Security
Headlines
HeadlinesLatestCVEs

Source

ghsa

GHSA-vh38-ghx6-vmvg: Code Injection in Masuit.Tools.Core

All versions of package Masuit.Tools.Core are vulnerable to Arbitrary Code Execution via the ReceiveVarData<T> function in the SocketClient.cs component. The socket client in the package can pass in the payload via the user-controllable input after it has been established, because this socket client transmission does not have the appropriate restrictions or type bindings for the BinaryFormatter.

ghsa
#git
GHSA-f55g-x8qq-2569: CSV-Safe improperly filters special characters potentially leading to CSV injection

CSV-Safe gem < 3.0.0 doesn't filter out special characters which could trigger CSV Injection.

GHSA-f9p3-h6cg-2cjr: Improper neutralization of formula elements in yii-helpers

Formula Injection/CSV Injection due to Improper Neutralization of Formula Elements in CSV File in GitHub repository luyadev/yii-helpers prior to 1.2.1. Successful exploitation can lead to impacts such as client-sided command injection, code execution, or remote ex-filtration of contained confidential data.

GHSA-773h-w45w-f2f9: Denial of service vulnerability exists in libxmljs

libxmljs provides libxml bindings for v8 javascript engine. This affects all versions of package libxmljs. When invoking the libxmljs.parseXml function with a non-buffer argument the V8 code will attempt invoking the .toString method of the argument. If the argument's toString value is not a Function object V8 will crash.

GHSA-23wx-cgxq-vpwx: Prototype Pollution in dset

All versions of `dset` prior to 3.1.2 are vulnerable to Prototype Pollution via `dset/merge` mode, as the `dset` function checks for prototype pollution by validating if the top-level path contains `__proto__`, `constructor` or `prototype`. By crafting a malicious object, it is possible to bypass this check and achieve prototype pollution.

GHSA-7jvx-f994-rfw2: materialize-css vulnerable to cross-site Scripting (XSS) due to improper escape of user input

All versions of package materialize-css are vulnerable to Cross-site Scripting (XSS) due to improper escape of user input (such as &lt;not-a-tag /&gt;) that is being parsed as HTML/JavaScript, and inserted into the Document Object Model (DOM). This vulnerability can be exploited when the user-input is provided to the autocomplete component.

GHSA-4jrv-ppp4-jm57: Deserialization of Untrusted Data in Gson

The package `com.google.code.gson:gson` before 2.8.9 is vulnerable to Deserialization of Untrusted Data via the `writeReplace()` method in internal classes, which may lead to denial of service attacks.

GHSA-m2h2-264f-f486: angular vulnerable to regular expression denial of service (ReDoS)

AngularJS lets users write client-side web applications. The package angular after 1.7.0 is vulnerable to Regular Expression Denial of Service (ReDoS) by providing a custom locale rule that makes it possible to assign the parameter in posPre: ' '.repeat() of NUMBER_FORMATS.PATTERNS[1].posPre with a very high value. **Note:** 1. This package has been deprecated and is no longer maintained. 2. The vulnerable versions are 1.7.0 and higher.

GHSA-w39x-chvm-pj3c: Deserialization of Untrusted Data in com.bstek.ureport:ureport2-console

All versions of package com.bstek.ureport:ureport2-console are vulnerable to Remote Code Execution by connecting to a malicious database server, causing arbitrary file read and deserialization of local gadgets.

GHSA-rr33-j5p5-ppf8: GeoServer allows SSRF via the option for setting a proxy host

GeoServer through 2.18.5 and 2.19.x through 2.19.2 allows SSRF via the option for setting a proxy host.