GHSA-9rcw-c2f9-2j55: OpenZeppelin Contracts Bytes's lastIndexOf function with position argument performs out-of-bound memory access on empty buffers

GHSA-76c9-3jph-rj3q: on-headers is vulnerable to http response header manipulation

GHSA-fjgf-rc76-4x9p: Multer vulnerable to Denial of Service via unhandled exception from malformed request

GHSA-29cq-5w36-x7w3: Livewire is vulnerable to remote command execution during component property update hydration

GHSA-hfj7-542q-8fvv: DiracX-Web is vulnerable to attack through an Open Redirect on its login page

Mage AI allows remote unauthenticated attackers to leak the terminal server command history of arbitrary users.

**Mage AI allows remote unauthenticated attackers to leak the terminal server command history of arbitrary users**

Moderate severity GitHub Reviewed Published Aug 22, 2024 to the GitHub Advisory Database • Updated Aug 22, 2024

Headline

GHSA-cgrq-wvfj-v28j: Mage AI allows remote unauthenticated attackers to leak the terminal server command history of arbitrary users

ghsa: Latest News