A race condition flaw was found in the response headers Elasticsearch versions before 7.2.1 and 6.8.2 returns to a request. On a system with multiple users submitting requests, it could be possible for an attacker to gain access to response header cont…
[Microsoft.AspNetCore.App] Open redirect in ASP.NET Core
A spoofing vulnerability exists in ASP.NET Core that could lead to an open redirect, aka ‘ASP.NET Core Spoofing Vulnerability’.
References
https://nvd.nist.gov/vuln/detail/CVE-2019-1075
https://portal.msrc.microsoft.com/en-US/security-guidance/advisor…
[org.apache.kafka:kafka] Improper Input Validation in Apache Kafka
In Apache Kafka versions between 0.11.0.0 and 2.1.0, it is possible to manually craft a Produce request which bypasses transaction/idempotent ACL validation. Only authenticated clients with Write permission on the respective topics are able to exploit …
[System.Private.Uri] Denial of service in ASP.NET Core
A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka ‘.Net Framework and .Net Core Denial of Service Vulnerability’. This CVE ID is unique from CVE-2019-0820, CVE-2019-0980.
References
https://n…
[Microsoft.AspNetCore.SignalR.Protocols.MessagePack] Denial of service in ASP.NET Core
A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka ‘ASP.NET Core Denial of Service Vulnerability’.
References
https://nvd.nist.gov/vuln/detail/CVE-2019-0982
https://portal.msrc.microsoft.com/en-US/security-…
[System.Private.Uri] Denial of service in ASP.NET Core
A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka ‘.Net Framework and .Net Core Denial of Service Vulnerability’. This CVE ID is unique from CVE-2019-0820, CVE-2019-0981.
References
https://n…
[matrix-sydent] matrix-sydent and matrix-synapse Use Cryptographically Weak PRNG
An issue was discovered in Matrix Sydent before 1.0.3 and Synapse before 0.99.3.1. Random number generation is mishandled, which makes it easier for attackers to predict a Sydent authentication token or a Synapse random ID.
References
https://nvd.nist…
[publify_core] Improper Access Control in publify
A low-privileged user can modify and delete admin articles just by changing the value of the article[id] parameter prior to 9.2.9.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-1810
https://github.com/publify/publify/commit/c0aba87844d1e47da50c…
[publify_core] Cross site scripting in publify
Unrestricted file upload allowed the attacker to manipulate the request and bypass the protection of HTML files using a text file. Stored XSS may be obtained.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-1811
https://github.com/publify/publify…
[com.xuxueli:xxl-job] Cross-Site Request Forgery in XXL-Job
A Cross-Site Request Forgery (CSRF) in XXL-Job v2.3.0 allows attackers to arbitrarily create administrator accounts via the component /gaia-job-admin/user/add.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-29002
https://github.com/xuxueli/xxl-j…