Skip to content

TechMedia

Header Image
Category

CRITICAL

104 Posts

Featured

Posted byWpmaster
[vm2] vm2 vulnerable to sandbox escape
Posted byWpmaster
[go.etcd.io/etcd/v3] Etcd-io Improper Authentication vulnerability
Posted byWpmaster
[github.com/sjqzhang/go-fastdfs] sjqzhang go-fastdfs vulnerable to path traversal
Posted byWpmaster
[knplabs/knp-snappy] PHAR deserialization allowing remote code execution

[vm2] vm2 vulnerable to sandbox escape

  • Posted inCRITICAL
  • Posted byWpmaster
  • 04/08/202304/08/2023

vm2 was not properly handling host objects passed to Error.prepareStackTrace in case of unhandled async errors.

vm2 version: ~3.9.14
Node version: 18.15.0, 19.8.1, 17.9.1

Impact
A threat actor can bypass the sandbox protections to gain remote code ex…

[go.etcd.io/etcd/v3] Etcd-io Improper Authentication vulnerability

  • Posted inCRITICAL
  • Posted byWpmaster
  • 04/05/202304/12/2023

Authentication vulnerability found in Etcd-io v.3.4.10 allows remote attackers to escalate privileges via the debug function.
This has been fixed in v.3.5.8 and was also backported to 3.4 and 3.5.
References

https://nvd.nist.gov/vuln/detail/CVE-2021-2…

[github.com/sjqzhang/go-fastdfs] sjqzhang go-fastdfs vulnerable to path traversal

  • Posted inCRITICAL
  • Posted byWpmaster
  • 04/02/202304/08/2023

sjqzhang go-fastdfs up to 1.4.3 is vulnerable to path traversal in the function upload of the file /group1/upload of the component File Upload Handler. The attack may be launched remotely and the exploit has been disclosed to the public and may be used…

[knplabs/knp-snappy] PHAR deserialization allowing remote code execution

  • Posted inCRITICAL
  • Posted byWpmaster
  • 03/18/202304/07/2023

Description
snappy is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the file_exists() function. If an attacker can upload files of any type to the server he can pass in the phar:// protocol to unser…

[LiteDB] LiteDB may deserialize bad JSON on object type using _type

  • Posted inCRITICAL
  • Posted byWpmaster
  • 02/25/202303/07/2023

Impact
LiteDB use a special field in JSON documents to cast diferent types from BsonDocument do POCO classes. When instance of an object are not the same of class, BsonMapper use a special field _type string info with full class name with assembly to b…

[phpmyadmin/phpmyadmin] phpmyadmin contains SQL Injection vulnerability

  • Posted inCRITICAL
  • Posted byWpmaster
  • 01/27/202302/03/2023

SQL Injection vulnerability in function getTableCreationQuery in CreateAddField.php in phpMyAdmin 5.x before 5.0.2 via the tbl_storage_engine or tbl_collation parameters to tbl_create.php.
References

https://nvd.nist.gov/vuln/detail/CVE-2020-22452
htt…

[ca.uhn.hapi.fhir:org.hl7.fhir.core] MITM based Zip Slip in `ca.uhn.hapi.fhir:org.hl7.fhir.core`

  • Posted inCRITICAL
  • Posted byWpmaster
  • 01/24/202301/27/2023

Impact
MITM can enable Zip-Slip.
Vulnerability
Vulnerability 1: Scanner.java
There is no validation that the zip file being unpacked has entries that are not maliciously writing outside of the intended destination directory.
https://github.com/hapifhir…

[org.hl7.fhir.publisher:org.hl7.fhir.publisher] MITM based Zip Slip in `org.hl7.fhir.publisher:org.hl7.fhir.publisher`

  • Posted inCRITICAL
  • Posted byWpmaster
  • 01/24/202301/24/2023

Impact
MITM can enable Zip-Slip.
Vulnerability
Vulnerability 1: Publisher.java
There is no validation that the zip file being unpacked has entries that are not maliciously writing outside of the intended destination directory.
https://github.com/HL7/fh…

[apache-airflow-providers-mysql] Command Injection in Apache Airflow and Apache Airflow MySQL Provider

  • Posted inCRITICAL
  • Posted byWpmaster
  • 01/22/202302/01/2023

Improper Neutralization of Special Elements used in a Command (‘Command Injection’) vulnerability in Apache Software Foundation Apache Airflow, Apache Software Foundation Apache Airflow MySQL Provider.This issue affects Apache Airflow: before 2.5.1; Ap…

[electerm] Code injection in electerm

  • Posted inCRITICAL
  • Posted byWpmaster
  • 01/21/202301/28/2023

An issue was discovered in Electerm 1.3.22, allows attackers to execute arbitrary code via unverified request to electerms service.
References

https://nvd.nist.gov/vuln/detail/CVE-2020-23256
https://github.com/electerm/electerm/issues/1686
https://git…

Posts navigation

1 2 3 … 11 Next Posts
TechMedia
WordPress theme by componentz

Archives

2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30
Hit enter to search or ESC to close