DEBIAN-CVE-2026-44301

Hugo is a static site generator. From 0.43 to before 0.161.0, when building a Hugo site that uses Node-based asset pipelines PostCSS, Babel, TailwindCSS, Hugo invoked the configured Node tools without restrictions on file system access. As a result, executing hugo against an untrusted site could...

Hugo 路径遍历漏洞

Hugo is a framework based on the Go language used by the Gohugoio community for quickly generating static websites. Versions of Hugo from 0.43 to 0.161.0 had a path traversal vulnerability. This vulnerability occurred due to the lack of restrictions on file system access when calling Node tools,...

EUVD-2021-24146

Malware in sbrugna...

CVE-2021-37588

In Charm 0.43, any two users can collude to achieve the ability to decrypt YCT14 data...

CVE-2021-37587

In Charm 0.43, any single user can decrypt DAC-MACS or MA-ABE-YJ14 data...

CVE-2021-37587

In Charm 0.43, any single user can decrypt DAC-MACS or MA-ABE-YJ14 data...

CVE-2021-37588

In Charm 0.43, any two users can collude to achieve the ability to decrypt YCT14 data...

Design/Logic Flaw

In Charm 0.43, any single user can decrypt DAC-MACS or MA-ABE-YJ14 data...

Design/Logic Flaw

In Charm 0.43, any two users can collude to achieve the ability to decrypt YCT14 data...

Charm 加密问题漏洞

Charm is Charm is a framework for rapidly prototyping advanced cryptosystems. Charm version 0.43 is vulnerable to a cryptographic issue. Exploiting this vulnerability source any two users can conspire to gain the ability to decrypt YCT14 data...

CVE-2021-37588

In Charm 0.43, any two users can collude to achieve the ability to decrypt YCT14 data...

PT-2021-21724 · Charm · Charm

Name of the Vulnerable Software and Affected Versions: Charm version 0.43 Description: The issue allows any two users to collude and gain the ability to decrypt YCT14 data. Recommendations: For Charm version 0.43, at the moment, there is no information about a newer version that contains a fix fo...

WordPress SermonBrowser Plugin 0.43 SQL Injection

No description provided by source. ?php if!$argv1 die Usage : php exploit.php site Example : php exploit.php http://site.com/wp/ ; printr Tilte......: WordPress SermonBrowser Plugin 0.43 SQL Injection Author.....: Ma3sTr0-Dz Date.......: 25-o4-2o11 Location ..: ALGERIA HoMe ......: wWw.sEc4EvEr.C...

Debian Security Advisory DSA 2523-1 (globus-gridftp-server)

The remote host is missing an update to globus-gridftp-server announced via advisory DSA 2523-1. OpenVAS Vulnerability Test $Id: deb25231.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2523-1 globus-gridftp-server Authors: Thomas Reinke Copyright: Copyrigh...

DSA-2523-1 globus-gridftp-server - programming error

Bulletin has no description...

WordPress Plugin Sermon Browser 0.43 - Cross-Site Scripting SQL Injection

WordPress Plugin Sermon Browser 0.43 - Cross-Site Scripting SQL Injection source: https://www.securityfocus.com/bid/47574/info The Sermon Browser plugin for WordPress is prone to a cross-site scripting vulnerability and an SQL-injection vulnerability because the application fails to sufficiently...

WordPress SermonBrowser Plugin 0.43 XSS / SQL Injection

alert0 FPD : http://site/wp/wp-content/plugins/sermon-browser/sermon.php -== Start ==- "; $t=array"dbusr"="user","dbver"="version","dbnam"="database","usrnm"="userlogin","passwd"="userpass"; function text2hex$string $hex = ''; $len = strlen$string ; for $i = 0; $i $y...

pst.advisory 2005-21: gxine remote exploitable . opensource is god .lol windows

gxine remote exploitable . opensource is god .lol windows www.ph4nt0m.org Systems affected: gxine 0.44 0.43 0.42 0.41 no affected no all exploitable 1:why: it is a http hostname format string vulnerability.. new firefox can run gxine in many linux DS... so very dangerous!!!!!!!!!!!!!!!!!! 2:tips:...

DEBIAN-CVE-2004-2486

The DSS verification code in Dropbear SSH Server before 0.43 frees uninitialized variables, which might allow remote attackers to gain access...