Skip to content

TechMedia

Header Image
Category

CRITICAL

104 Posts

Featured

Posted byWpmaster
[vm2] vm2 vulnerable to sandbox escape
Posted byWpmaster
[go.etcd.io/etcd/v3] Etcd-io Improper Authentication vulnerability
Posted byWpmaster
[github.com/sjqzhang/go-fastdfs] sjqzhang go-fastdfs vulnerable to path traversal
Posted byWpmaster
[knplabs/knp-snappy] PHAR deserialization allowing remote code execution

[class-validator] SQL Injection and Cross-site Scripting in class-validator

  • Posted inCRITICAL
  • Posted byWpmaster
  • 10/13/202101/12/2023

In TypeStack class-validator, validate() input validation can be bypassed because certain internal attributes can be overwritten via a conflicting name. Even though there is an optional forbidUnknownValues parameter that can be used to reduce the risk …

[@asyncapi/modelina] Improper Control of Generation of Code (‘Code Injection’) in @asyncapi/modelina

  • Posted inCRITICAL
  • Posted byWpmaster
  • 09/22/202101/27/2023

Impact
Anyone who is using the default presets and/or does not handle the functionality themself.
Patches
It is impossible to fully guard against this, because users have access to the original raw information. However, as of version 1, if you only acc…

[omniauth_amazon] Backdoor / Malicious code

  • Posted inCRITICAL
  • Posted byWpmaster
  • 08/20/201901/24/2023

The rest-client gem 1.6.10 through 1.6.13 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party.
Users of an affected version should consider downgrading to the last non-affected version of 1.6.9, or upg…

[rest-client] rest-client vulnerable to Session Fixation

  • Posted inCRITICAL
  • Posted byWpmaster
  • 08/14/201810/14/2022

REST client for Ruby (aka rest-client) versions 1.6.1.a until 1.8.0 allow remote attackers to conduct session fixation attacks or obtain sensitive cookie information by leveraging passage of cookies set in a response to a redirect.
References

https://…

Posts navigation

Previous Posts 1 … 9 10 11
TechMedia
WordPress theme by componentz

Archives

2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30
Hit enter to search or ESC to close