Category Archives: Advisories

Re: typeorm CVE-2022-33171

Read Time:28 Second

Posted by Andrii Kostenko via Fulldisclosure on Aug 15

I found what I think is a vulnerability in the latest typeorm 0.3.7.
TypeORM v0.3 has a new findOneBy method instead of findOneById() and it is
the only way to get a record by id

Sending undefined as a value in this method removes this parameter from the
query. This leads to the data exposure.

For example:
Users.findOneBy({id: req.query.id}) with /?id=12345 produces SELECT * FROM
Users WHERE id=12345 LIMIT 1 while removing id from the query…

Read More

CVE-2020-23622

Read Time:12 Second

** UNSUPPORTED WHEN ASSIGNED ** An issue in the UPnP protocol in 4thline cling 2.0.0 through 2.1.2 allows remote attackers to cause a denial of service via an unchecked CALLBACK parameter in the request header.

Read More

CVE-2020-21365

Read Time:9 Second

Directory traversal vulnerability in wkhtmltopdf through 0.12.5 allows remote attackers to read local files and disclose sensitive information via a crafted html file running with the default configurations.

Read More

CVE-2020-21641

Read Time:11 Second

Out-of-Band XML External Entity (OOB-XXE) vulnerability in Zoho ManageEngine Analytics Plus before 4.3.5 allows remote attackers to read arbitrary files, enumerate folders and scan internal ports via crafted XML license file.

Read More

CVE-2020-21642

Read Time:7 Second

Directory Traversal vulnerability ZDBQAREFSUBDIR parameter in /zropusermgmt API in Zoho ManageEngine Analytics Plus before 4350 allows remote attackers to run arbitrary code.

Read More

qemu-6.2.0-14.fc36

Read Time:12 Second

FEDORA-2022-baf3c3b781

Packages in this update:

qemu-6.2.0-14.fc36

Update description:

lsi53c895a: Do not abort when DMA requested and no data queued (#552)
lsi53c895a: Fix use-after-free in lsi_do_msgout (CVE-2022-0216) (rhbz#2070902)

Read More