#vulnerability

A denial of service vulnerability was found in keycloak where the amount of attributes per object is not limited,an attacker by sending repeated HTTP requests could cause a resource exhaustion when the application send back rows with long attribute values.

Proof of concept automation code to exploit a template injection vulnerability in GitHub repository sqlpad/sqlpad version prior to 6.10.1 that can result in remote code execution.

Ubuntu Security Notice 6997-1 - It was discovered that LibTIFF incorrectly handled memory. An attacker could possibly use this issue to cause the application to crash, resulting in a denial of service.

### Summary Unescaped entity property enables Javascript injection. ### Details I think this is possible because %source_label% in twig macro is not escaped. Therefore script tags can be inserted and are executed. ### PoC - clone example project https://github.com/DamienHarper/auditor-bundle-demo - create author with FullName <script>alert()</script> - delete author - view audit of authors - alert is displayed ### Impact persistent XSS. JS can be injected and executed.

### Impact body-parser <1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service. ### Patches this issue is patched in 1.20.3 ### References

For modern applications built on Kubernetes and microservices, platform engineering is not just about building functional systems but also about embedding security into the fabric of those systems.

Episode 3: On September 11, 2019, two cybersecurity professionals were arrested in Dallas County, Iowa and forced to spend the night in jail -- just for doing their jobs. Gary De Mercurio and Justin Wynn. Despite the criminal charges against them eventually being dropped, the saga that night five years ago continues to haunt De Mercurio and Wynn personally and professionally. In this episode, the pair and Coalfire's CEO Tom McAndrew share how the arrest and fallout has shaped their lives and careers as well as how it has transformed physical penetration tests for the cybersecurity industry as a whole.

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: SequenceManager Vulnerabilities: Unquoted Search Path or Element 2. RISK EVALUATION Successful exploitation of these vulnerabilities could cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of SequenceManager, a logix controller-based batch and sequencing solution, are affected: SequenceManager: Versions prior to 2.0 3.2 Vulnerability Overview 3.2.1 Unquoted Search Path or Element CWE-428 An input validation vulnerability exists in the affected products which could allow a malicious user to send malformed packets to the server and cause a denial-of-service condition. If exploited, the device would become unresponsive, and a manual restart will be required for recovery. Additionally, if exploited, there could be a loss of view for the downstream equipment sequences in the controller. Users would not be...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Viessmann Climate Solutions SE Equipment: Vitogate 300 Vulnerabilities: Use of Hard-coded Credentials, Forced Browsing, Command Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to achieve remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Viessmann Climate Solutions SE Vitogate 300, a solution to connecting boilers and heat pumps to a building management system, are affected: Viessmann Vitogate 300: Versions 2.1.3.0 and prior 3.2 Vulnerability Overview 3.2.1 Use of Hard-coded Credentials CWE-798 In Viessmann Vitogate 300 versions 2.1.3.0 and prior there is a vulnerability that affects the function isValidUser of the file /cgi-bin/vitogate.cgi of the component Web Management Interface. The manipulation leads to use of hard-coded password. CVE-2023-5222 has been ...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: iniNet Solutions GmbH Equipment: SpiderControl SCADA Web Server Vulnerabilities: Unrestricted Upload of File with Dangerous Type 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to log in or execute arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of SpiderControl, an HMI program, are affected: SpiderControl SCADA Web Server: Versions v2.09 and prior 3.2 Vulnerability Overview 3.2.1 Unrestricted Upload of File with Dangerous Type CWE-434 SpiderControl SCADA Web Server has a vulnerability that could allow an attacker to upload specially crafted malicious files without authentication. CVE-2024-8232 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N). A CVSS v4 score has also been calculated for CVE-202...