SecureProps is a PHP library designed to simplify the encryption and decryption of property data in objects. A vulnerability in SecureProps version 1.2.0 and 1.2.1 involves a regex failing to detect tags during decryption of encrypted data. This occurs when the encrypted data has been encoded with `NullEncoder` and passed to `TagAwareCipher`, and contains special characters such as `\n`. As a result, the decryption process is skipped since the tags are not detected. This causes the encrypted data to be returned in plain format. The vulnerability affects users who implement `TagAwareCipher` with any base cipher that has `NullEncoder` (not default). The patch for the issue has been released. Users are advised to update to version 1.2.2. As a workaround, one may use the default `Base64Encoder` with the base cipher decorated with `TagAwareCipher` to prevent special characters in the encrypted string from interfering with regex tag detection logic. This workaround is safe but may involve double encoding since `TagAwareCipher` uses `NullEncoder` by default.
Max CVSS
2.6
EPSS Score
0.05%
Published
2024-03-18
Updated
2024-03-18
Directus is a real-time API and App dashboard for managing SQL database content. When reaching the /files page, a JWT is passed via GET request. Inclusion of session tokens in URLs poses a security risk as URLs are often logged in various places (e.g., web server logs, browser history). Attackers gaining access to these logs may hijack active user sessions, leading to unauthorized access to sensitive information or actions on behalf of the user. This issue has been addressed in version 10.10.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Max CVSS
2.3
EPSS Score
0.04%
Published
2024-03-12
Updated
2024-03-13
Peering Manager is a BGP session management tool. In Peering Manager <=1.8.2, it is possible to redirect users to an arbitrary page using a crafted url. As a result users can be redirected to an unexpected location. This issue has been addressed in version 1.8.3. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Max CVSS
3.5
EPSS Score
0.06%
Published
2024-03-12
Updated
2024-03-13
Resource Exhaustion in Mattermost Server versions 8.1.x before 8.1.10 fails to limit the size of the payload that can be read and parsed allowing an attacker to send a very large email payload and crash the server.
Max CVSS
3.1
EPSS Score
0.04%
Published
2024-03-15
Updated
2024-03-15
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
Max CVSS
3.9
EPSS Score
0.04%
Published
2024-03-14
Updated
2024-03-15
Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. If an excessively large value is specified as the starting index for an array in `_abi_decode`, it can cause the read position to overflow. This results in the decoding of values outside the intended array bounds, potentially leading to exploitations in contracts that use arrays within `_abi_decode`. This vulnerability affects 0.3.10 and earlier versions.
Max CVSS
3.7
EPSS Score
0.04%
Published
2024-02-26
Updated
2024-02-26
Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
Max CVSS
3.4
EPSS Score
0.05%
Published
2024-03-18
Updated
2024-03-18
Insufficient checks in a web service made it possible to add comments to the comments block on another user's dashboard when it was not otherwise available (e.g., on their profile page).
Max CVSS
3.5
EPSS Score
0.05%
Published
2024-02-19
Updated
2024-02-29
Alf.io is a free and open source event attendance management system. An administrator on the alf.io application is able to upload HTML files that trigger JavaScript payloads. As such, an attacker gaining administrative access to the alf.io application may be able to persist access by planting an XSS payload. This issue has been addressed in version 2.0-M4-2402. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Max CVSS
3.5
EPSS Score
0.04%
Published
2024-02-16
Updated
2024-02-16
Mastodon is a free, open-source social network server based on ActivityPub. When an OAuth Application is destroyed, the streaming server wasn't being informed that the Access Tokens had also been destroyed, this could have posed security risks to users by allowing an application to continue listening to streaming after the application had been destroyed. Essentially this comes down to the fact that when Doorkeeper sets up the relationship between Applications and Access Tokens, it uses a `dependent: delete_all` configuration, which means the `after_commit` callback setup on `AccessTokenExtension` didn't actually fire, since `delete_all` doesn't trigger ActiveRecord callbacks. To mitigate, we need to add a `before_destroy` callback to `ApplicationExtension` which announces to streaming that all the Application's Access Tokens are being "killed". Impact should be negligible given the affected application had to be owned by the user. None the less this issue has been addressed in versions 4.2.6, 4.1.14, 4.0.14, and 3.5.18. Users are advised to upgrade. There are no known workaround for this vulnerability.
Max CVSS
3.1
EPSS Score
0.04%
Published
2024-02-14
Updated
2024-02-15
Aruba has identified certain configurations of ArubaOS that can lead to partial disclosure of sensitive information in the IKE_AUTH negotiation process. The scenarios in which disclosure of potentially sensitive information can occur are complex, and depend on factors beyond the control of attackers.
Max CVSS
3.7
EPSS Score
0.04%
Published
2024-03-05
Updated
2024-03-06
The CodeQL CLI repo holds binaries for the CodeQL command line interface (CLI). Prior to version 2.16.3, an XML parser used by the CodeQL CLI to read various auxiliary files is vulnerable to an XML External Entity attack. If a vulnerable version of the CLI is used to process either a maliciously modified CodeQL database, or a specially prepared set of QL query sources, the CLI can be made to make an outgoing HTTP request to an URL that contains material read from a local file chosen by the attacker. This may result in a loss of privacy of exfiltration of secrets. Security researchers and QL authors who receive databases or QL source files from untrusted sources may be impacted. A single untrusted `.ql` or `.qll` file cannot be affected, but a zip archive or tarball containing QL sources may unpack auxiliary files that will trigger an attack when CodeQL sees them in the file system. Those using CodeQL for routine analysis of source trees with a preselected set of trusted queries are not affected. In particular, extracting XML files from a source tree into the CodeQL database does not make one vulnerable. The problem is fixed in release 2.16.3 of the CodeQL CLI. Other than upgrading, workarounds include not accepting CodeQL databases or queries from untrusted sources, or only processing such material on a machine without an Internet connection. Customers who use older releases of CodeQL for security scanning in an automated CI system and cannot upgrade for compliance reasons can continue using that version. That use case is safe. If such customers have a private query pack and use the `codeql pack create` command to precompile them before using them in the CI system, they should be using the production CodeQL release to run `codeql pack create`. That command is safe as long as the QL source it precompiled is trusted. All other development of the query pack should use an upgraded CLI.
