#nginx

gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption in the HPACK parser The unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client. The unbounded memory buffering bugs: - The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb. - HPACK varints have an encoding quirk whereby an infinite number of 0’s can be added at the start of an integer. gRPC’s hpack parser needed to read all of them before concluding a parse. - gRPC’s metadata overflow check was performed per frame, so ...

Wifi Soft Unibox Administration 3.0 and 3.1 is vulnerable to SQL Injection. The vulnerability occurs because of not validating or sanitizing the user input in the username field of the login page.

SEMCMS v1.5 was discovered to contain a SQL injection vulnerability via the id parameter at /Ant_Suxin.php.

copyparty is file server software. Prior to version 1.8.7, the application contains a reflected cross-site scripting via URL-parameter `?k304=...` and `?setck=...`. The worst-case outcome of this is being able to move or delete existing files on the server, or upload new files, using the account of the person who clicks the malicious link. It is recommended to change the passwords of one's copyparty accounts, unless one have inspected one's logs and found no trace of attacks. Version 1.8.7 contains a patch for the issue.

### Summary The application contains a reflected cross-site scripting via URL-parameter `?k304=...` and `?setck=...` ### Details A reflected cross-site scripting (XSS) vulnerability exists in the web interface of the application that could allow an attacker to execute malicious javascript code by tricking users into accessing a malicious link. The worst-case outcome of this is being able to move or delete existing files on the server, or upload new files, using the account of the person who clicks the malicious link. It is recommended to change the passwords of your copyparty accounts, unless you have inspected your logs and found no trace of attacks. ### Checking for exposure if copyparty is running behind a reverse proxy, you can check the access-logs for traces of attacks, by grepping for URLs containing `?hc=` with `<` somewhere in its value, for example using the following command: * nginx: ```bash (gzip -dc access.log*.gz; cat access.log) | sed -r 's/" [0-9]+ .*//' | grep...

### Summary The application contains a reflected cross-site scripting via URL-parameter `?hc=...` ### Details A reflected cross-site scripting (XSS) vulnerability exists in the web interface of the application that could allow an attacker to execute malicious javascript code by tricking users into accessing a malicious link. The worst-case outcome of this is being able to move or delete existing files on the server, or upload new files, using the account of the person who clicks the malicious link. It is recommended to change the passwords of your copyparty accounts, unless you have inspected your logs and found no trace of attacks. ### Checking for exposure if copyparty is running behind a reverse proxy, you can check the access-logs for traces of attacks, by grepping for URLs containing `?hc=` with `<` somewhere in its value, for example using the following command: * nginx: ```bash (gzip -dc access.log*.gz; cat access.log) | sed -r 's/" [0-9]+ .*//' | grep -E '[?&](hc|pw)=....

Wifi Soft Unibox Administration versions 3.0 and 3.1 suffer from a remote SQL injection vulnerability.

Tiva Events Calender version 1.4 suffers from a persistent cross site scripting vulnerability.

Based on Kata Containers, the Confidential Containers (CoCo) project is a community solution to enable hardware technologies for virtualized memory encryption in container environments through attestation. CoCo SEV enables an encrypted container launch feature by utilizing a remote key broker service to verify the guest measured environment before releasing the image decryption key during orchestration. This blog demonstrates how to prepare an EPYC™ CPU-powered machine for SEV and CoCo, how to install CoCo using a Kubernetes operator, and how to create an encrypted image and start a containe

Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode/local-mode-cache/backup world-readable temporary backup path to access sensitive information, resulting in the disclosure of all indexed node data, because OpenSearch credentials are exposed. (The data typically includes credentials for additional systems.) The attacker must wait for an admin to run the "chef-server-ctl reconfigure" command.