Security
Headlines
HeadlinesLatestCVEs

Tag

#git

CVE-2023-3297: GHSL-2023-139: Use After Free (UAF) in accountsservice - CVE-2023-3297

In Ubuntu's accountsservice an unprivileged local attacker can trigger a use-after-free vulnerability in accountsservice by sending a D-Bus message to the accounts-daemon process.

CVE
Open in Source
#vulnerability#ubuntu#git#auth
GHSA-h24c-6p6p-m3vx: tss-lib leaks secret keys in response to incorrectly constructed Paillier moduli

### Impact The specification of the GG18 threshold ECDSA signature protocol contains a vulnerability allowing an attacker to recover the shared secret key. If a participant generates a Paillier modulus `N` containing small factors (less than `2^100`) they can interact with other participants in the signing protocol to steal their secret key shares in as little as sixteen signing attempts. The master key can then be reconstructed from these shares. ### Patches The implementation of GG18 in tss-lib did not prove that `N` is biprime or that it doesn't contain small factors. The fixed implementation adds the following proofs from the CGGMP21 threshold ECDSA protocol to the key generation: - Paillier-Blum Modulus (`N` is the product of two primes) - No Small Factor (both factors of `N` are greater than `2^256`) These proofs apply to both the Paillier encryption modulus `N`, and the modulus `NTilde` used in MTA proofs. To address the issue in the resharing protocol, an additional round...

GHSA-f73w-4m7g-ch9x: Langchain vulnerable to arbitrary code execution via the evaluate function in the numexpr library

An issue in LanChain-ai Langchain v.0.0.245 allows a remote attacker to execute arbitrary code via the evaluate function in the numexpr library.

GHSA-8rv7-g772-pp3j: DataEase vulnerable to SQL injection

SQL injection vulnerability in DataEase v.1.18.9 allows a remote attacker to obtain sensitive information via a crafted string outside of the blacklist function.

CVE-2023-39631: Warn that evaluate() should not be used on user input · Issue #442 · pydata/numexpr

An issue in LanChain-ai Langchain v.0.0.245 allows a remote attacker to execute arbitrary code via the evaluate function in the numexpr library.

CVE-2023-4721: Fixed #2580 · gpac/gpac@3ec93d7

Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV.

CVE-2023-4720

Floating Point Comparison with Incorrect Operator in GitHub repository gpac/gpac prior to 2.3-DEV.

CVE-2023-4722: Fixed #2579 · gpac/gpac@de7f3a8

Integer Overflow or Wraparound in GitHub repository gpac/gpac prior to 2.3-DEV.

CVE-2020-22612: Version 1.8.22 - MyBB

Installer RCE on settings file write in MyBB before 1.8.22.

CVE-2023-36100: Vulnerabilities that allow arbitrary information traversal and modification by any user · Issue #15 · Thecosy/IceCMS

An issue was discovered in IceCMS version 2.0.1, allows attackers to escalate privileges and gain sensitive information via UserID parameter in api/User/ChangeUser.