Unknown

**Name of the Vulnerable Software and Affected Versions** Ultimate Member WordPress plugin versions prior to 2.6.7 **Description** The issue allows attackers to create user accounts with arbitrary capabilities, effectively enabling them to create administrator accounts at will. This is being actively exploited. The plugin has over 200,000 active installations. Attackers are setting the `wp capabilities` user meta value to gain administrator privileges and full access to vulnerable sites. Despite attempts to fix the issue in versions 2.6.3, 2.6.4, 2.6.5, and 2.6.6, ways to exploit it still exist. **Recommendations** For Ultimate Member WordPress plugin versions prior to 2.6.7, update to version 2.6.7 or later to resolve the issue. As a temporary workaround, consider removing the Ultimate Member plugin until a patch is available. Restrict access to the `wp capabilities` user meta value to minimize the risk of exploitation. If a site has already been compromised, removal of the plugin will not be sufficient to mitigate the risk; a full scan for malware and deactivation of malicious admin accounts is necessary.

**Name of the Vulnerable Software and Affected Versions** org.yaml:snakeyaml versions 0 through 1.30 **Description** The issue is related to a Denial of Service (DoS) vulnerability due to missing nested depth limitation for collections in the SnakeYAML library, which is used for serialization and deserialization of YAML documents. This vulnerability can be exploited by a remote attacker to cause a service disruption. **Recommendations** For versions 0 through 1.30, update to version 1.31 or later to resolve the issue. As a temporary workaround, consider restricting the use of the SnakeYAML library to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** com.alibaba:fastjson versions prior to 1.2.83 **Description** The vulnerability is related to the deserialization of untrusted data by bypassing the default autoType shutdown restrictions in the Fastjson library. This can be exploited under certain conditions, allowing attackers to execute remote code. The issue is associated with the AutoTypeCheck mechanism in Fastjson, which can lead to security problems during deserialization if the JSON is controlled by the user and AutoType is enabled. **Recommendations** For versions prior to 1.2.83, update to version 1.2.83 or later. As a temporary workaround, consider enabling safeMode, which disables the AutoType feature, effectively closing deserialization attack vectors.

**Name of the Vulnerable Software and Affected Versions** node-ipc versions 10.1.1 through 10.1.2 **Description** The issue concerns malicious code embedded in the node-ipc package, targeting users with IP addresses located in Russia or Belarus. This code overwrites files with a heart emoji. The package has around a million downloads per week and is used as a dependency by 354 packages, including vue-cli. All projects with node-ipc in their dependencies are also affected. The malicious code is activated with a 25% probability and affects systems with IP addresses from Russia or Belarus. **Recommendations** For node-ipc versions 10.1.1 through 10.1.2, update to version 10.1.3 or later to resolve the issue. As a temporary workaround, consider disabling the use of the node-ipc package until a patch is available. Restrict access to the node-ipc package to minimize the risk of exploitation. Avoid using the node-ipc package in projects that require high security standards until the issue is fully resolved.

**Name of the Vulnerable Software and Affected Versions** karma versions prior to 6.3.16 **Description** The issue is related to an Open Redirect vulnerability due to missing validation of the `return url` query parameter. This allows for potential redirection to unintended locations. **Recommendations** For versions prior to 6.3.16, update to version 6.3.16 or later to resolve the issue. As a temporary workaround, consider validating the `return url` query parameter to ensure it points to an intended location within the application. Restrict access to the `return url` parameter in the affected API endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** colors versions after 1.4.0 Faker.js (affected versions not specified) **Description** The issue is related to a Denial of Service (DoS) introduced through an infinite loop in the `americanFlag` module of the colors package. This appears to be a purposeful attempt by a maintainer to make the package unusable. The maintainer of Faker.js also deliberately removed functional code, making it unusable as well. **Recommendations** For colors versions after 1.4.0, pin the dependency to 1.4.0 as a temporary workaround. For Faker.js, consider using the forked functional code available at https://github.com/faker-js/faker as an alternative. At the moment, there is no information about a newer version that contains a fix for this issue in Faker.js.

**Name of the Vulnerable Software and Affected Versions** handsontable versions 0 through 10.0.0 (excluding 10.0.0) **Description** The issue concerns a Regular Expression Denial of Service (ReDoS) in the `Handsontable.helper.isNumeric` function. This affects the handsontable package, making it vulnerable to denial of service attacks due to inefficient regular expression handling. **Recommendations** For handsontable versions 0 through 10.0.0 (excluding 10.0.0), update to version 10.0.0 or later to resolve the issue. As a temporary workaround, consider disabling the `Handsontable.helper.isNumeric` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** node-static (affected versions not specified) @nubosoftware/node-static (affected versions not specified) **Description** The software does not properly handle user input containing null bytes. This can allow attackers to access `http://host/%00` and cause the server to crash. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** glances versions prior to 3.2.1 **Description** The issue is related to the incorrect restriction of XML links to external objects, which can be exploited by a remote attacker to gain access to confidential data, disrupt its integrity, and cause a denial of service. The vulnerability is due to the use of Fault to parse untrusted XML data, making it susceptible to XML External Entity (XXE) Injection attacks. **Recommendations** For glances versions prior to 3.2.1, update to version 3.2.1 or later to resolve the issue. As a temporary workaround, consider restricting the use of the Fault component to parse untrusted XML data until a patch is available. Avoid using the `Fault` function to parse untrusted XML data in the affected API endpoints until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** launchpad versions all **Description** The issue concerns Command Injection via the stop function. **Recommendations** For all versions, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** DaView Indy (affected versions not specified) DaVa+ (affected versions not specified) DaOffice (affected versions not specified) **Description** A vulnerability in the JPEG image parsing module could allow an unauthenticated, remote attacker to cause arbitrary code execution on an affected device. The issue is due to a stack overflow read. An attacker could exploit this by sending a crafted PDF file to an affected device. **Recommendations** For DaView Indy, update to a version that fixes the stack overflow read issue in the JPEG image parsing module. For DaVa+, update to a version that fixes the stack overflow read issue in the JPEG image parsing module. For DaOffice, update to a version that fixes the stack overflow read issue in the JPEG image parsing module. As a temporary workaround, consider restricting the handling of crafted PDF files until a patch is available.