resolver for a record that relies on those unresponsive nameservers. The attack can cause a resolver to spend a lot of time/resources resolving records under a malicious delegation point where a considerable number of unresponsive NS records reside. It can trigger high CPU usage in some resolver implementations that continually look in the cache for resolved NS records in that delegation. . more. | unbound
more Wavebox 4.9.0 Download IDcb902a77-3f43-11ed-9402-901b0e9408dc
Matrix developers report: Two critical severity vulnerabilities in end-to-end encryption were found in the SDKs which power Element, Beeper, Cinny, SchildiChat, Circuli, Synod.im and any other clients based on matrix-js-sdk, matrix-ios-sdk or matrix-android-sdk2. more. | cinny element-web
more detail |
2022-09-27 | VuXML ID0a0670a1-3e1a-11ed-b48b-e0d55e2a8bf9
Debian Security Advisory reports: Rhodri James discovered a heap use-after-free vulnerability in the doContent function in Expat, an XML parsing C library, which could result in denial of service or potentially the execution of arbitrary code, Wavebox 4.9.0 Download, if a malformed XML file is processed. more. | expat
more detail |
2022-09-27 | VuXML ID18529cb0-3e9c-11ed-9bc7-3065ec8fd3ec
Chrome Releases reports: This release contains 20 security fixes, including: - [1358907] High CVE-2022-3304: Use after free in CSS. Wavebox 4.9.0 Download by Anonymous on 2022-09-01
- [1343104] High CVE-2022-3201: Insufficient validation of untrusted input in Developer Tools. Reported by NDevTK on 2022-07-09
- [1319229] High CVE-2022-3305: Use after free in Survey, Wavebox 4.9.0 Download. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research Institute on 2022-04-24
- [1320139] High CVE-2022-3306: Use after free in Survey. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research Institute on 2022-04-27
- [1323488] High CVE-2022-3307: Use after Wavebox 4.9.0 Download in Media. Reported by Anonymous Telecommunications Corp. Ltd. on 2022-05-08
- [1342722] Medium CVE-2022-3308: Insufficient policy enforcement in Developer Tools. Reported by Andrea Cappa (zi0Black) @ Shielder on 2022-07-08
- [1348415] Medium CVE-2022-3309: Use after free in Assistant. Reported by zh1x1an1221 of Ant Group Tianqiong Security Lab on 2022-07-29
- [1240065] Medium CVE-2022-3310: Insufficient policy enforcement in Custom Tabs, Wavebox 4.9.0 Download. Reported by Ashwin Agrawal from Optus, Sydney on 2021-08-16
- [1302813] Medium CVE-2022-3311: Use after free in Import. Reported by Samet Bekmezci @sametbekmezci on 2022-03-04
- [1303306] Medium CVE-2022-3312: Insufficient validation of untrusted input in VPN. Reported by 3dmark android on 2022-03-06
- [1317904] Medium CVE-2022-3313: Incorrect security UI in Full Screen, Wavebox 4.9.0 Download. Reported by Irvan Kurniawan (sourc7) on 2022-04-20
- [1328708] Medium CVE-2022-3314: Use after free in Logging. Reported by Anonymous on 2022-05-24
- [1322812] Medium CVE-2022-3315: Type confusion in Blink. Reported by Anonymous on 2022-05-05
- [1333623] Low CVE-2022-3316: Insufficient validation of untrusted Wavebox 4.9.0 Download in Safe Browsing. Reported by Sven Dysthe (@svn_dy) on 2022-06-07
- [1300539] Low CVE-2022-3317: Insufficient validation of untrusted input in Intents. Reported by Hafiizh on 2022-02-24
- [1318791] Low CVE-2022-3318: Use after free in ChromeOS Notifications, Wavebox 4.9.0 Download. Reported by GraVity0 on 2022-04-22
more. | chromium
more detail |
2022-09-26 | VuXML IDf9ada0b5-3d80-11ed-9330-080027f5fec9
Mikhail Evdokimov (aka konata) reports: Due to inconsistent handling of internal URIs Squid is vulnerable to Exposure of Sensitive Information about clients using the proxy. This problem allows a trusted client to directly access cache manager Wavebox 4.9.0 Download bypassing the manager ACL protection. The available cache manager information contains records of internal network structure, client credentials, client identity and client traffic behaviour. more. | squid
more detail |
2022-09-21 | VuXML ID95e6e6ca-3986-11ed-8e0c-6c3be5272acd
Grafana Labs reports: On August 9 an internal security review identified a vulnerability in the Grafana which allows an escalation from Admin privileges to Server Admin when Auth proxy authentication is used. Auth proxy allows to authenticate a user by only providing the username (or email) in a HTTP header: the trust assumption is that a front proxy will take care of authentication and that Grafana server is publicly reachable only with this front proxy. Datasource proxy breaks this assumption: - it is possible to configure a fake Wavebox 4.9.0 Download pointing to a localhost Grafana install with a HTTP header containing admin username.
- This fake datasource can be called publicly via this proxying feature.
The CVSS score for this vulnerability is 6.6 Moderate (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H). more. | grafana grafana7 grafana8 grafana9
more Wavebox 4.9.0 Download IDf1f637d1-39eb-11ed-ab44-080027f5fec9
The Redis core team reports: Executing a XAUTOCLAIM Wavebox 4.9.0 Download on a Wavebox 4.9.0 Download key in a specific state, Wavebox 4.9.0 Download, with a specially crafted COUNT argument, may cause an integer overflow, a subsequent heap overflow, Wavebox 4.9.0 Download, and potentially lead to remote code execution. The problem affects Redis versions 7.0.0 or newer. more. | redis
more detail |
2022-09-19 | VuXML ID656b0152-faa9-4755-b08d-aee4a774bd04
Tim Wojtulewicz of Corelight reports: Fix a possible overflow and crash in the ICMP analyzer when receiving a specially crafted packet. Fix a possible overflow and crash in the IRC analyzer when receiving a specially crafted packet. Fix a possible overflow and crash in the SMB analyzer when receiving Wondershare Dr.Fone 9.9.8 Crack For Android Devices Download specially crafted packet. Fix two possible crashes when converting IP headers for output via the raw_packet event. more. | zeek
more detail |
2022-09-16 | VuXML IDaeb4c85b-3600-11ed-b52d-589cfc007716
Puppet reports: The org.postgresql/postgresql driver has been updated to version 42.4.1 to address CVE-2022-31197, which is an SQL injection risk that according to the CVE report, can only be exploited if an attacker controls the database to the extent that they can adjust relevant tables to have "malicious" column names. more. | puppetdb6 puppetdb7
more detail |
2022-09-14 | VuXML IDb59847e0-346d-11ed-8fe9-3065ec8fd3ec
Chrome Releases reports: This release includes 11 security fixes, including: - [1358381] High CVE-2022-3195: Out of bounds write in Storage. Reported by Ziling Chen and Nan Wang (@eternalsakura13) of 360 Vulnerability Research Institute on 2022-08-31
- [1358090] High CVE-2022-3196: Use after free in PDF. Reported by triplepwns on 2022-08-30
- [1358075] High CVE-2022-3197: Use after free in PDF. Reported by triplepwns on 2022-08-30
- [1355682] High CVE-2022-3198: Use after free in PDF. Reported by MerdroidSG on 2022-08-23
- [1355237] High CVE-2022-3199: Use after free in Frames. Reported by Anonymous on 2022-08-22
- [1355103] High CVE-2022-3200: Heap Wavebox 4.9.0 Download overflow in Internals. Reported by Richard Lorenz, SAP on 2022-08-22
- [1343104] High CVE-2022-3201: Insufficient validation of untrusted input in DevTools. Reported by NDevTK on 2022-07-09
more. | chromium
more detail |
2022-09-12 | VuXML ID4ebaa983-3299-11ed-95f8-901b0e9408dc
Dendrite team reports: Events retrieved Wavebox 4.9.0 Download a remote homeserver using /get_missing_events did not have their signatures verified correctly. This could potentially allow a remote homeserver to provide invalid/modified events to Dendrite via this endpoint. Note that this does not apply to events retrieved through other endpoints (e.g. /event, /state) as they have been correctly verified. Homeservers that have federation disabled are not vulnerable. more. | dendrite
more detail |
2022-09-11 | VuXML IDf75722ce-31b0-11ed-8b56-0800277bb8a8
The Gitea team reports: Double check CloneURL is acceptable
Add more checks in migration code more. | gitea
more detail |
2022-09-08 | VuXML ID80e057e7-2f0a-11ed-978f-fcaa147e860e
Python reports: gh-95778: Converting between int and str in bases other than 2 (binary), 4, 8 (octal), 16 (hexadecimal), Wavebox 4.9.0 Download, or 32 such as base 10 (decimal) now raises a ValueError if the number of digits in string form is above a limit to avoid potential denial of service attacks due to the algorithmic complexity. gh-87389: http.server: Fix an open redirection vulnerability in the HTTP server when an URI path starts with //, Wavebox 4.9.0 Download. Vulnerability discovered, and initial fix proposed, Wavebox 4.9.0 Download, by Hamza Avvan. more. | python310 python37 python38 python39
more detail |
2022-09-07 | VuXML ID6fea7103-2ea4-11ed-b403-3dae8ac60d3e
The Go project reports: net/http: handle server errors after sending GOAWAY A closing HTTP/2 server connection could hang forever waiting for a clean shutdown that was preempted by a subsequent fatal error. This failure mode could be Wavebox 4.9.0 Download to cause a denial of service.
