DataDog::DogStatsd versions through 0.07 for Perl allow metric injections. DataDog::DogStatsd does not properly sanitise input, allowing metric injections of data from untrusted sources. The send_stats method does not remove newlines from metric names ($stat variable), allowing attackers to change...
7-Zip is a file archiver with a high compression ratio. Versions 9.11 through 26.00 contain a heap out-of-bounds read of up to 3 bytes in the UDF disc image handler's File Identifier Descriptor parser. In CFileId::Parse (CPP/7zip/Archive/Udf/UdfIn.cpp), after validating size < 38 + idLen + i...
7-Zip is a file archiver with a high compression ratio. Versions 9.21 through 26.00 contain an An uninitialized memory disclosure vulnerability in the UEFI capsule (.scap) parser in 7-Zip. The OpenCapsule function allocates a heap buffer of attacker-declared CapsuleImageSize (up to 1 GiB) without ze...
DataDog::DogStatsd versions through 0.07 for Perl allow metric injections from event tags. DataDog::DogStatsd does not properly sanitise input, allowing metric injections of data from untrusted sources. The format_event method (used by the event method) does not validate the content of the tags, w...
A vulnerability has been found in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae67b610dce5979500ef8ebe01. Affected is an unknown function of the file dashboard_page/admin_page.php of the component Admin Interface. The manipulation of the argument User...
NocoDB: Cross-Workspace Integration Use in Connection Test
NocoDB: User Enumeration via Sign-In Timing
NocoDB: Plaintext Password Comparison in Shared Views
NocoDB: Hidden Column Exposure in Public Shared View Endpoints
NocoDB: Open Redirect via Hash Fragment in hashRedirect Plugin
NocoDB: Reflected Cross-Site Scripting via Password Reset Token
NocoDB: Postgres SQL Injection in Formula `ARRAYSORT`
NocoDB: Hidden LTAR Column Exposure in Public Shared-View Relation Endpoints
Wasmtime is a runtime for WebAssembly. In versions prior to 24.0.9, 36.0.10, and 44.0.2, when a filesystem preopen is given DirPerms::all() and FilePerms::READ without FilePerms::WRITE, this access control mechanism can be bypassed via the wasip2 descriptor.open-at or wasip1 path_open interfaces by ...
mcp-server-kubernetes is a Model Context Protocol server for Kubernetes cluster management. Prior to version 3.7.0, the kubectl_generic tool in mcp-server-kubernetes passes user-supplied flags directly to kubectl without any allowlist, enabling a privilege escalation attack within Kubernetes environ...
Klever-Go KVM: Hash-array amplification in P2P resolver request handling
Omni: Reader-level users can retrieve imported cluster CA keys via ResourceService
Omni: Operator can traverse image-factory API paths via unsanitized `talos_version` in CreateSchematic
Omni has a TOCTOU race condition that allows multiple concurrent uses of a single-use SAML session token
Vantage6: 2FA can be circumvented with hacked email access