Max CVSS
2.7
EPSS Score
0.05%
Published
2024-02-22
Updated
2024-02-23
Collabora Online is a collaborative online office suite based on LibreOffice technology. Each document in Collabora Online is opened by a separate "Kit" instance in a different "jail" with a unique directory "jailID" name. For security reasons, this directory name is randomly generated and should not be given out to the client. In affected versions of Collabora Online it is possible to use the CELL() function, with the "filename" argument, in the spreadsheet component to get a path which includes this JailID. The impact of this vulnerability in its own is low because it requires to be chained with another vulnerability. Users should upgrade to Collabora Online 23.05.9; Collabora Online 22.05.22; Collabora Online 21.11.10 or higher. There are no known workarounds for this vulnerability.
Max CVSS
2.6
EPSS Score
0.04%
Published
2024-03-11
Updated
2024-03-12
Uncontrolled Resource Consumption in Mattermost Mobile versions before 2.13.0 fails to limit the size of the code block that will be processed by the syntax highlighter, allowing an attacker to send a very large code block and crash the mobile app.
Max CVSS
3.5
EPSS Score
0.04%
Published
2024-03-15
Updated
2024-03-15
Dell PowerScale OneFS 8.2.x through 9.6.0.x contain an insufficient logging vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability, causing audit messages lost and not recorded for a specific time period.
Max CVSS
3.0
EPSS Score
0.04%
Published
2024-03-04
Updated
2024-03-04
Undici is an HTTP/1.1 client, written from scratch for Node.js. Undici already cleared Authorization headers on cross-origin redirects, but did not clear `Proxy-Authentication` headers. This issue has been patched in versions 5.28.3 and 6.6.1. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Max CVSS
3.9
EPSS Score
0.04%
Published
2024-02-16
Updated
2024-02-20
Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. When using the built-in `extract32(b, start)`, if the `start` index provided has for side effect to update `b`, the byte array to extract `32` bytes from, it could be that some dirty memory is read and returned by `extract32`. This vulnerability affects 0.3.10 and earlier versions.
Max CVSS
3.7
EPSS Score
0.04%
Published
2024-02-26
Updated
2024-02-26
Cleartext Storage of Sensitive Information in Gambio 4.9.2.0 allows attackers to obtain sensitive information via error-handler.log.json and legacy-error-handler.log.txt under the webroot.
Max CVSS
2.7
EPSS Score
0.05%
Published
2024-02-12
Updated
2024-02-15
Notion through 3.1.0 on macOS might allow code execution because of RunAsNode and enableNodeClilnspectArguments. NOTE: the vendor states "the attacker must launch the Notion Desktop application with nonstandard flags that turn the Electron-based application into a Node.js execution environment."
Max CVSS
3.3
EPSS Score
0.08%
Published
2024-01-28
Updated
2024-03-03
An SQL injection vulnerability exists in an undisclosed page of the BIG-IP Configuration utility. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
Max CVSS
3.8
EPSS Score
0.04%
Published
2024-02-14
Updated
2024-02-14
ThinkSystem SR670V2 servers manufactured from approximately June 2021 to July 2023 were left in Manufacturing Mode which could allow an attacker with privileged logical access to the host or physical access to server internals to modify or disable Intel Boot Guard firmware integrity, SPS security, and other SPS configuration setting. The server’s NIST SP 800-193-compliant Platform Firmware Resiliency (PFR) security subsystem significantly mitigates this issue.
Max CVSS
2.0
EPSS Score
0.04%
Published
2024-02-16
Updated
2024-02-20
Mattermost fails to properly restrict the access of files attached to posts in an archived channel, resulting in members being able to access files of archived channels even if the “Allow users to view archived channels” option is disabled.
Max CVSS
3.1
EPSS Score
0.04%
Published
2024-02-29
Updated
2024-02-29
changedetection.io is an open source tool designed to monitor websites for content changes. In affected versions the API endpoint `/api/v1/watch/<uuid>/history` can be accessed by any unauthorized user. As a result any unauthorized user can check one's watch history. However, because unauthorized party first needs to know a watch UUID, and the watch history endpoint itself returns only paths to the snapshot on the server, an impact on users' data privacy is minimal. This issue has been addressed in version 0.45.13. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Max CVSS
3.7
EPSS Score
0.05%
Published
2024-01-19
Updated
2024-01-26
Mattermost Jira Plugin fails to protect against logout CSRF allowing an attacker to post a specially crafted message that would disconnect a user's Jira connection in Mattermost only by viewing the message.
Max CVSS
3.5
EPSS Score
0.04%
Published
2024-02-09
Updated
2024-02-15
A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, iOS 17.3 and iPadOS 17.3. An app may be able to bypass certain Privacy preferences.
Max CVSS
3.3
EPSS Score
0.05%
Published
2024-01-23
Updated
2024-03-13
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!