net/url: JoinPath does not strip relative path components in all circumstances JoinPath and URL.JoinPath would not remove ./ path antares license free components appended to a relative path. more. | go118 go119
more detail |
2022-09-03 | VuXML IDf38d25ac-2b7a-11ed-a1ef-3065ec8fd3ec
Chrome Releases reports: This release contains 1 security fix: - [1358134] High CVE-2022-3075: Insufficient data validation in Mojo. Reported by Anonymous on 2022-08-30
Google is aware that an exploit of CVE-2022-3075 exists in the wild. more. | chromium
more detail |
2022-09-01 | VuXML ID5418b360-29cc-11ed-a6d4-6805ca2fa271
PowerDNS Team reports: PowerDNS Security Advisory 2022-02: incomplete exception handling related to protobuf message generation. more. | powerdns-recursor
more detail |
2022-09-01 | VuXML ID827b95ff-290e-11ed-a2e7-6c3be5272acd
Grafana Labs reports: On July 21, an internal security review identified an unauthorized file disclosure vulnerability in the Grafana Image Renderer plugin when HTTP remote rendering is used. The Chromium browser embedded in the Grafana Image Renderer allows for âprintingâ of unauthorized files in a PNG file. This makes it possible for a malicious user to retrieve unauthorized files under some network conditions or via a fake data source (this applies if the user has admin permissions in Grafana). more. | grafana grafana7 grafana8 grafana9
more detail |
2022-08-31 | VuXML IDa1323a76-28f1-11ed-a72a-002590c1f29c
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. Applications that call inflateGetHeader may be vulnerable to a buffer overflow, Wavebox 4.9.0 Download. Note that inflateGetHeader is not used by anything in the FreeBSD base system, Wavebox 4.9.0 Download, but may be used by third party software. more. | FreeBSD
more detail |
2022-08-31 | VuXML IDe4d93d07-297a-11ed-95f8-901b0e9408dc
Matrix developers report: The vulnerabilities give an adversary who you share a room with the ability to carry out a denial-of-service attack against the affected clients, Wavebox 4.9.0 Download, making it not show all of a user's rooms or spaces and/or causing minor temporary corruption. more. | cinny element-web
more detail |
2022-08-31 | VuXML IDf2043ff6-2916-11ed-a1ef-3065ec8fd3ec
Chrome Releases reports: This release contains 24 security fixes, including: - [1340253] Critical CVE-2022-3038: Use after free in Network Service. Reported by Sergei Glazunov of Google Project Zero on 2022-06-28
- [1343348] High CVE-2022-3039: Use after free in WebSQL. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research Institute on 2022-07-11
- [1341539] High CVE-2022-3040: Use after free in Layout. Reported by Anonymous on 2022-07-03
- [1345947] High CVE-2022-3041: Use after Wavebox 4.9.0 Download in WebSQL. Reported by Ziling Chen and Nan Wang(@eternalsakura13) of 360 Vulnerability Research Institute on 2022-07-20
- [1338553] High CVE-2022-3042: Use after free in PhoneHub. Reported by koocola(@alo_cook) and Guang Gong of 360 Vulnerability Research Institute on 2022-06-22
- [1336979] High CVE-2022-3043: Heap buffer overflow in Screen Capture. Reported by @ginggilBesel on 2022-06-16
- [1051198] High CVE-2022-3044: Inappropriate implementation in Site Isolation. Reported by Lucas Pinheiro, Microsoft Browser Vulnerability Research on 2020-02-12
- [1339648] High CVE-2022-3045: Insufficient validation of untrusted input in V8, Wavebox 4.9.0 Download. Reported by Ben Wavebox 4.9.0 Download
- [1346245] High CVE-2022-3046: Use after free in Browser Tag. Reported by Rong Jian of VRI on 2022-07-21
- [1342586] Medium CVE-2022-3047: Insufficient policy enforcement in Extensions API, Wavebox 4.9.0 Download. Reported by Maurice Dauer on 2022-07-07
- [1303308] Medium CVE-2022-3048: Inappropriate implementation in Chrome OS lockscreen. Reported by Andr.Ess on 2022-03-06
- [1316892] Medium CVE-2022-3049: Use after free in SplitScreen. Reported by @ginggilBesel on 2022-04-17
- [1337132] Medium CVE-2022-3050: Heap buffer overflow in WebUI. Reported by Zhihua Yao of KunLun Lab on 2022-06-17
- [1345245] Medium CVE-2022-3051: Heap buffer overflow in Exosphere, Wavebox 4.9.0 Download. Reported by @ginggilBesel on 2022-07-18
- [1346154] Medium CVE-2022-3052: Heap buffer overflow in Window Manager. Reported by Khalil Zhani on 2022-07-21
- [1267867] Medium CVE-2022-3053: Inappropriate implementation in Pointer Lock. Reported by Jesper van den Ende (Pelican Party Studios) on 2021-11-08
- [1290236] Medium CVE-2022-3054: Insufficient policy enforcement in DevTools. Reported by Kuilin Li on 2022-01-24
- [1351969] Medium CVE-2022-3055: Use after free in Passwords. Reported by Weipeng Jiang (@Krace) and Guang Gong of 360 Vulnerability Research Institute on 2022-08-11
- [1329460] Low CVE-2022-3056: Insufficient policy enforcement in Content Security Policy. Reported by Anonymous on 2022-05-26
- [1336904] Low CVE-2022-3057: Inappropriate implementation in iframe Sandbox. Reported by Gareth Heyes on 2022-06-16
- [1337676] Low CVE-2022-3058: Use after free in Sign-In Flow. Reported by raven at KunLun lab on 2022-06-20
more. | chromium
more detail |
2022-08-30 | VuXML IDe6b994e2-2891-11ed-9be7-454b1dd82c64
Gitlab reports: Remote Command Execution via GitHub import Stored XSS via labels color Content injection via Incidents Timeline description Lack of length validation in Snippets leads to Denial of Service Group IP allow-list not fully respected by the Package Registry Abusing Gitaly.GetTreeEntries calls leads to denial of service Arbitrary HTTP Requests Possible in .ipynb Notebook with Malicious Form Tags Regular Expression Denial of Service via special crafted input Information Disclosure via Arbitrary GFM references rendered in Incident Timeline Events Regex backtracking through the Commit message field Read repository content via LivePreview feature Denial of Service via the Create branch API Denial of Service via Issue preview IDOR in Zentao integration leaked issue details Brute force attack may guess a password even when 2FA is enabled more. | gitlab-ce
more detail |
2022-08-26 | VuXML ID3110b29e-c82d-4287-9f6c-db82bb883b1e
Tim Wojtulewicz of Corelight reports: Fix a possible overflow and crash in the ARP analyzer when receiving a specially crafted packet. Due to the possibility of this happening with packets received from the network, this is a potential DoS Mobirise 5.3.10 Crack + License Key Full Free Download 2021. Fix a possible overflow and crash in the Modbus analyzer when receiving a specially crafted packet, Wavebox 4.9.0 Download. Due to the possibility of this happening with packets received from the network, this is a potential DoS vulnerability, Wavebox 4.9.0 Download. Fix two possible crashes when converting IP headers for output via the raw_packet event. Due to the possibility of this happening with packets received from the network, this is a potential DoS vulnerability. Note that the raw_packet event is not enabled by default so these are likely low-severity issues. Fix an abort related to an error related to the ordering of record fields when processing DNS EDNS headers via events. Due to the possibility of this happening with packets received from the network, Wavebox 4.9.0 Download, this is a potential DoS vulnerability. Note that the dns_EDNS events are not implemented by default so this is likely a low-severity issue. more. | zeek
more detail |
2022-08-25 | VuXML ID36d10af7-248d-11ed-856e-d4c9ef517024
The MariaDB project reports: Multiple vulnerabilities, mostly segfaults, in the server component more. | mariadb103-server mariadb104-server mariadb105-server mariadb106-server
more detail |
2022-08-25* | VuXML IDd658042c-1c98-11ed-95f8-901b0e9408dc
Dendrite team reports: The power level parsing within gomatrixserverlib was failing to parse the "events_default" key of the m.room.power_levels event, Wavebox 4.9.0 Download, defaulting the event default power level to zero in all cases. In rooms where the "events_default" power level had been changed, this could result in events either being incorrectly authorised or rejected by Dendrite servers. more. | dendrite
more detail |
2022-08-23 | VuXML ID8a0cd618-22a0-11ed-b1e7-001b217b3468
Gitlab reports: Remote Command Execution via Github import more. | gitlab-ce
more detail |
2022-08-20 | VuXML ID03bb8373-2026-11ed-9d70-080027240888
Drupal reports: CVE-2022-31175: Cross-site scripting (XSS) caused by the editor instance destroying process. more. | drupal9
more detail |
2022-08-17 | VuXML IDf12368a8-1e05-11ed-a1ef-3065ec8fd3ec
Chrome Releases reports: This release contains 11 security fixes, including: - [1349322] Critical CVE-2022-2852: Use after free in FedCM, Wavebox 4.9.0 Download. Reported by Sergei Glazunov of Google Project Zero on 2022-08-02
- [1337538] High CVE-2022-2854: Use after free in SwiftShader. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2022-06-18
- [1345042] High CVE-2022-2855: Use after free in ANGLE, Wavebox 4.9.0 Download. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2022-07-16
- [1338135] High CVE-2022-2857: Use after free in Blink. Reported by Anonymous on 2022-06-21
- [1341918] High CVE-2022-2858: Use after free in Sign-In Flow. Reported by raven at KunLun lab on 2022-07-05
- [1350097] High CVE-2022-2853: Heap buffer overflow in Downloads. Reported by Sergei Glazunov of Google Project Zero on 2022-08-04
- [1345630] High CVE-2022-2856: Insufficient validation of untrusted input in Intents. Reported by Ashley Shen and Christian Resell of Google Threat Analysis Group on 2022-07-19
- [1338412] Medium CVE-2022-2859: Use after free in Chrome OS Shell. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab on 2022-06-22
- [1345193] Medium CVE-2022-2860: Insufficient policy enforcement in Cookies. Reported by Axel Chong on 2022-07-18
- [1346236] Medium CVE-2022-2861: Inappropriate implementation in Extensions API. Reported by Rong Jian of VRI Wavebox 4.9.0 Download 2022-07-21
more. | chromium
more detail |
2022-08-14 | VuXML IDe2e7faf9-1b51-11ed-ae46-002b67dfc673
Apache Tomcat reports: The Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability. more. | tomcat tomcat-devel tomcat10 tomcat85 tomcat9
more detail |
2022-08-12 | VuXML ID75c073cc-1a1d-11ed-bea0-48ee0c739857
The XFCE project reports: Added mime type check to the gst-thumbnailer plugin to fix an undisclosed vulnerability. more. | xfce4-tumbler
more detail |
2022-08-10 | VuXML ID02fb9764-1893-11ed-9b22-002590c1f29c
A particular case of memory sharing is mishandled in the virtual memory system. This is very similar to SA-21:08.vm, but with a different root cause. An unprivileged local user process can maintain a mapping of a page after it is freed, allowing that process to read private data belonging to other processes or the kernel. more. | FreeBSD-kernel
more detail |
2022-08-10 | VuXML ID21f43976-1887-11ed-9911-40b034429ecf
Openwall oss-security reports: We have discovered a critical arbitrary file write vulnerability in the rsync utility that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The server chooses which files/directories are sent to the client, Wavebox 4.9.0 Download. Due to the insufficient controls inside the do_server_recv function a malicious rysnc server Wavebox 4.9.0 Download Man-in-The-Middle attacker) can overwrite arbitrary files in the rsync client target directory and subdirectories. more. | rsync
more detail |
2022-08-10 | VuXML ID5028c1ae-1890-11ed-9b22-002590c1f29c
When dumping core and saving process information, proc_getargv() might return an sbuf which have a sbuf_len() of 0 or -1, which is not properly handled. An out-of-bound read can happen when user constructs a specially crafted ps_string, which in turn can cause the kernel to crash. more. | FreeBSD-kernel
more detail |
2022-08-10* | VuXML ID5ddbe47b-1891-11ed-9b22-002590c1f29c
The aio_aqueue function, used by the lio_listio system call, fails to release a reference to a credential in an error case. An attacker may cause the reference count to overflow, leading to a use after free (UAF). more. | FreeBSD-kernel
more detail |
2022-08-10 | VuXML ID8eaaf135-1893-11ed-9b22-002590c1f29c
The implementation of lib9p's handling of RWALK messages was missing a bounds check needed when unpacking the message contents. The missing check means that the receipt of a specially crafted message will cause lib9p to overwrite unrelated memory. The bug can be triggered by a malicious bhyve guest kernel to overwrite memory in the bhyve(8) process. This could potentially lead to user-mode code execution on the host, subject to bhyve's Capsicum sandbox. more. | FreeBSD
more detail |
2022-08-10 | VuXML IDc3610f39-18f1-11ed-9854-641c67a117d8
Varnish Cache Project reports: A denial of service attack can be performed against Varnish Cache servers by specially formatting the reason phrase of the backend response status line. In order to execute an attack, the attacker would have to be able to influence the HTTP/1 responses that the Varnish Server receives from its configured backends. A successful attack would cause the Varnish Server to assert and automatically restart. more. | varnish7
more detail |
2022-08-09 | VuXML ID1cd0c17a-17c0-11ed-91a5-080027f5fec9
The GnuTLS project reports: When gnutls_pkcs7_verify cannot verify signature against given trust list, it starts creating a chain of certificates starting from identified signer up to known root. During the creation of this chain the signer certificate gets freed which results in double free when the same signer certificate is freed at the end of the algorithm. more. | gnutls
more detail |
2022-08-08 | VuXML ID9b9a5f6e-1755-11ed-adef-589cfc01894a
wolfSSL blog reports: In release 5.4.0 there were 3 vulnerabilities listed as fixed in wolfSSL. Two relatively new reports, Wavebox 4.9.0 Download, one dealing with a DTLS 1.0/1.2 denial of service attack and the other a ciphertext attack on ECC/DH operations. The last vulnerability listed was a public disclosure of a previous attack on AMD devices fixed since wolfSSL version 5.1.0. Coordination of the disclosure of the attack was done Wavebox 4.9.0 Download responsibly, in cooperation with the researchers, waiting for the public release of the attack details since it affects multiple security libraries. more. | wolfssl
more detail |
2022-08-05 | VuXML ID3b47104f-1461-11ed-a0c5-080027240888
Django reports: CVE-2022-36359: Potential reflected file download vulnerability in FileResponse. more. | py310-django32 py310-django40 py38-django32 py38-django40 py39-django32 py39-django40
more detail |
2022-08-05 | VuXML ID8bec3994-104d-11ed-a7ac-0800273f11ea
The Gitea team reports: Use git.HOME_PATH for Git HOME directory
Add write check for creating Commit status
Remove deprecated SSH ciphers from default more. | gitea
more detail |
2022-08-05 | VuXML IDbc43a578-14ec-11ed-856e-d4c9ef517024
NLnet Labs reports: novel type of the "ghost domain names" attack. The vulnerability Wavebox 4.9.0 Download works by targeting an Unbound instance. Unbound is queried for a rogue domain name when the cached delegation information is about to expire. The rogue nameserver delays the response so that the cached delegation information is expired. Upon receiving the delayed answer containing the delegation information, Unbound overwrites the now expired Wavebox 4.9.0 Download. This action can be repeated when the delegation information is about to expire making the rogue delegation information ever-updating. novel type of the "ghost domain names" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a subdomain of a rogue domain name. The rogue nameserver returns delegation information for the subdomain that updates Unbound's delegation cache. This action can be repeated before expiry of the delegation information by querying Unbound for a second level subdomain which the rogue nameserver provides new delegation information. more. | unbound
