Read Time:7 Second
In affected versions of Octopus Deploy it is possible for a user to view Tagsets without being explicitly assigned permissions to view these items
Category Archives: Advisories
USN-5943-1: Thunderbird vulnerabilities
Read Time:1 Minute, 3 Second
Multiple security issues were discovered in Thunderbird. If a user were
tricked into opening a specially crafted website in a browsing context, an
attacker could potentially exploit these to cause a denial of service,
obtain sensitive information, bypass security restrictions, cross-site
tracing, or execute arbitrary code. (CVE-2023-0616, CVE-2023-25735,
CVE-2023-25737, CVE-2023-25739, CVE-2023-25729, CVE-2023-25742,
CVE-2023-25746)
Johan Carlsson discovered that Thunderbird did not properly implement CSP
policy on a header when using iframes. An attacker could potentially
exploits this to exfiltrate data. (CVE-2023-25728)
Irvan Kurniawan discovered that Thunderbird was not properly handling
background fullscreen scripts when the window goes into fullscreen mode.
An attacker could possibly use this issue to spoof the user and obtain
sensitive information. (CVE-2023-25730)
Christian Holler discovered that Thunderbird did not properly check the
Safe Bag attributes in PKCS 12 certificate bundle. An attacker could
possibly use this issue to write to arbitrary memory by sending malicious
PKCS 12 certificate. (CVE-2023-0767)
Ronald Crane discovered that Thunderbird did not properly check the size of
the input being encoded in xpcom. An attacker could possibly use this issue
to perform out of bound memory write operations. (CVE-2023-25732)
DSA-5372 rails – security update
Read Time:8 Second
Multiple vulnerabilities were discovered in rails, the Ruby based server-side
MVC web application framework, which could result in XSS, data disclosure
and open redirect.
CVE-2016-15028
Read Time:26 Second
A vulnerability was found in ICEPAY REST-API-NET 0.9. It has been declared as problematic. Affected by this vulnerability is the function RestClient of the file Classes/RestClient.cs of the component Checksum Validation. The manipulation leads to improper validation of integrity check value. The attack can be launched remotely. Upgrading to version 1.0 is able to address this issue. The name of the patch is 61f6b8758e5c971abff5f901cfa9f231052b775f. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-222847.
CVE-2021-46875
Read Time:9 Second
An issue was discovered in eZ Platform Ibexa Kernel before 1.3.1.1. An XSS attack can occur because JavaScript code can be uploaded in a .html or .js file.
CVE-2021-46876
Read Time:8 Second
An issue was discovered in eZ Publish Ibexa Kernel before 7.5.15.1. The /user/sessions endpoint can be abused to determine account existence.
Full Disclosure – Fastly
Read Time:22 Second
Posted by Andrey Stoykov on Mar 11
Correspondence from Fastly declined to comment regarding new discovered
vulnerabilities within their website.
Poor practices regarding password changes.
1. Reset user password
2. Access link sent
3. Temporary password sent plaintext
// HTTP POST request
POST /user/mwebsec%40gmail.com/password/request_reset HTTP/2
Host: api.fastly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0)
Gecko/20100101 Firefox/108.0
[…]
[…]…
Full Disclosure – Shopify Application
Read Time:21 Second
Posted by Andrey Stoykov on Mar 11
Correspondence from Shopify declined to comment regarding new discovered
vulnerabilities within their website.
Although ‘frontend’ vulnerabilities are considered out of scope,
person/tester foundhimself a beefy bugbounty from the same page that has
been listed below, including similar functionality that has not been tested
yet.
Two emails and several reports, the ‘hacker-1’ staff reject the bid for
findings.
Online Store…
CVE-2013-10021
Read Time:26 Second
A vulnerability was found in dd32 Debug Bar Plugin up to 0.8. It has been declared as problematic. Affected by this vulnerability is the function render of the file panels/class-debug-bar-queries.php. The manipulation leads to cross site scripting. The attack can be launched remotely. Upgrading to version 0.8.1 is able to address this issue. The name of the patch is 0842af8f8a556bc3e39b9ef758173b0a8a9ccbfc. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-222739.
CVE-2020-5002
Read Time:9 Second
IBM Financial Transaction Manager 3.2.0 through 3.2.10 could allow an authenticated user to perform unauthorized actions due to improper validation. IBM X-Force ID: 192954.