CVE-2024-23722

In Fluent Bit 2.1.8 through 2.2.1, a NULL pointer dereference can be caused via an invalid HTTP payload with the content type of x-www-form-urlencoded. It crashes and does not restart. This could result in logs not being delivered properly...

Insurance Management System PHP and MySQL 1.0 - Multiple Stored XSS

Exploit Title:Insurance Management System PHP and MySQL 1.0 - Multiple Stored XSS Date: 2024-02-08 Exploit Author: Hakkı TOKLU Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/16995/insurance-management-system-php-mysql.html Version: 1.0 Tested on:...

Slackware Linux 15.0 / current emacs Vulnerability (SSA:2024-084-01)

The version of emacs installed on the remote host is prior to 29.3. It is, therefore, affected by a vulnerability as referenced in the SSA:2024-084-01 advisory. - GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because...

CVE-2023-46840

Incorrect placement of a preprocessor directive in source code results in logic that doesn't operate as intended when support for HVM guests is compiled out of Xen...

CVE-2023-46840

Incorrect placement of a preprocessor directive in source code results in logic that doesn't operate as intended when support for HVM guests is compiled out of Xen...

CVE-2023-46840 VT-d: Failure to quarantine devices in !HVM builds

Incorrect placement of a preprocessor directive in source code results in logic that doesn't operate as intended when support for HVM guests is compiled out of Xen...

CVE-2023-46840

CVE-2023-46840 concerns Xen where an incorrect placement of a preprocessor directive in Xen source leads to logic that does not operate as intended when HVM guest support is compiled out. The vulnerability is described across multiple connected advisories (e.g., Nessus/OPENVAS entries and OSV/nvd...

Chirp Access Trust Management Issues Vulnerability

Chirp Systems Chirp Access is a feature or service from Chirp Systems that helps users access and manage their Chirp accounts. Chirp Access suffers from a trust management issue vulnerability that stems from storing credentials in its source code, which could expose sensitive information to an...

Hackers Claim Accessing 740GB of Data from Viber Messaging App

By Waqas Hackers claim to have breached Viber, stealing 740GB of data, including source code, and are now demanding ransom of 8 Bitcoin. This is a post from HackRead.com Read the original post: Hackers Claim Accessing 740GB of Data from Viber Messaging App...

CVE-2023-43292

Cross Site Scripting vulnerability in My Food Recipe Using PHP with Source Code v.1.0 allows a local attacker to execute arbitrary code via a crafted payload to the Recipe Name, Procedure, and ingredients parameters...

CVE-2023-43292

Cross Site Scripting vulnerability in My Food Recipe Using PHP with Source Code v.1.0 allows a local attacker to execute arbitrary code via a crafted payload to the Recipe Name, Procedure, and ingredients parameters...

CVE-2023-43292

Cross Site Scripting vulnerability in My Food Recipe Using PHP with Source Code v.1.0 allows a local attacker to execute arbitrary code via a crafted payload to the Recipe Name, Procedure, and ingredients parameters...

Cross site scripting

Cross Site Scripting vulnerability in My Food Recipe Using PHP with Source Code v.1.0 allows a local attacker to execute arbitrary code via a crafted payload to the Recipe Name, Procedure, and ingredients parameters...

CVE-2023-43292

Cross Site Scripting vulnerability in My Food Recipe Using PHP with Source Code v.1.0 allows a local attacker to execute arbitrary code via a crafted payload to the Recipe Name, Procedure, and ingredients parameters...

The vulnerability of the /login.php component of the user registration and login system, PHP-MYSQL-User-Login-System, allows a hacker to disclose protected information.

The vulnerability of the /login.php component of the PHP-MYSQL-User-Login-System registration and login system is related to the disclosure of information through the source code. Exploiting this vulnerability allows a malicious actor to disclose the protected information...

CVE-2023-43292

CVE-2023-43292 is a Cross-Site Scripting vulnerability in the web application "My Food Recipe Using PHP with Source Code" v1.0. Public sources describe that a crafted payload in the Recipe Name, Procedure, or ingredients parameters can allow a local attacker to execute arbitrary code. Multiple bu...

Russian Midnight Blizzard Hackers Breached Microsoft Source Code

By Deeba Ahmed Midnight Blizzard aka Cozy Bear and APT29 originally breached Microsoft on January 12, 2024. This is a post from HackRead.com Read the original post: Russian Midnight Blizzard Hackers Breached Microsoft Source Code...

CVE-2024-2355 keerti1924 Secret-Coder-PHP-Project secret_coder.sql inclusion of sensitive information in source code

A vulnerability has been found in keerti1924 Secret-Coder-PHP-Project 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /secretcoder.sql. The manipulation leads to inclusion of sensitive information in source code. The attack can be launched...

Russian Hackers Stole Microsoft Source Code—and the Attack Isn’t Over

Plus: An ex-Google engineer gets arrested for allegedly stealing trade secrets, hackers breach the top US cybersecurity agency, and X’s new feature exposes sensitive user data...

Microsoft Confirms Russian Hackers Stole Source Code, Some Customer Secrets

Microsoft on Friday revealed that the Kremlin-backed threat actor known as Midnight Blizzard aka APT29 or Cozy Bear managed to gain access to some of its source code repositories and internal systems following a hack that came to light in January 2024. "In recent weeks, we have seen evidence that...