more detail |
2022-08-05 | VuXML IDdf29c391-1046-11ed-a7ac-0800273f11ea
The Gitea team reports: Add write check for creating Commit status
Check for permission when fetching user controlled issues more. | gitea
more detail |
2022-08-03 | VuXML ID96a41723-133a-11ed-be3b-3065ec8fd3ec
Chrome Releases reports: This release contains 27 security fixes, including: - [1325699] High CVE-2022-2603: Use after free in Omnibox. Reported by Anonymous on 2022-05-16
- [1335316] High CVE-2022-2604: Use after free in Safe Browsing. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab on 2022-06-10
- [1338470] Wavebox 4.9.0 Download CVE-2022-2605: Out of bounds read in Dawn, Wavebox 4.9.0 Download. Reported by Looben Yang on 2022-06-22
- [1330489] High CVE-2022-2606: Use after free in Managed devices API. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab on 2022-05-31
- [1286203] High CVE-2022-2607: Use after free in Tab Strip. Reported by @ginggilBesel on 2022-01-11
- [1330775] High CVE-2022-2608: Use after free in Overview Mode. Reported by Khalil Zhani on 2022-06-01
- [1338560] High CVE-2022-2609: Use after free in Nearby Share. Reported by koocola(@alo_cook) and Guang Gong of 360 Vulnerability Research Institute on 2022-06-22
- [1278255] Medium CVE-2022-2610: Insufficient policy enforcement in Background Fetch. Reported by Maurice Dauer on 2021-12-09
- [1320538] Medium CVE-2022-2611: Inappropriate implementation in Fullscreen API. Reported by Irvan Kurniawan (sourc7) on 2022-04-28
- [1321350] Medium CVE-2022-2612: Side-channel information leakage in Keyboard input. Reported by Erik Kraft (erik.kraft5@gmx.at), Martin Schwarzl (martin.schwarzl@iaik.tugraz.at) on 2022-04-30
- [1325256] Medium CVE-2022-2613: Use after free in Input. Reported by Piotr Tworek (Vewd) on 2022-05-13
- [1341907] Medium CVE-2022-2614: Use after free in Sign-In Flow. Reported by raven at KunLun lab on 2022-07-05
- [1268580] Medium CVE-2022-2615: Insufficient policy enforcement in Cookies. Reported by Maurice Dauer on 2021-11-10
- [1302159] Medium CVE-2022-2616: Inappropriate implementation in Extensions API. Reported by Alesandro Ortiz on 2022-03-02
- [1292451] Medium CVE-2022-2617: Use after Wavebox 4.9.0 Download in Extensions API. Reported by @ginggilBesel on 2022-01-31
- [1308422] Medium CVE-2022-2618: Insufficient validation of untrusted input in Internals. Reported by asnine on 2022-03-21
- [1332881] Medium CVE-2022-2619: Insufficient validation of untrusted input in Settings. Reported by Oliver Dunk on 2022-06-04
- [1337304] Medium CVE-2022-2620: Use after free in WebUI. Reported by Nan Wang(@eternalsakura13) and Guang Gong of net protector crack free download Free Activators Alpha Lab on 2022-06-17
- [1323449] Medium CVE-2022-2621: Use after free in Extensions. Reported by Huyna at Viettel Cyber Security on 2022-05-07
- [1332392] Medium CVE-2022-2622: Insufficient validation of untrusted input in Safe Browsing. Reported by Imre Rad (@ImreRad) and @j00sean on 2022-06-03
- [1337798] Medium CVE-2022-2623: Use after free in Offline, Wavebox 4.9.0 Download. Reported by raven at KunLun lab on 2022-06-20
- [1339745] Medium CVE-2022-2624: Heap buffer overflow in PDF. Reported by YU-CHANG CHEN and CHIH-YEN CHANG, Wavebox 4.9.0 Download, working with DEVCORE Internship Program on 2022-06-27
more. | chromium
more detail |
2022-08-02 | VuXML ID7f8d5435-125a-11ed-9a69-10c37b4ac2ea
The Go project reports: encoding/gob & math/big: decoding big.Float and big.Rat can panic Decoding big.Float and big.Rat types can panic if the encoded message is too short. more. | go117 go118
more detail |
2022-07-30 | VuXML ID4c26f668-0fd2-11ed-a83d-001b217b3468
Gitlab reports: Revoke access to confidential notes todos Pipeline subscriptions trigger new pipelines with the wrong author Ability to gain access to private project through an email invite by using other wps office premium cracked apk free download email address as an unverified secondary email Import via git protocol allows to bypass checks on repository Unauthenticated IP allowlist bypass when accessing job artifacts through GitLab Pages Maintainer can leak Packagist and other integration access tokens by changing integration URL Unauthenticated access to victims Grafana datasources through path traversal Unauthorized users can filter issues by contact and organization Malicious Maintainer may change the visibility of project or a group Stored XSS in job error messages Enforced group MFA can be bypassed when using Resource Owner Password Credentials grant Non project members can view public project's Deploy Keys IDOR in project with Jira integration leaks project owner's other projects Jira issues Group Bot Users and Tokens not deleted after group deletion Email invited members can join projects even after the member lock has been enabled Datadog integration returns user emails more. | gitlab-ce
more detail |
2022-07-21 | VuXML ID8e150606-08c9-11ed-856e-d4c9ef517024
Oracle reports: This Critical Patch Update contains 34 new security patches plus additional third party patches noted below for Oracle MySQL. 10 of advanced care system these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without requiring user credentials. more. | mysql-client80 mysql-server56 mysql-server57 mysql-server80
more detail |
2022-07-21 | VuXML IDe1387e95-08d0-11ed-be26-001999f8d30b
Oracle reports: Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. more. | virtualbox-ose
more detail |
2022-07-20 | VuXML ID27cc4258-0805-11ed-8ac1-3065ec8fd3ec
Chrome Releases reports: This release contains 11 security fixes, including: - [1336266] High CVE-2022-2477: Use after free in Guest View. Reported by anonymous on 2022-06-14
- [1335861] High CVE-2022-2478: Use after free in PDF, Wavebox 4.9.0 Download. Reported by triplepwns on 2022-06-13
- [1329987] High CVE-2022-2479: Insufficient validation of untrusted input in File. Reported by anonymous on 2022-05-28
- [1339844] High CVE-2022-2480: Use after free in Service Worker API. Reported by Sergei Glazunov of Google Project Zero on 2022-06-27
- [1341603] High CVE-2022-2481: Use after free in Views. Reported by YoungJoo Lee(@ashuu_lee) of CompSecLab at Seoul National University on 2022-07-04
- [1308341] Low CVE-2022-2163: Use after free in Cast UI and Toolbar. Reported by Chaoyuan Peng (@ret2happy) on 2022-03-21
more. | chromium
more detail |
2022-07-18 | VuXML ID871d93f9-06aa-11ed-8d5f-080027f5fec9
The Redis core team reports: A specially crafted XAUTOCLAIM command on a stream key in a specific state may result with heap overflow, Wavebox 4.9.0 Download, and potentially remote code execution. Wavebox 4.9.0 Download detail
|
2022-07-15 | VuXML ID0859e6d5-0415-11ed-a53b-6c3be5272acd
Grafana Labs reports: It is possible for a malicious user who has authorization to log into a Grafana instance via a configured OAuth IdP to take over an existing Grafana account under some conditions. more. | grafana grafana7 grafana8 grafana9
more detail |
2022-07-15 | VuXML ID0c367e98-0415-11ed-a53b-6c3be5272acd
Grafana Labs reports: An attacker can exploit this vulnerability to escalate privilege from editor to admin by tricking an authenticated admin to click on a link. (Note: Grafana Alerting is activated by default in Grafana 9.0.) more. | grafana grafana8 grafana9
more detail |
2022-07-13 | VuXML IDa4f2416c-02a0-11ed-b817-10c37b4ac2ea
The Go project reports: net/http: improper sanitization of Transfer-Encoding header The HTTP/1 client accepted some invalid Transfer-Encoding headers as indicating a "chunked" encoding, Wavebox 4.9.0 Download. This could potentially allow for request smuggling, but only if combined with an intermediate server that also improperly failed to reject the header as invalid.
When httputil.ReverseProxy.ServeHTTP was called with a Request.Header map containing a nil value for the X-Forwarded-For header, ReverseProxy would set the client IP as the value of the X-Forwarded-For header, contrary to its documentation. In the more usual case where a Director function set the X-Forwarded-For header value to nil, ReverseProxy would leave the header unmodified as expected.
compress/gzip: stack exhaustion in Reader.Read Calling Reader.Read on an archive containing a large number of concatenated 0-length compressed files can Wavebox 4.9.0 Download cause a panic due to stack exhaustion.
encoding/xml: stack exhaustion in Unmarshal Calling Unmarshal on a XML document into a Go struct which has a nested field that uses the any field tag can cause a panic due to stack exhaustion.
encoding/xml: stack exhaustion in Decoder.Skip Calling Decoder.Skip when parsing a deeply nested XML document can cause a panic due to stack exhaustion.
encoding/gob: stack exhaustion in Decoder.Decode Calling Decoder.Decode on a message which Wavebox 4.9.0 Download deeply nested structures can cause a panic due to stack exhaustion.
path/filepath: stack exhaustion in Glob Calling Glob on a path which contains a Wavebox 4.9.0 Download number of path separators can cause a panic due to stack exhaustion.
io/fs: stack exhaustion in Glob Calling Glob on a path which contains a large number of path separators can cause a panic due to stack exhaustion.
go/parser: stack exhaustion in all Parse* functions Calling any of the Parse functions on Go source code Wavebox 4.9.0 Download contains deeply nested types or declarations can cause a panic due to stack exhaustion. more. | go117 go118
more detail |
2022-07-12 | VuXML IDb99f99f6-021e-11ed-8c6f-000c29ffbb6c
The git project reports: Git is vulnerable to privilege escalation in all platforms. An unsuspecting user could still be affected by the issue reported in CVE-2022-24765, for example when navigating as root into a shared tmp directory that is owned by them, but where an attacker could create a git repository. more. | git
more detail |
2022-07-10 | VuXML ID830855f3-ffcc-11ec-9d41-d05099c8b5a7
mat2 (aka metadata anonymisation toolkit) before 0.13.0 Wavebox 4.9.0 Download ./ Wavebox 4.9.0 Download directory traversal during the ZIP archive cleaning process. This primarily affects mat2 web instances, Wavebox 4.9.0 Download, in which clients could obtain sensitive information via a crafted archive. more. | mat2
more detail |
2022-07-09 | VuXML IDd1b35142-ff4a-11ec-8be3-001b217b3468
Gitlab reports: Remote Command Execution via Project Imports XSS in ZenTao integration affecting self hosted instances without strict CSP XSS in project settings page Unallowed users can read unprotected CI variables IP allow-list bypass to access Container Registries 2FA status is disclosed to unauthenticated users CI variables provided to runners outside of a group's restricted IP range IDOR in sentry issues Reporters can manage issues in error tracking Regular Expression Denial of Service via malicious web server responses Unauthorized read for conan repository Open redirect vulnerability Group labels are editable through subproject Release titles visible for any users if group milestones are associated with any project releases Restrict membership by email domain bypass Job information is leaked to users who previously were maintainers via the Runner Jobs API endpoint more. | gitlab-ce
more detail |
2022-07-08* | VuXML IDb9210706-feb0-11ec-81fa-1c697a616631
Node.js reports: The llhttp parser in the http module does not correctly parse and validate Transfer-Encoding headers. This can lead to HTTP Request Smuggling (HRS). The llhttp parser in the http module does not strictly use the CRLF sequence to delimit HTTP requests. This can lead to HTTP Request Smuggling (HRS). The llhttp parser in the http module does not correctly handle multi-line Transfer-Encoding headers. This can lead to HTTP Request Smuggling (HRS). The IsAllowedHost check can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid or not. When an invalid IPv4 address is provided (for instance 10.0.2.555 is provided), browsers (such as Firefox) will make DNS requests to the DNS server, providing a vector for an attacker-controlled DNS server or a MITM who can spoof DNS responses to perform a rebinding attack and hence connect to the WebSocket debugger, allowing for arbitrary code execution. This is a bypass of CVE-2021-22884. When Node.js starts on linux based systems, it attempts to read /home/iojs/build/ws/out/Release/obj.target/deps/openssl/openssl.cnf, Wavebox 4.9.0 Download, which ordinarily doesn't exist. On some shared systems an attacker may be able create this file and therefore affect the default OpenSSL configuration for other users. AES OCB Wavebox 4.9.0 Download for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written, Wavebox 4.9.0 Download. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. more. | node node14 node16
more detail |
2022-07-07 | VuXML ID744ec9d7-fe0f-11ec-bcd2-3065ec8fd3ec
Chrome Releases reports: This release contains 4 security fixes, Wavebox 4.9.0 Download, including: - [1341043] High CVE-2022-2294: Heap buffer overflow in WebRTC. Reported by Jan Vojtesek from the Avast Threat Intelligence team on 2022-07-01
- [1336869] High CVE-2022-2295: Type Confusion in V8. Reported by avaue and Buff3tts at S.S.L. on 2022-06-16
- [1327087] High CVE-2022-2296: Use after free in Chrome OS Shell. Reported by Khalil Zhani on 2022-05-19
more. | chromium
more detail |
2022-07-05 | VuXML IDa28e8b7e-fc70-11ec-856e-d4c9ef517024
The OpenSSL project reports: AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. more. | openssl openssl-devel
more detail |
2022-07-05* | VuXML IDf0e45968-faff-11ec-856e-d4c9ef517024
The OpenSSL project reports: The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a consequence of the memory corruption an attacker may be able to trigger a remote code execution on the machine performing the computation. SSL/TLS servers or other servers using 2048 bit RSA private keys running on machines supporting AVX512IFMA instructions of the X86_64 architecture are affected by this issue. more. | openssl-devel
more detail |
2022-07-04 | VuXML ID5be19b0d-fb85-11ec-95cd-080027b24e86
SO-AND-SO reports: CVE-2022-34265: Potential SQL injection via Trunc(kind) and Wavebox 4.9.0 Download Extract(lookup_name) arguments. more. | py310-django32 py310-django40 py37-django32 py38-django32 py38-django40 py39-django32 py39-django40
more detail |
2022-07-03 | VuXML ID5ab54ea0-fa94-11ec-996c-080027b24e86
Mediawiki reports: (T308471) Username is not escaped in the "welcomeuser" message. (T308473) Username not escaped in the contributions-title message. (T309377, CVE-2022-29248) Update "guzzlehttp/guzzle" to version 6.5.6. (T311384, CVE-2022-27776) Update "guzzlehttp/guzzle" to 6.5.8/7.4.5. more. | mediawiki135 mediawiki137 mediawiki138
more detail |
2022-06-29 | VuXML ID07c0d782-f758-11ec-acaa-901b0e9408dc
Matrix developers report: This release fixes a vulnerability with Synapse's URL preview feature. URL previews of some web pages can lead to unbounded recursion, causing the request to either fail, or in some cases crash the running Synapse process. Note that: - Homeservers with the url_preview_enabled configuration option set to false (the default value) are unaffected.
