Description:
A regular expression denial of service (ReDoS) vulnerability has been discovered in ua-parser-js.
Impact:
This vulnerability bypass the library’s MAX_LENGTH input limit prevention. By crafting a very-very-long user-agent string with specif…
[yiisoft/yii2-gii] Command injection in yiisoft/yii2-gii
Yii Yii2 Gii before 2.2.2 allows remote attackers to execute arbitrary code via the Generator.php messageCategory field. The attacker can embed arbitrary PHP code into the model file.
References
https://nvd.nist.gov/vuln/detail/CVE-2020-36655
https://…
[exiftool_vendored] ExifTool vulnerable to arbitrary code execution
Impact
Arbitrary code execution can occur when running exiftool against files with hostile metadata payloads
Patches
ExifTool has already been patched in version 12.24. exiftool_vendored.rb, which vendors ExifTool, includes this patch in v12.25.0.
Work…
[deno] Deno is vulnerable to race condition via interactive permission prompt spoofing
Impact
Multi-threaded programs were able to spoof interactive permission prompt by rewriting the prompt to suggest that program is waiting on user confirmation to unrelated action.
A malicious program could clear the terminal screen after permission p…
[github.com/nektos/act] act vulnerable to arbitrary file upload in artifact server
Impact
The artifact server that stores artifacts from Github Action runs does not sanitize path inputs. This allows an attacker to download and overwrite arbitrary files on the host from a Github Action. This issue may lead to privilege escalation.
Iss…
[www.velocidex.com/golang/velociraptor] Velociraptor vulnerable to Missing Authorization
Rapid7 Velociraptor allows users to be created with different privileges on the server. Administrators are generally allowed to run any command on the server including writing arbitrary files. However, lower privilege users are generally forbidden from…
[activerecord] SQL Injection Vulnerability via ActiveRecord comments
There is a possible vulnerability in ActiveRecord related to the sanitization of comments. This vulnerability has been assigned the CVE identifier CVE-2023-22794.
Versions Affected: >= 6.0.0 Not affected: < 6.0.0 Fixed Versions: 6.0.6.1, 6.1.7.1,…
[web-node-server] Path Traversal in web-node-server
A vulnerability has been found in youngerheart nodeserver and classified as critical. Affected by this vulnerability is an unknown functionality of the file nodeserver.js. The manipulation leads to path traversal. The name of the patch is c4c0f0138ab5a…
[mechanize] mechanize Regular Expression Denial of Service vulnerability
mechanize, a library for automatically interacting with HTTP web servers, contains a regular expression that is vulnerable to regular expression denial of service (ReDoS) prior to version 0.4.6. If a web server responds in a malicious way, then mechani…
[org.expressme:JOpenId] Observable timing discrepancy in JOpenId
A vulnerability, which was classified as problematic, was found in michaelliao jopenid. Affected is the function getAuthentication of the file JOpenId/src/org/expressme/openid/OpenIdManager.java. The manipulation leads to observable timing discrepancy….