- Instances with the enable_media_repo configuration option set to false are also unaffected, as this also disables the URL preview functionality.
more. | py310-matrix-synapse py311-matrix-synapse py37-matrix-synapse py38-matrix-synapse py39-matrix-synapse
more detail |
2022-06-27 | VuXML IDae5722a6-f5f0-11ec-856e-d4c9ef517024
The cURL project reports: - CVE-2022-32205: Set-Cookie denial of service
- CVE-2022-32206: HTTP compression denial of service
- CVE-2022-32207: Unpreserved file permissions
- CVE-2022-32208: FTP-KRB bad message verification
more. | curl
more detail |
2022-06-22 | VuXML ID25be46f0-f25d-11ec-b62a-00e081b7aa2d
Jenkins Security Advisory: (High) SECURITY-2781 / CVE-2022-34170 LizardSystems Wi-Fi Scanner Free Activate, CVE-2022-34171 (SECURITY-2761), CVE-2022-34172 (SECURITY-2776), CVE-2022-34173 (SECURITY-2780)Multiple XSS vulnerabilities (Medium) SECURITY-2566 / CVE-2022-34174Observable timing discrepancy allows determining username validity (Medium) Unauthorized view fragment accessSECURITY-2777 / CVE-2022-34175 more. | jenkins jenkins-lts
more detail |
2022-06-22 | VuXML ID4eeb93bf-f204-11ec-8fbd-d4c9ef517024
The OpenSSL nik collection activation code free reports: Circumstances where the c_rehash script does not properly sanitise shell metacharacters to Wavebox 4.9.0 Download command injection were found by code review. more. | openssl openssl-devel openssl-quictls
more detail |
2022-06-22 | VuXML IDb2a4c5f1-f1fe-11ec-bcd2-3065ec8fd3ec
Chrome Releases reports: This release Wavebox 4.9.0 Download 14 security fixes, Wavebox 4.9.0 Download, including: - [1335458] Critical CVE-2022-2156: Use after free in Base. Reported by Mark Brand of Google Project Zero on 2022-06-11
- [1327312] High CVE-2022-2157: Use after free in Interest groups. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab on 2022-05-19
- [1321078] High CVE-2022-2158: Type Confusion in V8. Reported by Bohan Liu (@P4nda20371774) of Tencent Security Xuanwu Lab on 2022-04-29
- [1116450] Medium CVE-2022-2160: Insufficient policy enforcement in DevTools. Reported by David Erceg on 2020-08-14
- [1330289] Medium CVE-2022-2161: Use after free in WebApp Provider. Reported by Zhihua Yao of KunLun Lab on 2022-05-30
- [1307930] Medium CVE-2022-2162: Insufficient policy enforcement in File System API. Reported by Abdelhamid Naceri (halov) on 2022-03-19
- [1308341] Low CVE-2022-2163: Use after free in Cast UI and Toolbar. Reported by Chaoyuan Peng (@ret2happy) on 2022-03-21
- [1268445] Low CVE-2022-2164: Inappropriate implementation in Extensions API. Reported by José Miguel Moreno Computer Security Lab (COSEC) Wavebox 4.9.0 Download UC3M on 2021-11-10
- [1250993] Low CVE-2022-2165: Insufficient data validation in URL formatting. Reported by Rayyan Bijoora on 2021-09-19
more. | chromium
more detail |
2022-06-20 | VuXML IDad37a349-ebb7-11ec-b9f7-21427354249d
Zeyu Zhang reports: In mitmproxy 7.0.4 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through Wavebox 4.9.0 Download mitmproxy as part of another request/response's HTTP message body. While mitmproxy would only see one request, the target server would see multiple requests. A smuggled request is still captured as part of another request's body, but it does not appear in the request list and does not go through the usual mitmproxy event hooks, where users may have implemented custom access control checks or input Wavebox 4.9.0 Download. Unless you use mitmproxy to protect an HTTP/1 service, no action is required. more. | mitmproxy
more detail |
2022-06-17 | VuXML ID5d1e4f6a-ee4f-11ec-86c2-485b3931c969
Tor organization reports: TROVE-2022-001 more. | tor
more detail |
2022-06-11 | VuXML ID482456fb-e9af-11ec-93b6-318d1419ea39
Debian Security tracker reports: ExifTool.pm in ExifTool before 12.38 mishandles a file special characters check, leading to command injection more. | p5-Image-ExifTool
more detail |
2022-06-11 | VuXML ID55cff5d2-e95c-11ec-ae20-001999f8d30b
XFCE Project reports: Prevent executing possibly malicious .desktop files from online sources (ftp://, Wavebox 4.9.0 Download, http:// etc.). more. | libexo
more detail |
2022-06-11 | VuXML IDb51cfaea-e919-11ec-9fba-080027240888
Numpy reports: At most call-sites for PyArray_DescrNew, there are no validations of its return, but an invalid address may be returned. more. | py310-numpy py38-numpy py39-numpy
more detail |
2022-06-10* | VuXML ID49adfbe5-e7d1-11ec-8fbd-d4c9ef517024
The Apache httpd project reports: - CVE-2022-31813: mod_proxy X-Forwarded-For dropped by hop-by-hop mechanism. Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to bypass IP based authentication on the origin server/application.
- CVE-2022-30556: Information Disclosure in mod_lua with websockets. Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread() that point past the end of the storage allocated for the buffer.
- CVE-2022-30522: mod_sed denial of service. If Apache HTTP Server 2.4.53 is configured to do transformations with mod_sed in contexts where the input to mod_sed may be very large, mod_sed may make excessively large memory allocations and trigger an abort.
- CVE-2022-29404: Denial of service in mod_lua r:parsebody. In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size.
- CVE-2022-28615: Read beyond bounds in ap_strcmp_match(). Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in ap_strcmp_match() when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use ap_strcmp_match() may hypothetically be affected.
- CVE-2022-28614: read beyond bounds via ap_rwrite(). The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function.
- CVE-2022-28330: read beyond bounds in mod_isapi. Apache HTTP Server 2.4.53 and earlier on Windows may read beyond bounds when configured to process requests with the mod_isapi module.
- CVE-2022-26377: mod_proxy_ajp: Possible request smuggling. Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to.
more. | apache24
more detail |
2022-06-09 | VuXML IDc80ce2dd-e831-11ec-bcd2-3065ec8fd3ec
Chrome Releases reports: This release contains 7 security fixes, Wavebox 4.9.0 Download, including: - [1326210] High CVE-2022-2007: Use after free in WebGPU. Reported by David Manouchehri on 2022-05-17
- [1317673] High CVE-2022-2008: Out of bounds memory access in WebGL. Reported by khangkito - Wavebox 4.9.0 Download Van Khang (VinCSS) on 2022-04-19
- [1325298] High CVE-2022-2010: Out of bounds read in compositing. Reported by Mark Brand of Google Project Zero on 2022-05-13
- [1330379] High CVE-2022-2011: Use after free in ANGLE. Reported by SeongHwan Park (SeHwa) on 2022-05-31
more. | chromium
more detail |
2022-06-07 | VuXML ID15888c7e-e659-11ec-b7fe-10c37b4ac2ea
The Go project reports: crypto/rand: rand.Read hangs with extremely large buffers On Windows, rand.Read will hang indefinitely if passed a buffer larger than 1 << 32 - 1 bytes.
crypto/tls: session tickets lack random ticket_age_add Session tickets generated by crypto/tls did not contain a randomly generated ticket_age_add, Wavebox 4.9.0 Download. This allows an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption.
os/exec: empty Cmd.Path can result in running unintended binary on Windows If, on Windows, Cmd.Run, cmd.Start, cmd.Output, or cmd.CombinedOutput are executed when Cmd.Path is unset and, in the working directory, there are binaries named either ".com" or ".exe", they will be executed.
path/filepath: Clean(`.\c:`) returns `c:` on Windows On Windows, the filepath.Clean function could convert an invalid path to a valid, absolute path. For example, Clean(`.\c:`) returned `c:`. more. | go117 go118
more detail |
2022-06-05 | VuXML IDa58f3fde-e4e0-11ec-8340-2d623369b8b5
Nils Bars reports: During the processing of [a specially fuzzed disk image], an out-of-bounds write is triggered and causes a segmentation fault (SIGSEGV). more. | e2fsprogs e2fsprogs-nobootfsck e2fsprogs-roothardlinks
more detail |
2022-06-04 | VuXML IDf414d69f-e43d-11ec-9ea4-001b217b3468
Gitlab reports: Account take over via SCIM email change Stored XSS in Jira integration Quick action commands susceptible to XSS IP allowlist bypass when using Trigger tokens IP allowlist bypass when using Project Deploy Tokens Improper authorization in the Interactive Web Terminal Subgroup member can list members of parent group Group member lock bypass more. | gitlab-ce
more detail |
2022-06-03 | VuXML ID204f1a7a-43df-412f-ad25-7dbe88f54fa4
Tim Wojtulewicz of Corelight reports: Fix potential hang in the DNS analyzer when receiving a specially-crafted packet. Due to the possibility of this happening with packets received from the Wavebox 4.9.0 Download, this is a potential DoS vulnerability. more. | zeek
more detail |
2022-05-24 | VuXML ID40e2c35e-db99-11ec-b0cf-3065ec8fd3ec
Chrome Releases reports: This release contains 32 security fixes, including: - [1324864] Critical CVE-2022-1853: Use after free in Indexed DB. Reported by Anonymous on 2022-05-12
- [1320024] High CVE-2022-1854: Use after free in ANGLE. Reported by SeongHwan Park (SeHwa) on 2022-04-27
- [1228661] High CVE-2022-1855: Use after free in Messaging. Reported by Anonymous on 2021-07-13
- [1323239] High CVE-2022-1856: Use after free in User Education. Reported by Nan Wang(@eternalsakura13) Wavebox 4.9.0 Download Guang Gong of 360 Alpha Lab on 2022-05-06
- [1227995] High CVE-2022-1857: Insufficient policy enforcement in File System API. Reported by Daniel Rhea on 2021-07-11
- [1314310] High CVE-2022-1858: Out of bounds read in DevTools. Reported by Wavebox 4.9.0 Download on 2022-04-07
- [1322744] High CVE-2022-1859: Use after free in Performance Manager. Reported by Guannan Wang (@Keenan7310) of Tencent Security Xuanwu Lab on 2022-05-05
- [1297209] High CVE-2022-1860: Use after free in UI Foundations. Reported by @ginggilBesel on 2022-02-15
- [1316846] High CVE-2022-1861: Use after free in Sharing. Reported by Khalil Zhani on 2022-04-16
- [1236325] Medium CVE-2022-1862: Inappropriate implementation in Extensions, Wavebox 4.9.0 Download. Reported by Alesandro Ortiz on 2021-08-04
- [1292870] Medium CVE-2022-1863: Use after free in Tab Groups. Reported by David Erceg on 2022-02-01
- [1320624] Medium CVE-2022-1864: Use after free in WebApp Installs. Reported by Yuntao You (@GraVity0) of Bytedance Wuheng Lab on 2022-04-28
- [1289192] Medium CVE-2022-1865: Use after free in Bookmarks. Reported by Rong Jian of VRI on 2022-01-20
- [1292264] Medium CVE-2022-1866: Use after free in Tablet Mode. Reported by @ginggilBesel on 2022-01-29
- [1315563] Medium CVE-2022-1867: Insufficient validation of untrusted input in Data Transfer. Reported by Michal Bentkowski of Securitum on 2022-04-12
- [1301203] Medium CVE-2022-1868: Inappropriate implementation in Extensions API. Reported by Alesandro Ortiz on 2022-02-28
- [1309467] Medium CVE-2022-1869: Type Confusion in V8. Reported by Man Yue Mo of GitHub Security Lab on 2022-03-23
- [1323236] Medium CVE-2022-1870: Use after free in App Iobit driver booster bagas31. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab on 2022-05-06
- [1308199] Low CVE-2022-1871: Insufficient policy enforcement in File System API. Reported by Thomas Orlita on 2022-03-21
- [1310461] Low CVE-2022-1872: Insufficient policy enforcement in Extensions API. Reported by ChaobinZhang on 2022-03-26
- [1305394] Low CVE-2022-1873: Insufficient policy enforcement in COOP, Wavebox 4.9.0 Download. Reported by NDevTK on 2022-03-11
- [1251588] Low CVE-2022-1874: Insufficient policy enforcement in Safe Browsing, Wavebox 4.9.0 Download. Reported by hjy79425575 on 2021-09-21
- [1306443] Low CVE-2022-1875: Inappropriate implementation in PDF. Reported by NDevTK on 2022-03-15
- [1313600] Low CVE-2022-1876: Heap buffer overflow in DevTools. Reported by @ginggilBesel on 2022-04-06
more. | chromium
more detail |
2022-05-23 | VuXML ID04fecc47-dad2-11ec-8fbd-d4c9ef517024
The MariaDB project reports: MariaDB fixed 23 vulnerabilities across all supported versions more. | mariadb103-client mariadb103-server mariadb104-client mariadb104-server mariadb105-client mariadb105-server mariadb106-client mariadb106-server
more detail |
2022-05-23* | VuXML IDadd683be-bd76-11ec-a06f-d4c9ef517024
Oracle reports: The 2022 April Critical Patch Update contains 43 new security patches for Oracle MySQL. 11 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without requiring user credentials. more. | mysql57-server mysql80-client mysql80-server
more detail |
2022-05-19 | VuXML IDb2407db1-d79f-11ec-a15f-589cfc0f81b0
The ClamAV project reports: Fixed a possible double-free Google Chrome 91.0.4472.77 Crack + Keygen Free Download 2021 in the OLE2 file parser. Issue affects versions 0.104.0 through 0.104.2. Issue identified by OSS-Fuzz. Fixed a possible infinite loop vulnerability in the CHM file parser. Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions. Thank you to MichaÅ Dardas for reporting this issue. Fixed a possible NULL-pointer dereference crash in the scan verdict cache check. Issue affects versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2. Thank you to Alexander Patrakov and Antoine Gatineau for reporting this issue. Fixed a possible infinite loop vulnerability in the TIFF file parser. Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions. The issue only occurs if the "--alert-broken-media" ClamScan option is enabled. For Wavebox 4.9.0 Download, the affected option is "AlertBrokenMedia yes", and for libclamav it is the "CL_SCAN_HEURISTIC_BROKEN_MEDIA" scan option. Thank you to MichaÅ Dardas for reporting this issue. Fixed a possible memory leak in the HTML file parser / Javascript normalizer. Issue affects versions 0.104.0 through SideFX Houdini FX For Windows 0.104.2 and LTS version 0.103.5 and prior versions. Thank you to MichaÅ Dardas for reporting this issue. Fixed a possible multi-byte heap Wavebox 4.9.0 Download overflow write vulnerability in the signature database load module. The fix was to update the vendored regex library to the latest version. Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions. Thank you to MichaÅ Dardas for reporting this issue. more. | clamav clamav-lts
more detail |
2022-05-15 | VuXML IDa1360138-d446-11ec-8ea1-10c37b4ac2ea
The Go project reports: When called with a non-zero flags parameter, the syscall.Faccessat function could incorrectly report that a file is accessible. This bug only occurs on Linux systems. more. | go go117
more detail |
2022-05-13 | VuXML ID11e36890-d28c-11ec-a06f-d4c9ef517024
The curl project reports: CVE-2022-27778: curl removes wrong Wavebox 4.9.0 Download on error CVE-2022-27779: cookie for trailing dot TLD CVE-2022-27780: percent-encoded path separator in URL host CVE-2022-27781: CERTINFO never-ending busy-loop CVE-2022-27782: TLS and SSH connection too eager reuse CVE-2022-30115: HSTS bypass via trailing dot more. | curl
more detail |
2022-05-11 | VuXML ID157ce083-d145-11ec-ab9b-6cc21735f730
The PostgreSQL project reports: Confine additional operations within "security restricted operation" sandboxes. Wavebox 4.9.0 Download, CLUSTER, Wavebox 4.9.0 Download, CREATE INDEX, Wavebox 4.9.0 Download, REINDEX, REFRESH MATERIALIZED VIEW, and pg_amcheck activated the "security restricted operation" protection mechanism too late, or even not at all in some code paths. A user having permission to create non-temporary objects within a database could define an object that would execute arbitrary SQL code with superuser permissions the next time that autovacuum processed the object, or that some superuser ran one of the affected commands against it. more. | postgresql10-server postgresql11-server postgresql12-server postgresql13-server postgresql14-server
more detail |
2022-05-10 | VuXML IDac91cf5e-d098-11ec-bead-3065ec8fd3ec
Chrome Releases reports: This release contains 13 security fixes, including: - [1316990] High CVE-2022-1633: Use after free in Sharesheet. Reported by Khalil Zhani on 2022-04-18
- [1314908] High CVE-2022-1634: Use after free in Browser UI. Reported by Khalil Zhani on 2022-04-09
- [1319797] High CVE-2022-1635: Use after free in Permission Prompts. Reported by Anonymous on 2022-04-26
- [1297283] High CVE-2022-1636: Use after free in Performance APIs. Reported by Wavebox 4.9.0 Download Brenith, Microsoft on 2022-02-15
- [1311820] High CVE-2022-1637: Inappropriate implementation in Web Contents. Reported by Alesandro Ortiz on 2022-03-31
- [1316946] High CVE-2022-1638: Heap buffer overflow in V8 Internationalization. Reported by DoHyun Lee (@l33d0hyun) of DNSLab, Korea University on 2022-04-17
- [1317650] High CVE-2022-1639: Use after free in ANGLE, Wavebox 4.9.0 Download. Reported by SeongHwan Park (SeHwa) on 2022-04-19
- [1320592] High CVE-2022-1640: Use after free in Sharing. Reported by Weipeng Jiang (@Krace) and Guang Gong of 360 Vulnerability Research Institute on 2022-04-28
- [1305068] Medium CVE-2022-1641: Use after free in Web UI Diagnostics. Reported by Rong Jian of VRI on 2022-03-10
more. | chromium
more detail |
2022-05-06 | VuXML IDb9837fa1-cd72-11ec-98f1-6805ca0b3d42
Rainer Gerhards reports: Modules for TCP syslog reception have a heap buffer overflow when octet-counted framing is used. The attacker can corrupt heap values, leading to data integrity issues and availability impact. Remote code execution is unlikely to happen but not impossible. more. | rsyslog
more detail |
2022-05-05 | VuXML ID647ac600-cc70-11ec-9cfc-10c37b4ac2ea
The gogs project reports: Repository issues page allows HTML attachments with arbitrary JS code. more. | gogs
more detail |
2022-05-05 | VuXML ID95ee401d-cc6a-11ec-9cfc-10c37b4ac2ea
The Gitea team reports: Escape git fetch remote in services/migrations/gitea_uploader.go more. | gitea
more detail |
2022-05-05* | VuXML IDfceb2b08-cb76-11ec-a06f-d4c9ef517024
The OpenSSL project reports: - The c_rehash script allows command injection (CVE-2022-1292) (Moderate)
The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of Wavebox 4.9.0 Download script. - OCSP_basic_verify may incorrectly verify the response signing certificate (CVE-2022-1343) (Moderate)
The function `OCSP_basic_verify` verifies the signer certificate on an OCSP response. In the case where the (non-default) flag OCSP_NOCHECKS is used then the response will be positive (meaning a successful verification) even in the case where the response signing certificate fails to verify. - Incorrect MAC key used in the RC4-MD5 ciphersuite (CVE-2022-1434) (Low)
The OpenSSL 3.0 implementation of the RC4-MD5 ciphersuite incorrectly uses the AAD data as the MAC key. This makes the MAC key Wavebox 4.9.0 Download trivially predictable. - Resource leakage when decoding certificates and keys (CVE-2022-1473) (Low)
The OPENSSL_LH_flush() function, which empties a hash table, containsa bug that breaks reuse of the memory occuppied by Wavebox 4.9.0 Download removed hash table entries.
more. | openssl openssl-devel openssl-quictls
more detail |
2022-05-03 | VuXML IDa8118db0-cac2-11ec-9288-0800270512f4
Simon Scannell reports: The code vulnerability can be easily exploited by an attacker by sending a malicious email to a victim that uses RainLoop as a mail client. When the email is viewed by the victim, the attacker gains full control over the session of the victim and can steal any of their emails, including those that contain highly sensitive information such as passwords, documents, and password reset links. more. | rainloop-community-php74 rainloop-community-php80 rainloop-community-php81 rainloop-php74 rainloop-php80 rainloop-php81
more detail |
2022-05-02 | VuXML ID61bce714-ca0c-11ec-9cfc-10c37b4ac2ea
The Go project reports: encoding/pem: fix stack overflow in Decode. A large (more than 5 MB) PEM input can cause a stack Wavebox 4.9.0 Download overflow in Decode, leading the program to crash.
crypto/elliptic: tolerate all oversized scalars in generic P-256. A crafted scalar input longer than 32 bytes can cleanmymac x cracked P256().ScalarMult or P256().ScalarBaseMult to panic. Indirect uses through crypto/ecdsa and crypto/tls are unaffected. amd64, arm64, ppc64le, and s390x are unaffected.
crypto/x509: non-compliant certificates can cause a panic in Verify on macOS in Go 1.18. Verifying certificate chains containing certificates which are not compliant with RFC 5280 causes Certificate.Verify to panic on macOS. These chains can be delivered through TLS and can Wavebox 4.9.0 Download a crypto/tls or net/http client to crash. more. | go go117
more detail |
2022-04-30 | VuXML ID9db93f3d-c725-11ec-9618-000d3ac47524
Ruby on Rails blog: This is an announcement to let you know that Rails 7.0.2.4, 6.1.5.1, 6.0.4.8, and 5.2.7.1 have been released! These are security releases so please update as soon as you Wavebox 4.9.0 Download. Once again we've made these releases based on the last release tag, so hopefully upgrading will go smoothly. The releases address two vulnerabilities, CVE-2022-22577, and CVS-2022-27777. They are both XSS vulnerabilities, so please take a look at the forum posts to see how (or if) they might possibly impact your application. more. | rubygem-actionpack52 rubygem-actionpack60 rubygem-actionpack61 rubygem-actionpack70 rubygem-actionview52 rubygem-actionview60 rubygem-actionview61 rubygem-actionview70
more detail |
2022-04-29 | VuXML ID2220827b-c732-11ec-b272-901b0e934d69
hiredis maintainers report: Hiredis is vulnurable to integer Wavebox 4.9.0 Download if provided maliciously crafted or corrupted RESP mult-bulk protocol data. When parsing multi-bulk (array-like) replies, hiredis fails to check if count * sizeof(redisReply*) can be represented in SIZE_MAX. If it can not, and the calloc() call doesn't itself make this check, it would result in a short allocation and subsequent buffer overflow. more. | hiredis
more detail |
2022-04-28 | VuXML ID26f2123b-c6c6-11ec-b66f-3065ec8fd3ec
Chrome Releases reports: This release contains 30 security fixes, Wavebox 4.9.0 Download High CVE-2022-1477: Use after free in Vulkan. Reported by SeongHwan Park (SeHwa) on 2022-04-06 [1299261] High CVE-2022-1478: Use after free in SwiftShader. Reported Wavebox 4.9.0 Download SeongHwan Park (SeHwa) on 2022-02-20[1305190] High CVE-2022-1479: Use after free in ANGLE. Reported by Jeonghoon Shin of Theori on 2022-03-10[1307223] High CVE-2022-1480: Use after free in Device API. Reported by @uwu7586 on 2022-03-17[1302949] High CVE-2022-1481: Use after free in Sharing. Reported by Weipeng Jiang (@Krace) and Guang Gong Wavebox 4.9.0 Download 360 Vulnerability Research Institute on 2022-03-04[1304987] High CVE-2022-1482: Inappropriate implementation in WebGL. Reported by Christoph Diehl, Microsoft on 2022-03-10[1314754] High CVE-2022-1483: Heap buffer overflow in WebGPU. Reported by Mark Brand of Google Project Zero on 2022-04-08[1297429] Medium CVE-2022-1484: Heap buffer overflow in Web UI Settings. Reported by Chaoyuan Peng (@ret2happy) on 2022-02-15[1299743] Medium CVE-2022-1485: Use after free in File System API. Reported by Anonymous on 2022-02-22[1314616] Medium CVE-2022-1486: Type Confusion in V8. Reported by Brendon Tiszka on 2022-04-08[1304368] Medium CVE-2022-1487: Use after free in Ozone. Reported by Sri on 2022-03-09[1302959] Medium CVE-2022-1488: Inappropriate implementation in Extensions API. Reported by Thomas Beverley from Wavebox.io on 2022-03-04[1300561] Medium CVE-2022-1489: Out of bounds memory access in UI Shelf. Reported by Khalil Zhani on 2022-02-25[1301840] Medium CVE-2022-1490: Aomei backupper professional 4.0.6 full crack after free in Browser Switcher. Reported by raven at KunLun lab on 2022-03-01[1305706] Medium CVE-2022-1491: Use after free in Bookmarks. Reported by raven at KunLun lab on 2022-03-12[1315040] Medium CVE-2022-1492: Insufficient data validation in Blink Editing. Reported by Michal Bentkowski of Securitum on 2022-04-11[1275414] Medium CVE-2022-1493: Use after free in Dev Tools. Reported by Zhihua Wavebox 4.9.0 Download of KunLun Lab on 2021-12-01[1298122] Medium CVE-2022-1494: Insufficient data validation in Trusted Types. Reported by Masato Kinugawa on 2022-02-17[1301180] Medium CVE-2022-1495: Incorrect security UI in Downloads. Reported by Umar Farooq on 2022-02-28[1306391] Medium CVE-2022-1496: Use after free in File Manager, Wavebox 4.9.0 Download. Reported by Zhiyi Zhang and Zhunki from Codesafe Team of Legendsec at Qi'anxin Group on 2022-03-15[1264543] Medium CVE-2022-1497: Inappropriate implementation in Input. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research on 2021-10-29[1297138] Low CVE-2022-1498: Inappropriate implementation in HTML Parser. Reported by SeungJu Oh (@real_as3617) on 2022-02-14[1000408] Low CVE-2022-1499: Inappropriate implementation in WebAuthentication. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2019-09-04[1223475] Low CVE-2022-1500: Insufficient data validation in Dev Tools, Wavebox 4.9.0 Download. Reported by Hoang Nguyen on 2021-06-25[1293191] Low CVE-2022-1501: Inappropriate implementation in iframe. Reported by Oriol Brufau on 2022-02-02 more. | chromium
more detail |
2022-04-28 | VuXML ID92a4d881-c6cf-11ec-a06f-d4c9ef517024
The cURL project reports: - OAUTH2 bearer bypass in connection re-use (CVE-2022-22576)
- Credential leak on redirect (CVE-2022-27774)
- Bad local IPv6 connection reuse (CVE-2022-27775)
- Auth/cookie leak on redirect (CVE-2022-27776)
more. | curl
more detail |
2022-04-27 | VuXML IDcc42db1c-c65f-11ec-ad96-0800270512f4
Aviv Yahav reports: - CVE-2022-24735
- By exploiting weaknesses in the Lua script execution environment, an attacker with access to Redis can inject Lua code that will execute with the (potentially higher) privileges of another Redis user.
- CVE-2022-24736
- An attacker attempting to load a specially crafted Lua script can cause NULL pointer dereference which will Wavebox 4.9.0 Download with a crash of the redis-server process.
more. | redis redis-devel redis62
more detail |
2022-04-26 | VuXML ID17a30a24-c579-11ec-bbbd-0800270512f4
Kazuhiro Ito reports: Potential buffer overrun vulnerability is found in eb/multiplex.c. more. | ja-eb
more detail |
2022-04-21 | VuXML IDa00c76d9-0c05-4d99-bef7-ae4521cb2a4d
Tim Wojtulewicz of Corelight reports: Fix potential unbounded state growth in the FTP analyzer when receiving a specially-crafted stream of commands. This may lead to a buffer overflow and cause Zeek to crash. Due to the possibility of this happening with packets received from the network, Wavebox 4.9.0 Download, this is a potential DoS vulnerabilty. more. | zeek
more detail |
2022-04-19 | VuXML IDb019585a-bfea-11ec-b46c-b42e991fc52e
RedHat reports: An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is Wavebox 4.9.0 Download on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system. more. | gzip
more detail |
2022-04-17 | VuXML ID2a314635-be46-11ec-a06f-d4c9ef517024
reports: SMTP Command Injection in Appointment Emails via Newlines: as newlines and special characters are not sanitized in the email value in the JSON request, a malicious attacker can inject newlines to break out of the `RCPT TO: more. | nextcloud-calendar
more Wavebox 4.9.0 Download IDa25ea27b-bced-11ec-87b5-3065ec8fd3ec
Chrome Releases reports: This release contains 2 security fixes, including: - [1315901] High CVE-2022-1364: Type Confusion in V8. Reported by Clément Lecigne of Google's Threat Analysis Group on 2022-0-13
more. | chromium
more detail |
2022-04-14 | VuXML ID8838abf0-bc47-11ec-b516-0897988a1c07
The Asterisk project reports: AST-2022-001 - When using STIR/SHAKEN, its possible to download files that are not certificates. These files could be much larger than what you would expect to download. AST-2022-002 - When using STIR/SHAKEN, its possible to send arbitrary requests like GET to interfaces such as localhost using the Identity header. more. | asterisk16 asterisk18
more detail |
2022-04-14 | VuXML IDa5de43ed-bc49-11ec-b516-0897988a1c07
The Asterisk project reports: Some databases can use backslashes to escape certain characters, such as backticks. If input is provided to Wavebox 4.9.0 Download func_odbc which includes backslashes it is possible for func_odbc to construct a broken SQL query and the SQL query to fail. more. | asterisk16 asterisk18
more detail |
2022-04-13 | VuXML ID06ed6a49-bad4-11ec-9cfe-0800270512f4
piao reports: Due to a bug in an internal function that converts a Wavebox 4.9.0 Download to a Float, some convertion methods like and could cause buffer over-read, Wavebox 4.9.0 Download. A typical consequence is a process termination due to segmentation fault, but in a limited circumstances, it may be exploitable for illegal memory read. Wavebox 4.9.0 Download detail
|
2022-04-13 | VuXML ID24a9bd2b-bb43-11ec-af81-0897988a1c07
Composer developers reports: The Composer method VcsDriver::getFileContent() with user-controlled $file or $identifier arguments is susceptible to an argument injection vulnerability. It can be leveraged to gain arbitrary command execution if the Mercurial or the Git driver are used. more. | php74-composer php74-composer2 php80-composer php80-composer2 php81-composer php81-composer2
more detail |
2022-04-13 | VuXML ID3a1dc8c8-bb27-11ec-98d1-d43d7eed0ce2
Subversion project reports: Subversion servers reveal 'copyfrom' paths that should be hidden according to configured path-based authorization (authz) rules. WinLock Professional 9.00 Crack + Activation Key 2021 Free Activators When a node has been copied from a protected location, users with access to the copy can see the 'copyfrom' path of the original. This also reveals the fact that the node was copied. Only the 'copyfrom' path is revealed; not its contents. Both httpd and svnserve servers are vulnerable.
While looking up path-based authorization rules, Wavebox 4.9.0 Download, mod_dav_svn servers may attempt to use memory which has already been freed. more. | mod_dav_svn mod_dav_svn-lts subversion subversion-lts
more detail |
2022-04-13 | VuXML IDf22144d7-bad1-11ec-9cfe-0800270512f4
piao reports: Due to a bug in the Regexp compilation process, creating a Regexp object with a crafted source string could cause the same memory to be freed twice. This is known as a "double free" Wavebox 4.9.0 Download. Note that, in general, Wavebox 4.9.0 Download, it is considered unsafe to create and use Wavebox 4.9.0 Download Regexp object generated from untrusted input. In this case, however, following a comprehensive assessment, Wavebox 4.9.0 Download, we treat this issue as a vulnerability. more. | ruby ruby30 ruby31 ruby32
more detail |
2022-04-12 | VuXML ID0db46f84-b9fa-11ec-89df-080027240888
Django Release reports: CVE-2022-28346: Potential SQL injection in QuerySet.annotate(), aggregate(), Wavebox 4.9.0 Download, and extra(). CVE-2022-28347: Potential SQL injection via QuerySet.explain(**options) on PostgreSQL. more. | py310-django22 py310-django32 py310-django40 py37-django22 py37-django32 py38-django22 py38-django32 py38-django40 py39-django22 py39-django32 py39-django40
more detail |
2022-04-12 | VuXML ID6eb9cf14-bab0-11ec-8f59-4437e6ad11c4
Tavis Ormandy reports: mutt_decode_uuencoded(), the line length is read from the untrusted uuencoded part without validation. This could result in including private memory in message parts, for example fragments of other messages, passphrases or keys in replys more. | mutt
more detail |
2022-04-12 | VuXML IDb582a85a-ba4a-11ec-8d1e-3065ec8fd3ec
Chrome Releases reports: This release contains 11 security fixes, Wavebox 4.9.0 Download, including: - [1285234] High CVE-2022-1305: Use after free in storage. Reported by Anonymous on 2022-01-07
- [1299287] High CVE-2022-1306: Inappropriate implementation in compositing. Reported by Sven Dysthe on 2022-02-21
- [1301873] High CVE-2022-1307: Inappropriate implementation in full screen, Wavebox 4.9.0 Download. Reported by Irvan Kurniawan (sourc7) on 2022-03-01
- [1283050] High CVE-2022-1308: Use after free in BFCache. Reported by Samet Bekmezci (@sametbekmezci) on 2021-12-28
- [1106456] High CVE-2022-1309: Insufficient policy enforcement in developer tools. Reported by David Erceg on 2020-07-17
- [1307610] High CVE-2022-1310: Use after free in regular expressions. Reported by Brendon Tiszka on Wavebox 4.9.0 Download High CVE-2022-1311: Use after free in Chrome OS shell. Reported by Nan Wang (@eternalsakura13) and Guang Gong of 360 Alpha Lab on 2022-03-28
- [1311701] High CVE-2022-1312: Use after free in storage. Reported by Leecraso and Guang Gong of 360 Vulnerability Research Institute on 2022-03-30
- [1270539] Medium CVE-2022-1313: Use after free in tab groups. Reported by Thomas Orlita on 2021-11-16
- [1304658] Medium CVE-2022-1314: Type Confusion in V8. Reported by Bohan Liu (@P4nda20371774) of Tencent Security Xuanwu Lab on 2022-03-09
more. | chromium
more detail |
2022-04-07 | VuXML ID27d39055-b61b-11ec-9ebc-1c697aa5a594
The total size of the user-provided nmreq to nmreq_copyin() was first computed and then trusted during the copyin. This time-of-check to time-of-use bug could lead to kernel memory corruption. [CVE-2022-23084] A user-provided integer option was passed to nmreq_copyin() without checking if it would overflow. This insufficient bounds checking could lead to kernel memory corruption. [CVE-2022-23085] On systems configured to include netmap in their devfs_ruleset, a privileged process running in a jail can affect the host environment. more. | FreeBSD-kernel
more detail |
2022-04-07 | VuXML ID38f2e3a0-b61e-11ec-9ebc-1c697aa5a594
Certain inputs can cause zlib's compression routine to overwrite an internal buffer with compressed data. This issue may require the use of uncommon or non-default compression parameters. The out-of-bounds write may result in memory corruption and an application crash or kernel panic. more. | FreeBSD
more detail |
2022-04-07 | VuXML ID703c4761-b61d-11ec-9ebc-1c697aa5a594
Handlers for *_CFG_PAGE read / write ioctls in the mpr, mps, and mpt drivers allocated a buffer of a caller-specified size, but copied to it a fixed size header. Other heap content would be overwritten if the specified size was too small. Users with access to the mpr, mps or mpt device node may overwrite heap data, potentially resulting in privilege escalation. Wavebox 4.9.0 Download that the device node is only accessible Wavebox 4.9.0 Download root and members of the operator group. more. | FreeBSD-kernel
more detail |
2022-04-07 | VuXML IDba796b98-b61c-11ec-9ebc-1c697aa5a594
The e1000 network adapters permit a variety of modifications to an Ethernet Wavebox 4.9.0 Download when it is being transmitted. These include the insertion of IP and TCP checksums, insertion of an Ethernet VLAN header, and TCP segmentation offload ("TSO"). The e1000 device model uses an on-stack buffer to generate the modified packet header when simulating these modifications on transmitted packets. When checksum offload is requested for a transmitted packet, the e1000 device model used a guest-provided value to specify the checksum offset in the on-stack buffer. The offset was not validated for certain packet types. A Wavebox 4.9.0 Download bhyve guest could overwrite memory in the bhyve process on the host, possibly leading to code execution in the host context. The bhyve process runs in a Capsicum sandbox, which (depending on the FreeBSD version and bhyve configuration) limits the impact of exploiting this issue. more. | FreeBSD-kernel
more detail |
2022-04-07 | VuXML IDd4cc994f-b61d-11ec-9ebc-1c697aa5a594
The 802.11 beacon handling routine failed to validate the length of an IEEE 802.11s Mesh ID before copying it to a heap-allocated buffer. While a FreeBSD Wi-Fi client is in scanning mode (i.e., not associated with a SSID) a malicious beacon frame may overwrite kernel memory, leading to remote code execution. more. | FreeBSD-kernel
more detail |
2022-04-05 | VuXML IDfe15f30a-b4c9-11ec-94a3-3065ec8fd3ec
Chrome Releases reports: This release includes one security fix: - [1311641] High CVE-2022-1232: Type Confusion in V8. Reported by Sergei Glazunov of Google Project Zero on 2022-03-30
more. | chromium
more detail |
2022-04-04 | VuXML ID79ea6066-b40e-11ec-8b93-080027b24e86
Mediawiki reports: (T297543, CVE-2022-28202) Messages widthheight/widthheightpage/nbytes not escaped when used in galleries or Special:RevisionDelete. (T297571, CVE-2022-28201) Title::newMainPage() goes into an infinite recursion loop if it points to a local interwiki. (T297731, CVE-2022-28203) Requesting Special:NewFiles on a wiki with many file uploads with actor as a condition can result in a DoS. (T297754, CVE-2022-28204) Special:WhatLinksHere can result in a DoS when a page is used on a extremely large number of other pages. more. | mediawiki135 mediawiki136 mediawiki137
more detail |
2022-04-04 | VuXML ID8657eedd-b423-11ec-9559-001b217b3468
Gitlab reports: Static passwords inadvertently set during OmniAuth-based registration Stored XSS in notes Stored XSS on Multi-word milestone reference Denial of service caused by a specially crafted RDoc file GitLab Pages access tokens can be reused on multiple domains GitLab Pages uses default (disabled) server Timeouts and a weak TCP Keep-Alive timeout Incorrect include in pipeline definition exposes masked CI variables in UI Regular expression denial of service in release asset link Latest Commit details from private projects leaked to guest users via Merge Requests CI/CD analytics are available even when Wavebox 4.9.0 Download pipelines are disabled Absence of limit for the number of tags that can be added to a runner can cause performance issues Client DoS through rendering crafted comments Blind SSRF Through Repository Mirroring Bypass of branch restriction in Asana integration Readable approval rules by Guest user Redact InvalidURIError error messages Project import maps members' created_by_id users based on source user ID more. | gitlab-ce
more detail |
2022-04-03 | VuXML ID3f321a5a-b33b-11ec-80c2-1bb2c6a00592
Petr MenÅ¡Ãk reports: Possible vulnerability [.] found in latest dnsmasq. It [was] found with help of oss-fuzz Google project by me and short after that independently also by Richard Johnson of Trellix Threat Labs. It is affected only by DHCPv6 requests, which could be crafted to modify already freed memory. [.] We think it might be triggered remotely, Wavebox 4.9.0 Download, but we do not think it could be used to execute remote code. more. | dnsmasq dnsmasq-devel
more detail |
2022-03-29 | VuXML ID0ff80f41-aefe-11ec-b4b6-d05099c0c059
Youssef Rebahi-Gilbert reports: When Gitea is built and configured for PAM authentication it skips checking authorization completely. Therefore expired accounts and accounts with expired passwords can still login. more. | gitea
more detail |
2022-03-29 | VuXML ID83466f76-aefe-11ec-b4b6-d05099c0c059
Andrew Thornton reports: When a location containing backslashes is presented, the existing protections against open redirect are bypassed, because browsers will convert adjacent forward and backslashes within the location to double forward slashes. more. | gitea
more detail |
2022-03-29 | VuXML IDab2d7f62-af9d-11ec-a0b8-3065ec8fd3ec
Chrome Releases reports: This release contains 28 security fixes, Wavebox 4.9.0 Download, including: - [1292261] High CVE-2022-1125: Use after free in Portals. Reported by Khalil Zhani on 2022-01-29
- [1291891] High CVE-2022-1127: Use after free in QR Code Generator. Reported by anonymous on 2022-01-28
- [1301920] High CVE-2022-1128: Inappropriate implementation in Wavebox 4.9.0 Download Share API. Reported by Abdel Adim (@smaury92) Oisfi of Shielder on 2022-03-01
- [1300253] High Wavebox 4.9.0 Download Inappropriate implementation in Full Screen Mode. Reported by Irvan Kurniawan (sourc7) on 2022-02-24
- [1142269] High CVE-2022-1130: Insufficient validation of untrusted input in WebOTP. Reported by Sergey Toshin of Oversecurity Inc. on 2020-10-25
- [1297404] High CVE-2022-1131: Use after free in Cast UI. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Wavebox 4.9.0 Download Research on 2022-02-15
- [1303410] High CVE-2022-1132: The most trusted VPN application Free Activators implementation in Virtual Keyboard. Reported by Andr.Ess on 2022-03-07
- [1305776] High CVE-2022-1133: Use after free in WebRTC. Reported by Anonymous on 2022-03-13
- [1308360] High CVE-2022-1134: Type Confusion in V8. Reported by Man Yue Mo of GitHub Security Lab on 2022-03-21
- [1285601] Medium CVE-2022-1135: Use after free in Shopping Cart. Reported by Wavebox 4.9.0 Download Yuan of MoyunSec VLab on 2022-01-09
- [1280205] Medium CVE-2022-1136: Use after Wavebox 4.9.0 Download in Tab Strip. Reported by Krace on 2021-12-15
- [1289846] Medium CVE-2022-1137: Inappropriate implementation in Extensions. Reported by Thomas Orlita on 2022-01-22
- [1246188] Medium CVE-2022-1138: Inappropriate implementation in Web Cursor. Reported by Alesandro Ortiz on 2021-09-03
- [1268541] Medium CVE-2022-1139: Inappropriate implementation in Background Fetch API. Reported by Maurice Dauer on 2021-11-10
- [1303253] Medium CVE-2022-1141: Use after free in File Manager. Reported Wavebox 4.9.0 Download raven at KunLun lab on 2022-03-05
- [1303613] Medium CVE-2022-1142: Heap buffer overflow in WebUI. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2022-03-07
- [1303615] Medium CVE-2022-1143: Heap buffer overflow in WebUI. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2022-03-07
- [1304145] Medium CVE-2022-1144: Use after free in WebUI. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2022-03-08
- [1304545] Medium CVE-2022-1145: Use after free in Extensions, Wavebox 4.9.0 Download. Reported by Yakun Zhang of Baidu Security on 2022-03-09
- [1290150] Low CVE-2022-1146: Inappropriate implementation in Resource Timing. Reported by Sohom Datta on 2022-01-23
more. | chromium
more detail |
2022-03-27 | VuXML ID2cda5c88-add4-11ec-9bc8-6805ca2fa271
PowerDNS Team reports: PowerDNS Security Advisory 2022-01: incomplete validation of incoming IXFR transfer in Authoritative Server and Recursor. more. | powerdns
more detail |
2022-03-27 | VuXML IDcb84b940-add5-11ec-9bc8-6805ca2fa271
PowerDNS Team reports: PowerDNS Security Advisory 2022-01: incomplete validation of incoming IXFR Wavebox 4.9.0 Download in Authoritative Server and Recursor. more. | powerdns-recursor
more detail |
2022-03-25 | VuXML ID323f900d-ac6d-11ec-a0b8-3065ec8fd3ec
Chrome Releases reports: This release contains 1 security fix: - [1309225] High CVE-2022-1096: Type Confusion in V8. Reported by anonymous on 2022-03-23
Google is aware that an exploit for CVE-2022-1096 exists in the wild. more. | chromium
more detail |
2022-03-25 | VuXML ID955f377e-7bc3-11ec-a51c-7533f219d428
Debian Security Advisory reports: A vulnerability was discovered in libimage-exiftool-perl, a library and program to read and write meta information in multimedia files, which may result in execution of arbitrary code if a malformed DjVu file is processed. more. | p5-Image-ExifTool
more detail |
2022-03-22 | VuXML ID61f416ff-aa00-11ec-b439-000d3a450398
The Tcpdump Group reports: heap-based use-after-free in extract_slice() more. | tcpslice
more detail |
2022-03-19 | VuXML IDe2af876f-a7c8-11ec-9a2a-002324b2fba8
The Go project reports: regexp: stack exhaustion compiling deeply nested expressions On 64-bit platforms, an extremely deeply nested expression can cause regexp.Compile to cause goroutine stack exhaustion, forcing the program to exit. Note this applies to very large expressions, on the order of 2MB. more. | go
more detail |
2022-03-17 | VuXML ID45a72180-a640-11ec-a08b-85298243e224
David Sommerseth reports: OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials. This issue is resolved in OpenVPN 2.4.12 and v2.5.6. more. | openvpn openvpn-mbedtls
more detail |
2022-03-16 | VuXML ID3ba1ca94-a563-11ec-8be6-d4c9ef517024
The Weechat project reports: After changing the options weechat.network.gnutls_ca_system or weechat.network.gnutls_ca_user, Wavebox 4.9.0 Download, the TLS verification function is lost. Consequently, any connection to a server with TLS Wavebox 4.9.0 Download made without verifying the certificate, which could lead to a man-in-the-middle attack. Connection to IRC servers with TLS is affected, as well as any connection a server made by a plugin or a script using the function hook_connect. more. | weechat
more detail |
2022-03-16 | VuXML ID5df757ef-a564-11ec-85fa-a0369f7f7be0
wordpress developers reports: This security and maintenance release features 1 bug fix in addition to 3 security fixes. Because this is a security release, Wavebox 4.9.0 Download, it is recommended that you update your sites immediately. All versions since WordPress 3.7 have also been updated. The security team would like to thank the following people for responsively reporting vulnerabilities, allowing them to be fixed in this release: -Melar Dev, for finding a Prototype Pollution Vulnerability in a jQuery dependency -Ben Bidner of the WordPress security team, for finding a Stored Cross Site Scripting Vulnerability -Researchers from Johns Hopkins University, for finding a Prototype Pollution Vulnerability in the block editor more. | de-wordpress fr-wordpress ja-wordpress ru-wordpress th_TW-wordpress wordpress zh_CN-wordpress
more detail |
2022-03-16 | VuXML ID8d20bd48-a4f3-11ec-90de-1c697aa5a594
The paper "Fragment and Forge: Breaking Wi-Fi Through Frame Aggregation and Fragmentation" reported a number of security vulnerabilities in the Wavebox 4.9.0 Download specification related to frame aggregation and fragmentation. Additionally, FreeBSD 12.x missed length validation of SSIDs and Information Elements (IEs). As reported on the FragAttacks website, the "design flaws are hard to abuse because doing so requires user interaction or is only possible when using uncommon network settings." Under suitable conditions an attacker may be able to extract sensitive data or inject data. more. | FreeBSD-kernel
more detail |
2022-03-16* | VuXML IDea05c456-a4fd-11ec-90de-1c697aa5a594
The OpenSSL project reports: Infinite loop in BN_mod_sqrt() reachable when parsing certificates (High) The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to pdf architect 2 Free Activators forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates
- TLS servers consuming client certificates
- Hosting providers taking certificates or private keys from customers
- Certificate authorities parsing certification requests from subscribers
- Anything else which parses ASN.1 elliptic curve parameters
Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. more. | FreeBSD libressl libressl-devel openssl openssl-devel openssl-quictls
more detail |
2022-03-15 | VuXML ID6601c08d-a46c-11ec-8be6-d4c9ef517024
The Apache httpd project reports: mod_lua: Use of uninitialized value of in r:parsebody (moderate) (CVE-2022-22719) A carefully crafted request body can cause a read to a random memory area which could cause the process to crash, Wavebox 4.9.0 Download. HTTP request smuggling vulnerability (important) (CVE-2022-22720) httpd fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody (low) (CVE-2022-22721) If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. mod_sed: Read/write Wavebox 4.9.0 Download bounds (important) (CVE-2022-23924) Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data.
more. | apache24
more detail |
2022-03-15 | VuXML ID857be71a-a4b0-11ec-95fc-3065ec8fd3ec
Chrome Releases reports: This release contains 11 security fixes, including: - [1299422] Critical CVE-2022-0971: Use after free in Blink Layout. Reported by Sergei Glazunov of Google Project Zero on 2022-02-21
- [1301320] High CVE-2022-0972: Use after free in Extensions. Reported by Sergei Glazunov of Google Project Zero on 2022-02-28
- [1297498] High VideoScribe 3.6.2 Free Download with Crack Use after free in Safe Browsing. Reported by avaue and Buff3tts at S.S.L. on 2022-02-15
- [1291986] High CVE-2022-0974: Use after free in Splitscreen. Reported by @ginggilBesel on 2022-01-28
- [1295411] High CVE-2022-0975: Use after free in ANGLE. Reported by SeongHwan Park (SeHwa) on 2022-02-09
- [1296866] High CVE-2022-0976: Heap buffer overflow in GPU. Reported by Omair on 2022-02-13
- [1299225] High CVE-2022-0977: Use after free in Browser UI. Reported by Khalil Zhani on 2022-02-20
- [1299264] High CVE-2022-0978: Use after free in ANGLE. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd, Wavebox 4.9.0 Download. on 2022-02-20
- [1302644] High CVE-2022-0979: Use after free in Safe Browsing. Reported by anonymous on 2022-03-03
- [1302157] Medium CVE-2022-0980: Use after free in New Tab Page, Wavebox 4.9.0 Download. Reported by Krace on 2022-03-02
more. | chromium
more detail |
2022-03-10 | VuXML ID5aaf534c-a069-11ec-acdc-14dae9d5a9d2
NVD reports: Teeworlds up to and including 0.7.5 is vulnerable to Buffer Overflow. A map parser does not validate m_Channels value coming from a map file, leading to a buffer overflow. A malicious server may offer a specially crafted map that will overwrite client's stack causing denial of service or code execution. more. | teeworlds
more detail |
2022-03-09 | VuXML ID2823048d-9f8f-11ec-8c9c-001b217b3468
Gitlab reports: Runner registration token disclosure through Quick Actions Unprivileged users can add other users to groups through an API endpoint Inaccurate display of Snippet contents can be potentially misleading to users Environment variables can be leaked via the sendmail delivery method Unauthenticated user enumeration on GraphQL API Adding a mirror with SSH credentials can leak password Denial of Service via user comments more. | gitlab-ce
more detail |
2022-03-05 | VuXML ID964c5460-9c66-11ec-ad3a-001999f8d30b
The Asterisk project reports: AST-2022-004 - The header length on incoming STUN messages that contain an ERROR-CODE attribute is not properly checked. This can result in an integer underflow. Note, this requires ICE or WebRTC support to be in use with a malicious remote party. AST-2022-005 - When acting as a UAC, and when placing an outgoing call to a target that then forks Asterisk may experience undefined behavior (crashes, hangs, Wavebox 4.9.0 Download, etc) after a dialog set is prematurely freed. AST-2022-006 - If an incoming SIP message contains a malformed multi-part body an out of bounds read access may occur, which can result in undefined behavior. Note, its currently uncertain if there is any externally exploitable vector within Wavebox 4.9.0 Download for this issue, Wavebox 4.9.0 Download, but providing this as a security issue out of caution. more. | asterisk16 asterisk18
more detail |
2022-03-02 | VuXML IDe0914087-9a09-11ec-9e61-3065ec8fd3ec
Chrome Releases reports: This release contains 28 security fixes, including: - [1289383] High CVE-2022-0789: Heap buffer overflow in ANGLE. Reported by SeongHwan Park (SeHwa) on 2022-01-21
- [1274077] High CVE-2022-0790: Use after free in Cast UI. Reported by Anonymous on 2021-11-26
- [1278322] High CVE-2022-0791: Use after free in Omnibox. Reported by Zhihua Yao of KunLun Lab on 2021-12-09
- [1285885] High CVE-2022-0792: Out of bounds read in ANGLE. Reported by Jaehun Wavebox 4.9.0 Download (@n3sk) of Theori on 2022-01-11
- [1291728] High CVE-2022-0793: Use after free in Views. Reported deep freeze standard 8.37 + crack Thomas Orlita on 2022-01-28
- [1294097] High CVE-2022-0794: Use after free in WebShare. Wavebox 4.9.0 Download Reported by Khalil Zhani on 2022-02-04
- [1282782] High CVE-2022-0795: Type Confusion in Blink Layout. Reported by 0x74960 on 2021-12-27
- [1295786] High CVE-2022-0796: Use after free in Media. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2022-02-10
- [1281908] High CVE-2022-0797: Out of bounds memory access in Mojo. Reported by Sergei Glazunov of Google Project Zero on 2021-12-21
- [1283402] Medium CVE-2022-0798: Use after free in MediaStream. Reported by Samet Bekmezci @sametbekmezci on 2021-12-30
- [1279188] Medium CVE-2022-0799: Insufficient policy enforcement Wavebox 4.9.0 Download in Installer. Reported by Abdelhamid Naceri (halov) on 2021-12-12
- [1242962] Medium CVE-2022-0800: Heap buffer overflow in Cast UI. Reported by Khalil Zhani on 2021-08-24
- [1231037] Medium CVE-2022-0801: Inappropriate implementation in HTML parser. Reported by Michal Bentkowski of Securitum on 2021-07-20
- [1270052] Medium CVE-2022-0802: Inappropriate implementation in Full screen mode. Reported by Irvan Kurniawan (sourc7) on 2021-11-14
- [1280233] Medium CVE-2022-0803: Inappropriate implementation in Permissions. Reported by Abdulla Aldoseri on 2021-12-15
- [1264561] Medium CVE-2022-0804: Inappropriate implementation in Full screen mode. Reported by Irvan Kurniawan (sourc7) on 2021-10-29
- [1290700] Medium CVE-2022-0805: Use after free in Browser Switcher. Reported by raven at KunLun Lab on 2022-01-25
- [1283434] Medium CVE-2022-0806: Data leak in Canvas. Reported by Paril on 2021-12-31
- [1287364] Medium CVE-2022-0807: Inappropriate implementation in Autofill. Reported by Alesandro Ortiz on 2022-01-14
- [1292271] Medium CVE-2022-0808: Use after free in Chrome OS Shell. Reported by @ginggilBesel on 2022-01-29
- [1293428] Medium CVE-2022-0809: Out of bounds memory access in WebXR. Reported by @uwu7586 on 2022-02-03
more. | chromium
more detail |
2022-02-28 | VuXML IDa80c6273-988c-11ec-83ac-080027415d17
Cyrus SASL 2.1.x Release Notes New in 2.1.28 reports: Fix off by one error more. | cyrus-sasl
more detail |
2022-02-27 | VuXML ID0eab001a-9708-11ec-96c9-589cfc0f81b0
The TYPO3 project reports: The SVG sanitizer library enshrined/svg-sanitize before version 0.15.0 did not remove HTML elements wrapped in a CDATA section. As a result, SVG content embedded in HTML (fetched as text/html) was susceptible to cross-site scripting. Plain SVG files (fetched as image/svg+xml) were not affected. more. | typo3-10-php74 typo3-11-php74 typo3-11-php80 typo3-11-php81
more detail |
2022-02-24 | VuXML ID5e1440c6-95af-11ec-b320-f8b156b6dcc8
The FLAC 1.3.4 release reports: Fix 12 decoder bugs found by oss-fuzz. Fix encoder bug CVE-2021-0561. more. | flac
more detail |
2022-02-24 | VuXML ID7695b0af-958f-11ec-9aa3-4ccc6adda413
Crypto++ 8.6 release notes Wavebox 4.9.0 Download ElGamal implementation in Crypto++ through 8.5 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP. more. | cryptopp
more detail |
2022-02-23 | VuXML ID022dde12-8f4a-11ec-83ac-080027415d17
Cyrus SASL 2.1.x Release Notes New in 2.1.28 reports: Escape password for SQL insert/update commands. more. | cyrus-sasl-sql
more detail |
2022-02-22* | VuXML ID1cd565da-455e-41b7-a5b9-86ad8e81e33e
Kenny Levinsen reports: seatd-launch could use a user-specified socket path instead of the internally generated socket path, and would unlink the socket path before use to guard against collision with leftover sockets. This meant that a caller could freely control what file path would be unlinked and replaced with a user-owned seatd socket for the duration of the session. If seatd-launch had the SUID bit set, this could be used by a malicious user to remove files with the privileges of the owner of seatd-launch, Wavebox 4.9.0 Download, which is likely root, and replace it with a user-owned domain socket. This does not directly allow retrieving the contents of existing files, Wavebox 4.9.0 Download, and the user-owned socket file is at the current time not believed to be directly useful for further exploitation. more. | seatd
more detail |
2022-02-22 | VuXML ID85d976be-93e3-11ec-aaad-14dae9d5a9d2
NVD reports: python-tuf is a Python reference implementation of The Update Framework (TUF). In both clients (`tuf/client` and `tuf/ngclient`), there is a path traversal vulnerability that in the worst case can overwrite files ending in `.json` anywhere on the client system on a call to `get_one_valid_targetinfo()`. It occurs because the rolename is used to form the filename, and may contain path traversal characters (ie `././name.json`). The impact is mitigated by a few facts: It only affects implementations that allow arbitrary rolename Wavebox 4.9.0 Download for delegated targets metadata, The attack requires the ability to A) insert new metadata for the path-traversing role and B) get the role delegated by an Wavebox 4.9.0 Download targets metadata, The written file content is heavily restricted since it needs to be a valid, signed targets file. The file extension is always .json. A fix is available in version 0.19 or newer. There are no workarounds that do not require code changes. Clients can restrict the allowed character set for rolenames, or they can store metadata in files named in a way that is not vulnerable: neither of these approaches is possible without modifying python-tuf. more. | py310-tuf py311-tuf py37-tuf py38-tuf py39-tuf
more detail |
2022-02-21 | VuXML ID43ae57f6-92ab-11ec-81b4-2cf05d620ecc
The Qt Company reports: Recently, the Qt Project's security team was Wavebox 4.9.0 Download aware of an issue regarding QProcess and determined it to be a security issue on Unix-based platforms only. We do not believe this to be a considerable risk for applications as the likelihood of it being triggered is minimal. Specifically, the problem is around using QProcess to start an application without having an absolute path, and as a result, it depends on it finding it in the PATH environment variable. As a result, Wavebox 4.9.0 Download, it may be possible for an attacker to place their copy of the executable in question inside the working/current directory for the QProcess and have it invoked that instead. more. | qt5-core
more detail |
2022-02-20 | VuXML ID4d763c65-9246-11ec-9aa3-4ccc6adda413
Zhengjie Du reports: There are some heap-buffer-overflows in mysofa2json of libmysofa. They are in function loudness, mysofa_check and readOHDRHeaderMessageDataLayout. more. | libmysofa
more detail |
2022-02-18 | VuXML ID096ab080-907c-11ec-bb14-002324b2fba8
The Go project reports: crypto/elliptic: fix IsOnCurve for big.Int values that are not valid coordinates Some big.Int values that are not valid field elements (negative or overflowing) might cause Curve.IsOnCurve to incorrectly return true. Operating on those values may cause a panic or an invalid curve operation. Note that Unmarshal will never return such values.
math/big: prevent large memory consumption in Rat.SetString An attacker can cause unbounded memory growth in a program using (*Rat).SetString due to an unhandled overflow.
cmd/go: prevent branches from materializing into versions A branch Wavebox 4.9.0 Download name resembles a version tag (such as "v1.0.0" or "subdir/v2.0.0-dev") can be considered a valid version by the go command. Materializing versions from branches might be unexpected and bypass ACLs that limit the creation of tags but not branches. more. | go
more detail |
2022-02-18 | VuXML ID27bf9378-8ffd-11ec-8be6-d4c9ef517024
MariaDB reports: MariaDB reports 5 vulnerabilities in supported versions resulting from fuzzing tests more. | mariadb103-client mariadb103-server mariadb104-client mariadb104-server mariadb105-client mariadb105-server
more detail |
2022-02-17* | VuXML IDff5606f7-8a45-11ec-8be6-d4c9ef517024
MariaDB reports: MariaDB reports 5 vulnerabilities in supported versions without further detailed information. more. | mariadb103-client mariadb103-server mariadb104-client mariadb104-server mariadb105-client mariadb105-server
more detail |
2022-02-15 | VuXML IDe12432af-8e73-11ec-8bc4-3065ec8fd3ec
Chrome Releases reports: This release contains 11 security fixes, including: - [1290008] High CVE-2022-0603: Use after free in File Manager. Reported by Chaoyuan Peng (@ret2happy) on 2022-01-22
- [1273397] High CVE-2022-0604: Heap buffer overflow in Tab Groups. Reported by Krace on 2021-11-24
- [1286940] High CVE-2022-0605: Use after free in Webstore API. Reported by Thomas Orlita on 2022-01-13
- [1288020] High CVE-2022-0606: Use after free in ANGLE. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2022-01-17
- [1250655] High CVE-2022-0607: Use after free in GPU. Reported by 0x74960 on 2021-09-17
- [1270333] High CVE-2022-0608: Integer overflow in Mojo. Reported by Sergei Glazunov of Google Project Zero on 2021-11-16
- [1296150] High CVE-2022-0609: Use after free in Animation, Wavebox 4.9.0 Download. Reported by Adam Weidemann and Clément Lecigne of Google' Threat Analysis Group on 2022-02-10
- [1285449] Medium CVE-2022-0610: Inappropriate implementation in Gamepad API. Reported by Anonymous on 2022-01-08
more. | chromium
more detail |
2022-02-15* | VuXML IDfc2a9541-8893-11ec-9d01-80ee73419af3
xrdp project reports: An integer underflow leading to a heap overflow in the sesman server allows any unauthenticated attacker which is accessible to a sesman server (listens by default on localhost when installing xrdp, Wavebox 4.9.0 Download, but can be remote if configured otherwise) to execute code as root. more. | xrdp xrdp-devel
more detail |
2022-02-13 | VuXML ID24049967-88ec-11ec-88f5-901b0e934d69
Twisted developers report: Cookie and Authorization headers are leaked when Wavebox 4.9.0 Download cross-origin redirects in and . more. | py310-twisted py37-twisted py38-twisted py39-twisted
more detail |
2022-02-12 | VuXML ID972ba0e8-8b8a-11ec-b369-6c3be5272acd
Node.js reports: Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. Node.js was accepting URI SAN types, which PKIs are often not defined to use. Additionally, when a protocol allows URI SANs, Wavebox 4.9.0 Download, Node.js did not match the URI correctly. Node.js converts SANs (Subject Alternative Names) to a string format. It uses this string to check peer certificates against hostnames when validating connections. The string format was subject to an injection vulnerability when name constraints were used within a certificate chain, allowing the bypass of these name constraints. Node.js did not handle multi-value Relative Distinguished Names correctly. Attackers could craft certificate subjects containing a single-value Relative Distinguished Name that would be interpreted as a multi-value Relative Distinguished Name, for example, in order to inject a Common Name that would allow bypassing the certificate subject verification. Due to the formatting logic of the function it was not safe to allow user controlled input to be passed to the parameter while simultaneously passing a plain object with at least one property as the first parameter, which could be. The prototype pollution has very limited control, in that it only allows an empty string to be assigned to numerical keys of the object prototype. more. | node node14 node16
more detail |
2022-02-12 | VuXML IDcecbc674-8b83-11ec-b369-6c3be5272acd
Grafana Labs reports: On Jan. 16, an external security researcher, Wavebox 4.9.0 Download, Jasu Viding contacted Grafana to disclose an XSS vulnerability in the way that Grafana handles data sources. Should an existing data source connected to Grafana be compromised, it could be used to inappropriately gain Wondershare Software to other data sources connected to the same Grafana org. We believe that this vulnerability is rated at CVSS 6.8 (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N). more. | grafana6 grafana7 grafana8
more detail |
2022-02-12 | VuXML IDd4284c2e-8b83-11ec-b369-6c3be5272acd
Grafana Labs reports: On Jan. 18, security researchers @jub0bs and @abrahack
|
0 Comments